Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xm04HF24BfRJ7-5tej0zOPDtWVI.roa
File: xm04HF24BfRJ7-5tej0zOPDtWVI.roa (raw, json)
Hash identifier: /NgpLWaktnwLJZ3owPuV0KKRJOzhUdNdxRUjtOBb5CM=
Subject key identifier: C6:6D:38:1C:5D:B8:05:F4:49:EF:EE:6D:7A:3D:33:38:F0:ED:59:52
Certificate issuer: /CN=c49eee24deab5520119b6a3da0457d39c40641db
Certificate serial: 01856D0ABAED43C94D026E49DF77D558CBDC
Authority key identifier: C4:9E:EE:24:DE:AB:55:20:11:9B:6A:3D:A0:45:7D:39:C4:06:41:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJ7uJN6rVSARm2o9oEV9OcQGQds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xm04HF24BfRJ7-5tej0zOPDtWVI.roa
Signing time: Sun 01 Jan 2023 11:14:57 +0000
ROA not before: Sun 01 Jan 2023 11:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43667
IP address blocks: 77.91.192.0/21 maxlen: 24
185.32.132.0/22 maxlen: 24
94.198.128.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:ba:ed:43:c9:4d:02:6e:49:df:77:d5:58:cb:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49eee24deab5520119b6a3da0457d39c40641db
Validity
Not Before: Jan 1 11:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c66d381c5db805f449efee6d7a3d3338f0ed5952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:49:b7:b8:b0:1d:50:53:80:f6:78:16:e6:95:
5b:51:76:76:5c:0c:2a:02:9a:5b:bc:ca:3d:e9:df:
8b:48:34:eb:fa:16:89:90:39:8c:7b:5d:d7:74:75:
f6:0c:02:2f:dd:39:7a:1d:39:33:15:34:08:32:46:
94:ea:4b:de:93:f4:8b:91:54:c6:a5:2b:be:67:be:
b1:6c:4b:bf:f2:f8:b6:bb:57:b0:a3:50:42:36:d1:
6a:9d:60:3b:48:8d:68:f6:c2:a0:e3:5c:c9:33:4e:
7d:df:9e:99:d0:e9:e6:f4:11:85:96:c5:26:85:83:
f8:2c:53:37:4e:10:f5:ec:61:97:e2:f3:87:63:28:
d0:a1:43:e2:bb:d2:dd:a4:b7:37:19:0b:7b:2b:ae:
f9:e2:f0:ad:b5:20:1b:f5:c4:15:a3:3c:84:ca:70:
43:a5:79:59:c3:3e:7c:b0:25:92:51:46:61:a9:ea:
3f:90:61:58:27:e9:31:ee:02:4e:96:fd:ee:87:16:
6e:12:bc:f3:da:7f:ab:59:14:6c:18:c0:60:fb:ab:
ef:83:b1:be:ff:51:32:26:9c:d6:be:fd:a3:ea:73:
f1:58:13:39:a9:ab:27:7b:41:7c:6f:95:15:19:e7:
48:6d:33:65:76:57:93:1c:ab:c0:2e:c2:0d:08:ef:
9c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6D:38:1C:5D:B8:05:F4:49:EF:EE:6D:7A:3D:33:38:F0:ED:59:52
X509v3 Authority Key Identifier:
keyid:C4:9E:EE:24:DE:AB:55:20:11:9B:6A:3D:A0:45:7D:39:C4:06:41:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJ7uJN6rVSARm2o9oEV9OcQGQds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xm04HF24BfRJ7-5tej0zOPDtWVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xJ7uJN6rVSARm2o9oEV9OcQGQds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.192.0/21
94.198.128.0/21
185.32.132.0/22
Signature Algorithm: sha256WithRSAEncryption
59:56:e4:40:6a:9f:f5:25:e1:ab:7a:65:d3:49:8e:9d:98:b1:
d8:81:00:11:2f:d3:74:22:ab:a5:61:3c:f5:95:f5:63:ad:e0:
a3:79:35:4f:97:d7:ac:5f:24:57:49:4c:e3:d4:b2:23:82:7d:
5e:7c:4a:00:cc:20:53:6e:e7:3d:02:b1:81:3b:8f:a9:b9:19:
b9:3a:22:a3:3d:3f:05:87:85:36:69:9b:11:db:26:d2:9b:ed:
3b:60:de:12:96:29:53:72:87:bc:a8:93:05:be:4c:42:3b:77:
f6:ff:5f:4c:a8:03:63:cc:27:6f:84:b6:28:8b:54:4d:a3:90:
2a:e8:9b:31:ea:fb:c5:9f:30:f4:f5:84:04:04:0c:90:bd:37:
6d:f1:60:00:b0:7c:25:68:5b:3f:ac:18:81:fc:dd:90:6d:b3:
74:b0:cc:08:19:41:d0:d4:0f:f8:aa:c1:68:ad:52:48:0d:f6:
55:e5:cb:a8:9f:4c:fc:8b:11:b8:62:fb:6d:e3:98:1e:2f:98:
54:e6:a5:96:6c:4c:4c:7b:75:1f:9b:4e:d5:ff:88:2b:1e:38:
1f:36:8f:a6:c3:d5:9d:81:2a:89:66:b4:94:1e:05:ed:8d:56:
de:66:c7:92:c9:f7:78:22:ac:9f:4a:a1:fb:9b:0e:40:71:51:
08:98:52:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtCrrtQ8lNAm5J33fVWMvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWVlZTI0ZGVhYjU1MjAxMTliNmEzZGEwNDU3ZDM5YzQw
NjQxZGIwHhcNMjMwMTAxMTExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZkMzgxYzVkYjgwNWY0NDllZmVlNmQ3YTNkMzMzOGYwZWQ1OTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkm3uLAdUFOA9ngW5pVbUXZ2XAwq
AppbvMo96d+LSDTr+haJkDmMe13XdHX2DAIv3Tl6HTkzFTQIMkaU6kvek/SLkVTG
pSu+Z76xbEu/8vi2u1ewo1BCNtFqnWA7SI1o9sKg41zJM059356Z0Onm9BGFlsUm
hYP4LFM3ThD17GGX4vOHYyjQoUPiu9LdpLc3GQt7K6754vCttSAb9cQVozyEynBD
pXlZwz58sCWSUUZhqeo/kGFYJ+kx7gJOlv3uhxZuErzz2n+rWRRsGMBg+6vvg7G+
/1EyJpzWvv2j6nPxWBM5qasne0F8b5UVGedIbTNldleTHKvALsINCO+cWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMZtOBxduAX0Se/ubXo9Mzjw7VlSMB8GA1UdIwQY
MBaAFMSe7iTeq1UgEZtqPaBFfTnEBkHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEo3dUpONnJWU0FSbTJvOW9FVjlPY1FHUWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85Nzg2ZjQtZGQ1NC00ZTQzLWFlYTQt
NTljNGMxMGFlYmQ5LzEveG0wNEhGMjRCZlJKNy01dGVqMHpPUER0V1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85Nzg2ZjQtZGQ1NC00ZTQzLWFlYTQtNTljNGMxMGFlYmQ5
LzEveEo3dUpONnJWU0FSbTJvOW9FVjlPY1FHUWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVvAAwQD
XsaAAwQCuSCEMA0GCSqGSIb3DQEBCwUAA4IBAQBZVuRAap/1JeGremXTSY6dmLHY
gQARL9N0IqulYTz1lfVjreCjeTVPl9esXyRXSUzj1LIjgn1efEoAzCBTbuc9ArGB
O4+puRm5OiKjPT8Fh4U2aZsR2ybSm+07YN4SlilTcoe8qJMFvkxCO3f2/19MqANj
zCdvhLYoi1RNo5Aq6Jsx6vvFnzD09YQEBAyQvTdt8WAAsHwlaFs/rBiB/N2QbbN0
sMwIGUHQ1A/4qsForVJIDfZV5cuon0z8ixG4Yvtt45geL5hU5qWWbExMe3Ufm07V
/4grHjgfNo+mw9WdgSqJZrSUHgXtjVbeZseSyfd4IqyfSqH7mw5AcVEImFLJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:22 2024 by rpki-client on console-fra.rpki-client.org