Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/XlVpqa8B7tx7KYDr4kndQKcR_8U.roa
File: XlVpqa8B7tx7KYDr4kndQKcR_8U.roa (raw, json)
Hash identifier: J7bry+5tPvUHurxDvEXeRZJqXm/EviTAQDy5falDTTo=
Subject key identifier: 5E:55:69:A9:AF:01:EE:DC:7B:29:80:EB:E2:49:DD:40:A7:11:FF:C5
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 018CC7933C2E5CC0E13EFB146BF3276245A5
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/XlVpqa8B7tx7KYDr4kndQKcR_8U.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.137.56.0/22 maxlen: 22
185.143.140.0/22 maxlen: 22
185.174.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 10 Apr 2024 07:25:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3c:2e:5c:c0:e1:3e:fb:14:6b:f3:27:62:45:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e5569a9af01eedc7b2980ebe249dd40a711ffc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ba:b8:4c:44:b4:9f:bb:08:68:27:ad:ce:1a:
40:2c:2b:a0:79:0b:a5:07:64:40:d0:85:a9:7d:a3:
8a:e5:6b:89:d2:8e:1f:a4:0c:c0:0c:1d:0f:13:9c:
70:e8:8f:a3:4e:16:aa:df:a0:6e:ac:20:71:e0:3a:
1a:ca:70:6e:8b:ed:90:13:4e:45:48:84:24:18:34:
e5:50:37:58:f4:5c:f5:4e:29:bf:d1:39:fa:da:67:
3b:42:d4:c3:03:2d:59:51:29:0d:29:75:fd:85:8a:
83:e9:48:82:1e:d0:b8:b3:94:d0:05:f1:b7:33:0a:
2e:f7:ea:26:19:aa:29:30:3b:0b:57:48:b2:f0:6e:
b4:dc:99:3b:8d:94:94:2a:cf:6d:b9:d6:ff:26:d2:
d7:b6:b0:fb:13:eb:e8:2a:86:cd:8e:6a:11:c2:70:
32:29:32:8c:12:2d:79:ea:f5:ee:a2:1e:86:87:a0:
58:e9:3f:b9:4a:a9:1f:31:f2:f3:4c:52:8c:5c:6d:
a4:2f:43:3d:14:15:fc:fc:99:37:45:18:fc:84:56:
8b:1b:2c:33:fd:9a:47:b7:60:95:6e:b4:81:40:88:
fd:f1:e1:97:8e:e9:76:a4:56:6f:b6:12:92:bc:fa:
62:63:a4:2a:3e:64:3b:c3:bb:47:a4:42:14:8a:d4:
ec:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:55:69:A9:AF:01:EE:DC:7B:29:80:EB:E2:49:DD:40:A7:11:FF:C5
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/XlVpqa8B7tx7KYDr4kndQKcR_8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.56.0/22
185.143.140.0/22
185.174.212.0/23
Signature Algorithm: sha256WithRSAEncryption
81:14:fa:d3:01:f5:cc:41:2d:15:18:f2:f1:17:8a:02:39:ea:
96:2b:9c:43:66:12:70:ad:77:b0:e5:d9:0a:95:6d:6b:ac:e9:
7b:df:15:fc:16:96:92:23:c0:d8:bb:d4:50:e3:dc:45:a2:a8:
01:6b:3c:a2:7d:c0:fb:50:f0:0f:7f:e5:e2:dd:e2:d0:3c:ae:
f6:37:0c:3e:a2:00:42:41:e3:cc:6d:56:af:0d:7f:a0:6b:f4:
c7:21:6a:c2:e2:77:a4:02:8c:ff:06:b3:90:16:27:93:75:7d:
5f:61:63:ab:58:fe:81:7b:a7:bf:c8:0a:91:e7:e3:1a:b3:dc:
89:05:cd:59:e5:6a:68:1c:23:af:6b:1d:8d:82:3b:74:87:4a:
bf:4f:ff:48:42:65:62:f9:d4:38:50:05:a0:e7:c8:c2:ee:22:
d2:f8:ae:3f:cf:36:5a:0c:a6:49:c0:dc:32:82:35:83:f3:c5:
fc:c3:ef:b6:be:91:28:2d:a8:16:b6:4e:77:68:bf:52:86:14:
81:fa:de:53:23:ba:8c:23:97:98:6c:3d:3d:a7:97:85:b8:ca:
8f:40:30:e1:d9:ba:11:e9:1d:00:0e:44:a2:67:e1:26:9d:32:
2b:3c:38:2b:e5:27:6f:2a:f3:c7:85:09:94:4c:ee:cf:db:77:
ff:89:37:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHkzwuXMDhPvsUa/MnYkWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU1NjlhOWFmMDFlZWRjN2IyOTgwZWJlMjQ5ZGQ0MGE3MTFmZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbq4TES0n7sIaCetzhpALCugeQul
B2RA0IWpfaOK5WuJ0o4fpAzADB0PE5xw6I+jThaq36BurCBx4DoaynBui+2QE05F
SIQkGDTlUDdY9Fz1Tim/0Tn62mc7QtTDAy1ZUSkNKXX9hYqD6UiCHtC4s5TQBfG3
Mwou9+omGaopMDsLV0iy8G603Jk7jZSUKs9tudb/JtLXtrD7E+voKobNjmoRwnAy
KTKMEi156vXuoh6Gh6BY6T+5SqkfMfLzTFKMXG2kL0M9FBX8/Jk3RRj8hFaLGywz
/ZpHt2CVbrSBQIj98eGXjul2pFZvthKSvPpiY6QqPmQ7w7tHpEIUitTsiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF5VaamvAe7ceymA6+JJ3UCnEf/FMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvWGxWcHFhOEI3dHg3S1lEcjRrbmRRS2NSXzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYk4AwQC
uY+MAwQBua7UMA0GCSqGSIb3DQEBCwUAA4IBAQCBFPrTAfXMQS0VGPLxF4oCOeqW
K5xDZhJwrXew5dkKlW1rrOl73xX8FpaSI8DYu9RQ49xFoqgBazyifcD7UPAPf+Xi
3eLQPK72Nww+ogBCQePMbVavDX+ga/THIWrC4nekAoz/BrOQFieTdX1fYWOrWP6B
e6e/yAqR5+Mas9yJBc1Z5WpoHCOvax2Ngjt0h0q/T/9IQmVi+dQ4UAWg58jC7iLS
+K4/zzZaDKZJwNwygjWD88X8w++2vpEoLagWtk53aL9ShhSB+t5TI7qMI5eYbD09
p5eFuMqPQDDh2boR6R0ADkSiZ+EmnTIrPDgr5SdvKvPHhQmUTO7P23f/iTdd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org