Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/XHdJVFJCtmfpTcGblsj7w7V21lY.roa
File: XHdJVFJCtmfpTcGblsj7w7V21lY.roa (raw, json)
Hash identifier: tU9foxBLqPD0Nx//vD2s91DhHAVFcLPwzvVTfR5h+Aw=
Subject key identifier: 5C:77:49:54:52:42:B6:67:E9:4D:C1:9B:96:C8:FB:C3:B5:76:D6:56
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0189AB854E9491AFB478356A9BC33BE762A3
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/XHdJVFJCtmfpTcGblsj7w7V21lY.roa
Signing time: Mon 31 Jul 2023 10:36:27 +0000
ROA not before: Mon 31 Jul 2023 10:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
45.148.145.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Aug 2023 13:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:85:4e:94:91:af:b4:78:35:6a:9b:c3:3b:e7:62:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jul 31 10:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c7749545242b667e94dc19b96c8fbc3b576d656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ab:2f:62:50:3e:f3:34:a2:2f:15:99:ff:03:
ad:a5:e3:92:18:0a:26:a4:b6:ef:98:73:f4:10:ec:
6c:fc:cf:ac:f3:b3:56:54:87:1b:78:82:21:73:6c:
8c:4a:02:2a:c7:48:e6:73:b5:f7:a5:31:86:17:df:
cf:b9:e4:f8:88:8d:52:a6:b0:da:18:12:e0:4e:05:
c2:bf:aa:ec:c7:b4:0b:fc:13:f5:e3:d7:a1:52:cc:
dc:53:01:d2:7b:86:6a:4d:39:9c:3e:36:3b:47:f2:
6f:ff:b9:80:0b:df:6b:81:7a:e1:72:59:25:42:cc:
b0:b8:b1:84:ee:d3:38:33:43:55:fd:0f:c1:6a:62:
e6:9d:34:a1:96:c7:9b:bd:c2:2a:ee:73:71:fe:e3:
6b:95:c3:39:29:25:fc:16:8a:ca:fb:77:e8:00:38:
31:bc:c8:e5:09:2e:5a:be:51:e1:f3:d1:a1:34:14:
ef:42:64:7f:fb:fd:e7:06:9c:c7:86:97:61:9f:67:
bf:99:06:14:9d:a7:d4:35:a2:15:08:ee:b9:2a:19:
b2:81:65:63:94:b7:87:69:d8:55:a6:12:f8:22:e0:
00:f3:cb:ce:ff:8d:90:dd:c2:8a:a5:2f:d5:97:fe:
77:90:3f:4a:a3:17:c3:64:7d:43:d6:65:b6:28:3c:
d2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:77:49:54:52:42:B6:67:E9:4D:C1:9B:96:C8:FB:C3:B5:76:D6:56
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/XHdJVFJCtmfpTcGblsj7w7V21lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.2.0/24
45.148.145.0/24
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
72:cb:16:e2:9f:76:94:76:2f:83:b7:8e:cb:84:52:91:e9:43:
de:4f:56:d9:8a:07:26:34:65:7a:a4:00:8b:52:94:6b:f5:0c:
a9:cb:98:0e:9a:a2:64:0e:10:9c:87:ea:68:65:86:22:f6:1b:
c7:be:25:90:8c:fc:07:28:23:66:df:12:06:81:9e:fc:16:6b:
67:3e:e0:57:87:ee:19:66:ea:a4:12:ea:bb:63:c9:28:b5:2f:
c8:88:8b:53:d0:66:fa:f1:62:31:f7:be:61:67:a7:01:af:9c:
06:0d:a7:8e:a1:29:a3:32:b6:cd:bf:60:35:d5:45:1e:35:6d:
e4:e1:7d:35:97:37:cb:7f:c3:9b:73:ef:14:7c:a9:b0:67:4a:
d5:0a:fc:cd:88:b0:18:f4:ba:68:1e:b5:d9:68:41:2c:17:c2:
bd:a9:c9:12:ba:d4:f7:21:72:5c:37:bf:c3:89:30:81:3c:fa:
f2:c4:79:4c:d9:20:94:ac:1d:98:64:b6:33:70:96:dc:28:21:
31:6e:eb:7f:f6:39:ad:ff:1b:8d:d7:53:a6:c7:6b:bf:a4:11:
b4:65:12:8e:8c:b9:ec:78:29:bd:40:fe:a0:41:17:a1:1d:c9:
3c:6d:56:54:a4:f3:78:68:ac:24:7f:42:f6:c5:bd:14:a7:31:
2a:1f:3b:6b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYmrhU6Uka+0eDVqm8M752KjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwNzMxMTAzNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzc3NDk1NDUyNDJiNjY3ZTk0ZGMxOWI5NmM4ZmJjM2I1NzZkNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qsvYlA+8zSiLxWZ/wOtpeOSGAom
pLbvmHP0EOxs/M+s87NWVIcbeIIhc2yMSgIqx0jmc7X3pTGGF9/PueT4iI1SprDa
GBLgTgXCv6rsx7QL/BP149ehUszcUwHSe4ZqTTmcPjY7R/Jv/7mAC99rgXrhclkl
QsywuLGE7tM4M0NV/Q/BamLmnTShlsebvcIq7nNx/uNrlcM5KSX8ForK+3foADgx
vMjlCS5avlHh89GhNBTvQmR/+/3nBpzHhpdhn2e/mQYUnafUNaIVCO65KhmygWVj
lLeHadhVphL4IuAA88vO/42Q3cKKpS/Vl/53kD9KoxfDZH1D1mW2KDzSOwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFx3SVRSQrZn6U3Bm5bI+8O1dtZWMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvWEhkSlZGSkN0bWZwVGNHYmxzajd3N1YyMWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQALY4CAwQA
LZSRAwQCudSAAwQAueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoN
Y8AwDQYJKoZIhvcNAQELBQADggEBAHLLFuKfdpR2L4O3jsuEUpHpQ95PVtmKByY0
ZXqkAItSlGv1DKnLmA6aomQOEJyH6mhlhiL2G8e+JZCM/AcoI2bfEgaBnvwWa2c+
4FeH7hlm6qQS6rtjySi1L8iIi1PQZvrxYjH3vmFnpwGvnAYNp46hKaMyts2/YDXV
RR41beThfTWXN8t/w5tz7xR8qbBnStUK/M2IsBj0umgetdloQSwXwr2pyRK61Pch
clw3v8OJMIE8+vLEeUzZIJSsHZhktjNwltwoITFu63/2Oa3/G43XU6bHa7+kEbRl
Eo6Muex4Kb1A/qBBF6EdyTxtVlSk83horCR/QvbFvRSnMSofO2s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org