Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Xs04eyuQF88e4h0BwM4gDKmHRGQ.roa
File: Xs04eyuQF88e4h0BwM4gDKmHRGQ.roa (raw, json)
Hash identifier: ZXciNkWdfQyNsOmuLh5BcAAFmXS7E3lnQ9oeQbiZ530=
Subject key identifier: 5E:CD:38:7B:2B:90:17:CF:1E:E2:1D:01:C0:CE:20:0C:A9:87:44:64
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC8020959E18653F63E82261203D73A72
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Xs04eyuQF88e4h0BwM4gDKmHRGQ.roa
Signing time: Tue 02 Jan 2024 02:30:25 +0000
ROA not before: Tue 02 Jan 2024 02:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.224.0/20 maxlen: 20
2.63.144.0/20 maxlen: 20
176.211.120.0/22 maxlen: 22
2.63.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 06 Mar 2024 06:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:09:59:e1:86:53:f6:3e:82:26:12:03:d7:3a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ecd387b2b9017cf1ee21d01c0ce200ca9874464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1f:b4:81:4d:6b:e6:c7:5f:c0:be:80:e4:39:
5b:43:40:97:6f:b7:c6:69:9a:1b:ea:98:4c:5f:17:
d2:94:6f:5f:34:85:be:d1:69:43:e3:a4:36:c3:a9:
78:f7:83:f0:4e:37:4f:d8:d2:53:8f:08:4c:3a:7d:
46:0f:8b:84:c1:76:6a:52:89:2c:ec:2e:50:49:61:
01:8e:48:18:e9:27:d6:3b:f8:fd:2e:5e:1b:97:c5:
2d:2b:08:23:65:30:8d:50:eb:4e:ea:8d:3b:b7:e7:
a4:06:34:eb:4f:35:12:e3:2d:b2:44:fd:df:a2:ba:
bc:66:c2:f1:c3:48:09:c9:37:af:4e:f8:26:ef:fa:
a9:c9:d6:9f:05:09:75:a2:e5:4b:5a:25:95:e8:6e:
02:0d:2a:3a:65:b1:3c:f3:b3:1f:41:79:5c:3a:74:
6d:ac:90:a7:c4:e9:08:ab:33:4b:fb:9b:53:2b:9b:
c7:34:9d:5e:8d:05:a3:32:ab:28:cb:b0:27:15:e0:
1d:b6:e7:34:78:47:40:e4:94:21:ba:85:9f:77:8e:
cd:df:b0:52:d0:94:df:24:50:b4:88:17:bd:63:14:
3b:73:d0:2a:08:37:cc:62:7b:76:e0:f4:37:ec:45:
5a:24:37:91:ef:4e:28:da:ba:dd:b8:08:53:24:6b:
87:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CD:38:7B:2B:90:17:CF:1E:E2:1D:01:C0:CE:20:0C:A9:87:44:64
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Xs04eyuQF88e4h0BwM4gDKmHRGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
176.211.120.0/22
Signature Algorithm: sha256WithRSAEncryption
23:fe:f9:77:28:60:44:7d:28:91:aa:10:8d:c7:61:93:28:19:
36:75:d2:f2:a7:22:56:4d:b8:ba:26:59:2b:c4:6c:44:f8:64:
08:df:90:ba:e6:53:5e:b2:75:c1:91:8f:9b:78:9f:62:e7:f3:
aa:41:2a:2c:21:80:06:bd:40:99:8b:17:57:c1:4f:a8:15:49:
4b:0f:ea:bb:2e:31:2c:d8:98:39:78:7a:6b:19:10:0d:af:e4:
18:e0:41:a3:4f:c4:50:68:30:24:6d:da:25:6d:9d:9f:b9:55:
ca:2b:b4:66:63:23:25:9b:a6:c1:0e:c3:aa:9c:61:1b:68:17:
c7:38:82:aa:4a:26:71:4b:b8:95:49:46:8f:38:db:a2:bc:17:
1e:70:58:26:39:61:81:6f:82:91:87:fd:cf:be:af:aa:de:37:
33:0f:d8:2f:b8:c1:88:2b:e3:2c:9a:a8:f0:33:de:cb:15:de:
b5:62:38:c6:07:91:24:2f:c8:ca:a5:ac:e0:e2:63:69:4b:81:
af:13:25:47:b2:f1:07:71:e1:05:34:4d:f7:59:de:5a:7c:9e:
9e:b3:9a:87:ec:0f:12:b8:6a:a5:3b:37:ce:fe:2a:5a:1a:b7:
12:30:44:5e:d4:01:34:64:9c:74:8f:53:87:f5:f6:fc:07:6e:
65:ae:82:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAglZ4YZT9j6CJhID1zpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNkMzg3YjJiOTAxN2NmMWVlMjFkMDFjMGNlMjAwY2E5ODc0NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh+0gU1r5sdfwL6A5DlbQ0CXb7fG
aZob6phMXxfSlG9fNIW+0WlD46Q2w6l494PwTjdP2NJTjwhMOn1GD4uEwXZqUoks
7C5QSWEBjkgY6SfWO/j9Ll4bl8UtKwgjZTCNUOtO6o07t+ekBjTrTzUS4y2yRP3f
orq8ZsLxw0gJyTevTvgm7/qpydafBQl1ouVLWiWV6G4CDSo6ZbE887MfQXlcOnRt
rJCnxOkIqzNL+5tTK5vHNJ1ejQWjMqsoy7AnFeAdtuc0eEdA5JQhuoWfd47N37BS
0JTfJFC0iBe9YxQ7c9AqCDfMYnt24PQ37EVaJDeR704o2rrduAhTJGuHrQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF7NOHsrkBfPHuIdAcDOIAyph0RkMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWHMwNGV5dVFGODhlNGgwQndNNGdES21IUkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEAj+QAwQE
Aj+wAwQEAj/gAwQCsNN4MA0GCSqGSIb3DQEBCwUAA4IBAQAj/vl3KGBEfSiRqhCN
x2GTKBk2ddLypyJWTbi6JlkrxGxE+GQI35C65lNesnXBkY+beJ9i5/OqQSosIYAG
vUCZixdXwU+oFUlLD+q7LjEs2Jg5eHprGRANr+QY4EGjT8RQaDAkbdolbZ2fuVXK
K7RmYyMlm6bBDsOqnGEbaBfHOIKqSiZxS7iVSUaPONuivBcecFgmOWGBb4KRh/3P
vq+q3jczD9gvuMGIK+MsmqjwM97LFd61YjjGB5EkL8jKpazg4mNpS4GvEyVHsvEH
ceEFNE33Wd5afJ6es5qH7A8SuGqlOzfO/ipaGrcSMERe1AE0ZJx0j1OH9fb8B25l
roKK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:25 2024 by rpki-client on console-ams.rpki-client.org