Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/XPQDjPLPdBoEIlluaPYwAhrKE28.roa
File: XPQDjPLPdBoEIlluaPYwAhrKE28.roa (raw, json)
Hash identifier: 2Dway73isuOppFN8PxigjNw4xObftDL1Cnicqv3vrdw=
Subject key identifier: 5C:F4:03:8C:F2:CF:74:1A:04:22:59:6E:68:F6:30:02:1A:CA:13:6F
Certificate issuer: /CN=5acb3089461e1f5f8984b7742c89bb68f1b88c12
Certificate serial: 018570B98137654B06DA7F5F0DF414F3B961
Authority key identifier: 5A:CB:30:89:46:1E:1F:5F:89:84:B7:74:2C:89:BB:68:F1:B8:8C:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsswiUYeH1-JhLd0LIm7aPG4jBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/XPQDjPLPdBoEIlluaPYwAhrKE28.roa
Signing time: Mon 02 Jan 2023 04:24:43 +0000
ROA not before: Mon 02 Jan 2023 04:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41585
IP address blocks: 194.9.124.0/23 maxlen: 23
194.9.126.0/24 maxlen: 24
91.195.50.0/23 maxlen: 23
91.194.254.0/23 maxlen: 23
91.136.128.0/17 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:81:37:65:4b:06:da:7f:5f:0d:f4:14:f3:b9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5acb3089461e1f5f8984b7742c89bb68f1b88c12
Validity
Not Before: Jan 2 04:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf4038cf2cf741a0422596e68f630021aca136f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:93:6c:98:8d:e5:3e:b8:29:35:85:fe:76:
e8:5a:c3:54:b2:15:e9:d4:51:1e:1b:3a:9e:19:82:
5e:c0:c6:28:5c:a4:67:9e:5a:06:8c:3e:2d:b1:2f:
06:9e:95:88:b3:b3:9a:fe:a1:97:8f:c4:2c:60:0b:
eb:79:1c:06:4d:4f:95:bc:b0:8b:45:e1:2b:cd:7e:
37:a0:f4:e0:56:da:82:92:4d:6d:43:4f:e3:71:e0:
0d:4b:1b:01:d2:4f:d4:26:66:9c:b3:4b:c9:db:29:
f5:9a:9e:6f:2b:be:8c:2b:03:4b:4f:2e:09:e7:6e:
84:83:a1:ae:a1:83:a6:a1:eb:cb:c3:42:e8:16:be:
d4:e2:5e:b2:bf:c0:65:b3:ab:a9:f7:43:05:a3:8b:
ee:93:aa:a7:47:ef:f2:46:1b:c3:e5:98:05:b4:72:
0f:fb:b9:61:3e:8f:56:32:0a:8d:ec:56:29:48:c5:
1d:22:a6:5d:b4:3d:84:5b:21:ab:b4:74:35:6d:be:
cb:b2:bd:f8:a2:b0:cd:c1:df:02:bd:f5:c4:12:1c:
8a:4b:28:81:99:83:cd:74:bd:ce:aa:d1:ed:b5:1e:
26:20:2c:b1:71:89:73:22:be:bd:b2:0f:41:59:0a:
23:a9:80:84:7e:a8:43:23:3f:2c:08:e6:c9:e6:bc:
de:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F4:03:8C:F2:CF:74:1A:04:22:59:6E:68:F6:30:02:1A:CA:13:6F
X509v3 Authority Key Identifier:
keyid:5A:CB:30:89:46:1E:1F:5F:89:84:B7:74:2C:89:BB:68:F1:B8:8C:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsswiUYeH1-JhLd0LIm7aPG4jBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/XPQDjPLPdBoEIlluaPYwAhrKE28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2053c4-bc4a-416a-8970-ac536b2ab4f8/1/WsswiUYeH1-JhLd0LIm7aPG4jBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.136.128.0/17
91.194.254.0/23
91.195.50.0/23
194.9.124.0-194.9.126.255
Signature Algorithm: sha256WithRSAEncryption
61:7e:e7:01:71:63:5b:45:d5:bb:29:f7:0e:4d:8d:3d:8f:4a:
ef:a4:ed:87:f8:2d:ac:15:58:7e:59:5c:ea:37:1e:8e:5f:60:
29:c6:9f:a9:0d:3b:a8:39:13:50:f3:7a:6b:53:02:b0:f4:36:
dd:9b:a7:4b:85:a5:49:ef:cc:27:55:4c:65:d8:9d:36:24:4a:
29:07:2c:ba:b4:ea:0f:01:9a:c1:6f:f4:9f:52:58:6f:7c:f9:
dc:13:23:da:bd:21:75:69:e6:c6:46:8c:e5:bc:48:fd:73:48:
e1:41:ec:2b:78:84:53:05:1c:3b:95:08:ad:f8:65:9f:2e:17:
8e:aa:34:ea:ec:73:90:d0:3a:33:ed:4b:7a:21:c0:e6:65:4d:
db:8c:d1:de:cf:87:1a:ef:9f:9f:5c:70:11:d3:83:46:c8:76:
36:b7:39:62:77:cf:48:f6:9b:fe:3a:68:24:b1:26:8e:15:c6:
16:cb:9f:ff:d7:aa:3e:5f:c8:55:2c:bb:eb:40:a5:18:66:82:
5c:b3:a2:b3:5b:6e:4e:9d:1e:ce:f4:7c:2b:35:f9:df:e5:b2:
80:d5:8c:db:16:47:85:6f:7a:cc:21:55:20:d9:f4:9a:aa:46:
a5:c1:2c:51:b2:1d:fb:2e:c1:dd:94:81:e2:d4:f0:51:f5:be:
02:db:88:57
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwuYE3ZUsG2n9fDfQU87lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhY2IzMDg5NDYxZTFmNWY4OTg0Yjc3NDJjODliYjY4ZjFi
ODhjMTIwHhcNMjMwMTAyMDQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y0MDM4Y2YyY2Y3NDFhMDQyMjU5NmU2OGY2MzAwMjFhY2ExMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotmTbJiN5T64KTWF/nboWsNUshXp
1FEeGzqeGYJewMYoXKRnnloGjD4tsS8GnpWIs7Oa/qGXj8QsYAvreRwGTU+VvLCL
ReErzX43oPTgVtqCkk1tQ0/jceANSxsB0k/UJmacs0vJ2yn1mp5vK76MKwNLTy4J
526Eg6GuoYOmoevLw0LoFr7U4l6yv8Bls6up90MFo4vuk6qnR+/yRhvD5ZgFtHIP
+7lhPo9WMgqN7FYpSMUdIqZdtD2EWyGrtHQ1bb7Lsr34orDNwd8CvfXEEhyKSyiB
mYPNdL3OqtHttR4mICyxcYlzIr69sg9BWQojqYCEfqhDIz8sCObJ5rzeFQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFz0A4zyz3QaBCJZbmj2MAIayhNvMB8GA1UdIwQY
MBaAFFrLMIlGHh9fiYS3dCyJu2jxuIwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3Nzd2lVWWVIMS1KaExkMExJbTdhUEc0akJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yMDUzYzQtYmM0YS00MTZhLTg5NzAt
YWM1MzZiMmFiNGY4LzEvWFBRRGpQTFBkQm9FSWxsdWFQWXdBaHJLRTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yMDUzYzQtYmM0YS00MTZhLTg5NzAtYWM1MzZiMmFiNGY4
LzEvV3Nzd2lVWWVIMS1KaExkMExJbTdhUEc0akJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQHW4iAAwQB
W8L+AwQBW8MyMAwDBALCCXwDBADCCX4wDQYJKoZIhvcNAQELBQADggEBAGF+5wFx
Y1tF1bsp9w5NjT2PSu+k7Yf4LawVWH5ZXOo3Ho5fYCnGn6kNO6g5E1DzemtTArD0
Nt2bp0uFpUnvzCdVTGXYnTYkSikHLLq06g8BmsFv9J9SWG98+dwTI9q9IXVp5sZG
jOW8SP1zSOFB7Ct4hFMFHDuVCK34ZZ8uF46qNOrsc5DQOjPtS3ohwOZlTduM0d7P
hxrvn59ccBHTg0bIdja3OWJ3z0j2m/46aCSxJo4VxhbLn//Xqj5fyFUsu+tApRhm
glyzorNbbk6dHs70fCs1+d/lsoDVjNsWR4VveswhVSDZ9JqqRqXBLFGyHfsuwd2U
geLU8FH1vgLbiFc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:18 2024 by rpki-client on console-ams.rpki-client.org