Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa
File: XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa (raw, json)
Hash identifier: 6mYOSiYlnnLNhG9I7quR4D6kHx92FRD0UCM5RfQgCfQ=
Subject key identifier: 5E:3A:C8:07:3E:98:04:CD:51:92:DB:79:5A:DE:0C:51:6F:C4:BD:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A1800DFC4417B8DFBCD1C11272A371E02
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa
Signing time: Mon 21 Aug 2023 12:10:24 +0000
ROA not before: Mon 21 Aug 2023 12:10:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:00:df:c4:41:7b:8d:fb:cd:1c:11:27:2a:37:1e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 21 12:10:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e3ac8073e9804cd5192db795ade0c516fc4bde8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c8:56:a0:34:5b:4a:20:60:b5:b4:73:24:c9:
ae:cc:00:3d:d9:de:bb:c4:06:c1:5a:8b:8a:c6:93:
3c:d9:db:65:f4:5d:20:f6:12:fd:6b:9e:b6:6b:d0:
56:6c:e1:ab:f4:0a:0b:d9:cc:5c:24:a7:7e:8c:fc:
f0:a6:89:ee:b0:05:88:cc:8c:b9:95:62:ff:12:c7:
40:29:97:b8:8c:7a:0d:14:06:27:ed:ac:a9:bc:bc:
b7:5d:52:c1:14:b7:9a:ec:ec:f1:e5:77:75:89:09:
d7:0c:a3:a2:c4:ab:88:47:ca:09:0f:0a:0c:8f:b9:
ac:36:46:d3:fa:af:cb:f6:6c:99:cb:9a:89:25:88:
53:ef:5f:08:31:9e:4e:bf:09:b9:fa:44:84:d7:46:
4e:93:1b:47:b0:16:8d:b6:5b:82:9a:7e:99:b6:86:
ba:79:4c:93:95:52:a3:e0:58:44:f2:3d:d1:44:41:
ea:a1:7c:7f:9f:11:93:6a:a1:38:59:5f:8e:33:c3:
ed:a7:ca:b9:ff:49:ce:0c:20:35:aa:0f:08:25:a8:
22:79:ee:0b:8a:ed:fa:c3:1a:69:0a:90:e4:2d:9f:
e5:a7:6c:fa:34:6a:d2:3f:d1:10:7c:8b:7e:77:11:
0e:65:91:97:ec:17:07:59:17:af:92:d5:da:43:d6:
2f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3A:C8:07:3E:98:04:CD:51:92:DB:79:5A:DE:0C:51:6F:C4:BD:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XjrIBz6YBM1Rktt5Wt4MUW_Eveg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.69.0/24
94.103.124.0/24
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
84:bc:6a:8c:18:a9:73:14:1e:32:ff:66:91:55:9a:5d:37:3d:
a3:e2:7b:d9:c0:79:9c:7c:50:bc:c7:6d:d0:2b:22:22:99:b2:
1a:4f:41:f0:fd:68:59:2a:41:6a:aa:78:af:05:ac:06:88:65:
b2:cd:9a:46:40:1a:13:f5:70:e9:4b:43:68:c7:bd:e5:f4:1e:
98:de:ae:0f:15:11:7a:7d:8e:d5:48:28:30:84:69:3f:d5:59:
94:82:93:5e:6c:91:69:c4:ea:64:98:7d:f0:74:85:f6:ec:85:
fb:eb:13:18:3f:41:95:e9:5e:9d:71:1e:6f:70:19:d0:18:16:
44:be:7d:cd:09:a8:7f:9b:41:8e:bd:fc:fc:07:ec:08:55:ad:
82:cb:95:7b:ac:45:76:e3:ae:57:0c:30:6c:92:1c:b2:fe:aa:
1d:32:de:ce:27:35:29:34:59:b4:0f:bb:24:3c:60:ca:db:f5:
78:cd:51:24:2b:8d:de:77:04:ad:55:ae:07:71:f3:76:13:30:
65:ce:f8:de:10:51:78:66:8e:e7:ee:2a:e8:76:9a:18:32:0a:
e2:c6:e8:96:07:63:ef:83:e4:3f:b3:94:ce:02:39:1c:52:d9:
1c:76:1f:33:ca:03:6f:16:5d:90:ee:03:4e:75:16:bf:a3:7b:
e5:40:06:06
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYoYAN/EQXuN+80cEScqNx4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIxMTIxMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTNhYzgwNzNlOTgwNGNkNTE5MmRiNzk1YWRlMGM1MTZmYzRiZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMhWoDRbSiBgtbRzJMmuzAA92d67
xAbBWouKxpM82dtl9F0g9hL9a562a9BWbOGr9AoL2cxcJKd+jPzwponusAWIzIy5
lWL/EsdAKZe4jHoNFAYn7aypvLy3XVLBFLea7Ozx5Xd1iQnXDKOixKuIR8oJDwoM
j7msNkbT+q/L9myZy5qJJYhT718IMZ5Ovwm5+kSE10ZOkxtHsBaNtluCmn6Ztoa6
eUyTlVKj4FhE8j3RREHqoXx/nxGTaqE4WV+OM8Ptp8q5/0nODCA1qg8IJagiee4L
iu36wxppCpDkLZ/lp2z6NGrSP9EQfIt+dxEOZZGX7BcHWRevktXaQ9YvUQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF46yAc+mATNUZLbeVreDFFvxL3oMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWGpySUJ6NllCTTFSa3R0NVd0NE1VV19FdmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3lFAwQAXmd8AwQAjWIEAwQAk05mAwQAwSMSMA0G
CSqGSIb3DQEBCwUAA4IBAQCEvGqMGKlzFB4y/2aRVZpdNz2j4nvZwHmcfFC8x23Q
KyIimbIaT0Hw/WhZKkFqqnivBawGiGWyzZpGQBoT9XDpS0Nox73l9B6Y3q4PFRF6
fY7VSCgwhGk/1VmUgpNebJFpxOpkmH3wdIX27IX76xMYP0GV6V6dcR5vcBnQGBZE
vn3NCah/m0GOvfz8B+wIVa2Cy5V7rEV2465XDDBskhyy/qodMt7OJzUpNFm0D7sk
PGDK2/V4zVEkK43edwStVa4HcfN2EzBlzvjeEFF4Zo7n7irodpoYMgrixuiWB2Pv
g+Q/s5TOAjkcUtkcdh8zygNvFl2Q7gNOdRa/o3vlQAYG
-----END CERTIFICATE-----
Generated at Fri Sep 8 10:12:45 2023 by rpki-client on console-ams.rpki-client.org