Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/XWd-rGU_XyQY4_uXtgPBb6GWLMY.roa
File: XWd-rGU_XyQY4_uXtgPBb6GWLMY.roa (raw, json)
Hash identifier: TrivnVXcPDJmtOag8jo5OH0BsPpsicV9MU5Bbb9smuw=
Subject key identifier: 5D:67:7E:AC:65:3F:5F:24:18:E3:FB:97:B6:03:C1:6F:A1:96:2C:C6
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018C7D7CE5F73B90DDDB10960FE0DEB5C745
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/XWd-rGU_XyQY4_uXtgPBb6GWLMY.roa
Signing time: Mon 18 Dec 2023 15:13:06 +0000
ROA not before: Mon 18 Dec 2023 15:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49449
IP address blocks: 185.18.96.0/22 maxlen: 22
188.123.64.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:7c:e5:f7:3b:90:dd:db:10:96:0f:e0:de:b5:c7:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Dec 18 15:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d677eac653f5f2418e3fb97b603c16fa1962cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:53:f9:d9:71:7f:d6:e2:7e:11:1c:b1:88:0c:
24:25:a9:38:8c:45:4c:17:35:0b:96:06:e6:4d:75:
4d:bc:5a:b0:5d:c3:f0:dc:bd:35:79:e4:5f:31:bd:
f8:35:31:f4:84:ad:ed:32:07:ed:d7:37:4f:e3:76:
c7:64:09:76:1a:f6:10:c8:7c:49:cd:d7:2a:6c:a2:
2b:ef:be:b2:2d:66:df:ed:fd:3f:d0:a5:31:f1:dd:
99:fc:35:e6:bc:aa:00:99:d6:60:18:33:55:0f:11:
e4:e5:60:25:f4:e9:15:d0:95:ab:eb:bd:20:89:89:
a9:1f:89:a5:de:4a:da:10:88:00:8d:af:af:04:36:
f8:35:cd:38:41:a4:6e:61:6f:04:24:ad:75:12:dc:
cb:e0:b9:e7:73:ba:6e:43:66:75:b1:5a:73:df:2e:
5b:b4:af:50:63:1b:85:50:ad:0b:a4:cd:c9:91:8a:
a6:7d:e7:d8:ba:4b:92:3d:1c:17:d0:27:4e:04:d5:
79:0f:91:d6:33:b8:d0:6a:63:d2:d5:84:12:dd:ac:
d9:8e:31:ed:4b:0e:6b:25:22:aa:51:0f:9d:22:af:
b6:a2:1a:24:f9:58:82:74:7f:82:ab:76:f6:48:94:
8f:56:ef:e6:86:4d:d5:38:95:3e:a8:d5:7b:de:bd:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:67:7E:AC:65:3F:5F:24:18:E3:FB:97:B6:03:C1:6F:A1:96:2C:C6
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/XWd-rGU_XyQY4_uXtgPBb6GWLMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.96.0/22
188.123.64.0/19
Signature Algorithm: sha256WithRSAEncryption
88:39:e9:d5:59:dc:51:01:f1:c0:39:97:b4:6d:50:a7:a2:8c:
03:06:1a:af:0c:c2:a6:74:0e:c6:d3:2d:fc:bc:3c:bc:58:e5:
e7:a9:48:6d:65:3a:77:4f:74:b8:75:f8:13:63:6e:e6:5e:48:
95:29:53:92:3e:b2:7b:41:1e:e1:8c:99:c2:6c:3b:c4:d3:29:
21:8b:a8:0c:57:bf:44:0d:29:d6:72:d1:19:ad:5a:c6:e5:87:
7a:e7:51:19:31:5f:ad:6c:e7:47:12:48:80:23:9b:e1:b8:a0:
7c:d9:bd:c5:d3:ca:42:1c:06:28:e9:f1:42:ba:2d:73:1c:ac:
bf:e6:57:4c:30:fb:79:6e:4c:53:5d:5f:be:db:d6:56:f1:61:
b0:53:f5:9d:53:be:c0:95:ae:c7:2c:a0:e4:53:01:b4:5e:d9:
bf:07:89:ac:2f:c2:42:4f:41:1d:6c:cd:5f:9d:68:83:5d:df:
c9:6a:7a:66:71:1c:de:f2:e3:84:ca:c7:23:00:69:77:6f:6f:
b0:77:01:41:08:32:d6:83:a2:f2:b1:dd:d0:5a:7e:d5:05:13:
5d:ca:6a:24:83:6f:48:f0:c3:a7:bd:be:c6:26:ae:8d:59:8c:
c2:38:ae:82:75:db:fe:7c:75:fa:c8:3d:56:49:d6:a8:1f:4b:
df:39:dd:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYx9fOX3O5Dd2xCWD+DetcdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMxMjE4MTUxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY3N2VhYzY1M2Y1ZjI0MThlM2ZiOTdiNjAzYzE2ZmExOTYyY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFP52XF/1uJ+ERyxiAwkJak4jEVM
FzULlgbmTXVNvFqwXcPw3L01eeRfMb34NTH0hK3tMgft1zdP43bHZAl2GvYQyHxJ
zdcqbKIr776yLWbf7f0/0KUx8d2Z/DXmvKoAmdZgGDNVDxHk5WAl9OkV0JWr670g
iYmpH4ml3kraEIgAja+vBDb4Nc04QaRuYW8EJK11EtzL4Lnnc7puQ2Z1sVpz3y5b
tK9QYxuFUK0LpM3JkYqmfefYukuSPRwX0CdOBNV5D5HWM7jQamPS1YQS3azZjjHt
Sw5rJSKqUQ+dIq+2ohok+ViCdH+Cq3b2SJSPVu/mhk3VOJU+qNV73r1xzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1nfqxlP18kGOP7l7YDwW+hlizGMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvWFdkLXJHVV9YeVFZNF91WHRnUEJiNkdXTE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRJgAwQF
vHtAMA0GCSqGSIb3DQEBCwUAA4IBAQCIOenVWdxRAfHAOZe0bVCnoowDBhqvDMKm
dA7G0y38vDy8WOXnqUhtZTp3T3S4dfgTY27mXkiVKVOSPrJ7QR7hjJnCbDvE0ykh
i6gMV79EDSnWctEZrVrG5Yd651EZMV+tbOdHEkiAI5vhuKB82b3F08pCHAYo6fFC
ui1zHKy/5ldMMPt5bkxTXV++29ZW8WGwU/WdU77Ala7HLKDkUwG0Xtm/B4msL8JC
T0EdbM1fnWiDXd/JanpmcRze8uOEyscjAGl3b2+wdwFBCDLWg6Lysd3QWn7VBRNd
ymokg29I8MOnvb7GJq6NWYzCOK6Cddv+fHX6yD1WSdaoH0vfOd1P
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:04 2024 by rpki-client on console-ams.rpki-client.org