Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/xWG4HMaiaGXnLs24T7DFahg-Hzg.roa
File: xWG4HMaiaGXnLs24T7DFahg-Hzg.roa (raw, json)
Hash identifier: h9iNnSr3BgNfcF4N5eYfBeHK1b8yJXV/8D0JvPHwk/4=
Subject key identifier: C5:61:B8:1C:C6:A2:68:65:E7:2E:CD:B8:4F:B0:C5:6A:18:3E:1F:38
Certificate issuer: /CN=dc7d8ed98443de6c688d174f1f0055be4de182a1
Certificate serial: 01856E38E2BDC3E468DF38C9198A0B424DE8
Authority key identifier: DC:7D:8E:D9:84:43:DE:6C:68:8D:17:4F:1F:00:55:BE:4D:E1:82:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/xWG4HMaiaGXnLs24T7DFahg-Hzg.roa
Signing time: Sun 01 Jan 2023 16:44:59 +0000
ROA not before: Sun 01 Jan 2023 16:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197831
IP address blocks: 91.234.80.0/22 maxlen: 22
91.228.31.0/24 maxlen: 24
91.228.30.0/24 maxlen: 24
91.228.30.0/23 maxlen: 23
176.104.120.0/21 maxlen: 21
91.244.80.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:e2:bd:c3:e4:68:df:38:c9:19:8a:0b:42:4d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7d8ed98443de6c688d174f1f0055be4de182a1
Validity
Not Before: Jan 1 16:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c561b81cc6a26865e72ecdb84fb0c56a183e1f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:31:d2:d8:fe:7f:59:e5:03:0d:c1:1f:24:49:
eb:c7:9a:ed:83:b6:cf:4c:1d:25:d7:b6:5b:25:83:
6a:95:47:33:88:4e:86:d4:9a:86:df:44:00:86:ec:
f7:bf:57:b6:f0:4b:8c:2f:af:e7:2b:53:9e:42:a7:
c7:2d:5d:df:c9:4d:de:39:23:a3:2a:e9:bd:b2:bf:
b8:83:6d:43:de:e8:2b:29:37:3f:55:a9:1d:21:f3:
d0:64:29:e9:1d:fc:ea:64:74:c5:98:e0:9c:0e:d5:
70:df:d4:ec:ad:aa:6d:fa:fa:41:5f:a1:d5:fe:d3:
f6:88:c2:30:e5:8e:5b:97:ec:ef:2a:51:80:99:ed:
d6:ff:8a:ec:11:8e:81:3f:04:2b:a2:e6:d2:e2:61:
22:aa:9c:cb:5c:33:18:b2:e9:dd:07:74:2b:77:52:
82:08:86:c1:4f:93:94:62:a5:c9:a3:c0:37:c7:eb:
a5:39:f6:55:1e:c8:38:41:83:c4:d3:4c:20:5e:80:
72:87:88:95:d7:54:65:a7:f4:8a:7f:0a:81:b7:1a:
ef:6e:c2:3b:c6:26:8c:d1:82:e3:dc:14:ce:eb:fe:
19:cc:a2:12:2e:2f:2e:59:ea:e5:23:bc:19:79:ee:
b8:57:db:88:d5:58:1c:79:bc:2c:0d:ae:03:9d:f0:
e4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:61:B8:1C:C6:A2:68:65:E7:2E:CD:B8:4F:B0:C5:6A:18:3E:1F:38
X509v3 Authority Key Identifier:
keyid:DC:7D:8E:D9:84:43:DE:6C:68:8D:17:4F:1F:00:55:BE:4D:E1:82:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3H2O2YRD3mxojRdPHwBVvk3hgqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/xWG4HMaiaGXnLs24T7DFahg-Hzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/9a6d83-5c2f-42be-8d76-b802052832cf/1/3H2O2YRD3mxojRdPHwBVvk3hgqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.30.0/23
91.234.80.0/22
91.244.80.0/20
176.104.120.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:b6:9d:17:01:d2:d6:be:87:bc:43:30:7e:7d:66:94:f0:54:
ba:8f:b4:85:46:5e:f6:6e:23:7b:c9:49:b4:60:a0:f7:56:e2:
2b:66:9a:c4:a1:e6:5c:8b:42:18:ec:72:a2:59:f5:5f:e6:71:
15:f2:de:04:b3:91:f1:36:67:73:b3:57:4f:07:3c:f4:c7:b1:
4a:5a:9a:49:77:e8:fa:75:4b:38:0c:6f:43:91:6c:6f:38:df:
a6:1b:e1:25:a0:89:1d:a0:25:ae:ca:17:d7:6b:43:0e:d9:e2:
af:0b:01:32:85:db:e9:ab:31:b4:d6:f0:e8:3a:c5:c5:76:95:
10:7b:04:c2:d8:24:ad:90:66:82:93:c4:81:4c:b2:b4:64:36:
86:4b:34:d4:9e:f7:78:1c:73:8d:14:e7:0e:98:e3:b1:61:60:
ae:f6:bc:66:d5:91:d1:0a:7d:91:3e:8c:3b:0c:ce:8d:3f:86:
83:d6:44:fb:81:3e:49:5a:c8:0a:dc:50:78:e9:1b:e1:43:2f:
01:00:15:92:f3:d4:4c:a2:94:7b:48:97:5e:18:d2:ef:80:b1:
3b:35:34:fe:03:f4:8f:13:bc:28:b6:77:e5:3b:32:c3:50:ac:
39:54:10:39:1d:c1:3e:b0:d2:98:37:25:17:f0:e4:3c:10:5c:
b2:54:c9:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuOOK9w+Ro3zjJGYoLQk3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjN2Q4ZWQ5ODQ0M2RlNmM2ODhkMTc0ZjFmMDA1NWJlNGRl
MTgyYTEwHhcNMjMwMTAxMTY0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTYxYjgxY2M2YTI2ODY1ZTcyZWNkYjg0ZmIwYzU2YTE4M2UxZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzHS2P5/WeUDDcEfJEnrx5rtg7bP
TB0l17ZbJYNqlUcziE6G1JqG30QAhuz3v1e28EuML6/nK1OeQqfHLV3fyU3eOSOj
Kum9sr+4g21D3ugrKTc/VakdIfPQZCnpHfzqZHTFmOCcDtVw39Tsrapt+vpBX6HV
/tP2iMIw5Y5bl+zvKlGAme3W/4rsEY6BPwQroubS4mEiqpzLXDMYsundB3Qrd1KC
CIbBT5OUYqXJo8A3x+ulOfZVHsg4QYPE00wgXoByh4iV11Rlp/SKfwqBtxrvbsI7
xiaM0YLj3BTO6/4ZzKISLi8uWerlI7wZee64V9uI1VgcebwsDa4DnfDk9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMVhuBzGomhl5y7NuE+wxWoYPh84MB8GA1UdIwQY
MBaAFNx9jtmEQ95saI0XTx8AVb5N4YKhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0gyTzJZUkQzbXhvalJkUEh3QlZ2azNoZ3FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85YTZkODMtNWMyZi00MmJlLThkNzYt
YjgwMjA1MjgzMmNmLzEveFdHNEhNYWlhR1huTHMyNFQ3REZhaGctSHpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85YTZkODMtNWMyZi00MmJlLThkNzYtYjgwMjA1MjgzMmNm
LzEvM0gyTzJZUkQzbXhvalJkUEh3QlZ2azNoZ3FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+QeAwQC
W+pQAwQEW/RQAwQDsGh4MA0GCSqGSIb3DQEBCwUAA4IBAQCNtp0XAdLWvoe8QzB+
fWaU8FS6j7SFRl72biN7yUm0YKD3VuIrZprEoeZci0IY7HKiWfVf5nEV8t4Es5Hx
Nmdzs1dPBzz0x7FKWppJd+j6dUs4DG9DkWxvON+mG+EloIkdoCWuyhfXa0MO2eKv
CwEyhdvpqzG01vDoOsXFdpUQewTC2CStkGaCk8SBTLK0ZDaGSzTUnvd4HHONFOcO
mOOxYWCu9rxm1ZHRCn2RPow7DM6NP4aD1kT7gT5JWsgK3FB46RvhQy8BABWS89RM
opR7SJdeGNLvgLE7NTT+A/SPE7wotnflOzLDUKw5VBA5HcE+sNKYNyUX8OQ8EFyy
VMk+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:00 2024 by rpki-client on console-fra.rpki-client.org