Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/xZK8o47xWwG1i6axmV3L4RUI56Y.roa
File: xZK8o47xWwG1i6axmV3L4RUI56Y.roa (raw, json)
Hash identifier: yXyVBVTybIyitZiLSASi34bLIcLJwivFKzwQ1AUwElk=
Subject key identifier: C5:92:BC:A3:8E:F1:5B:01:B5:8B:A6:B1:99:5D:CB:E1:15:08:E7:A6
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018A930A249BD8339FAEB690C9FD338481C1
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/xZK8o47xWwG1i6axmV3L4RUI56Y.roa
Signing time: Thu 14 Sep 2023 09:33:50 +0000
ROA not before: Thu 14 Sep 2023 09:33:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200313
IP address blocks: 185.232.52.0/24 maxlen: 24
195.43.147.0/24 maxlen: 24
185.212.128.0/23 maxlen: 23
185.212.130.0/24 maxlen: 24
185.212.131.0/24 maxlen: 24
2a0d:1640::/32 maxlen: 32
2a0d:63c0::/32 maxlen: 32
2a0d:1643::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:0a:24:9b:d8:33:9f:ae:b6:90:c9:fd:33:84:81:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Sep 14 09:33:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c592bca38ef15b01b58ba6b1995dcbe11508e7a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e8:98:c7:53:83:0e:82:a0:16:aa:54:cb:96:
53:1c:b1:b7:d7:40:47:e6:f4:9b:99:d6:0b:90:ae:
82:7a:53:73:9f:c5:68:e3:1a:ba:0b:91:a6:d2:2a:
c0:96:fd:25:25:d3:df:22:bc:50:fa:2c:1e:d9:21:
97:7e:6e:4a:ae:38:f6:33:bf:a3:22:d8:83:5d:31:
31:97:15:4d:4c:2d:ec:98:1f:71:86:d7:ce:21:c4:
dd:f1:2b:37:10:49:34:89:a9:d3:51:bd:89:46:c2:
98:19:73:bc:5c:85:fd:b3:69:eb:1f:ab:99:bb:21:
17:a6:ab:24:c7:cb:18:c4:b1:7d:48:59:5c:b2:ad:
d4:fb:fb:33:1e:21:1f:f4:19:dc:53:03:85:50:6c:
dd:f3:22:29:96:c4:90:36:be:3c:ab:b2:55:41:91:
57:a1:ff:9e:88:47:0c:eb:e5:ab:c0:7c:d1:39:3f:
51:76:cd:aa:d4:18:27:77:ab:11:6d:1d:aa:7d:b8:
cb:3b:e8:8d:ea:39:91:52:77:69:b6:71:ce:b5:5c:
48:29:aa:24:93:78:28:c6:a6:5a:9a:6f:09:3f:0d:
3a:37:f1:ce:55:11:ec:66:a0:c4:a6:11:c3:f2:00:
c8:c5:b0:8f:0e:a8:35:dd:64:68:b1:21:a3:4e:bd:
63:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:92:BC:A3:8E:F1:5B:01:B5:8B:A6:B1:99:5D:CB:E1:15:08:E7:A6
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/xZK8o47xWwG1i6axmV3L4RUI56Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.128.0/22
185.232.52.0/24
195.43.147.0/24
IPv6:
2a0d:1640::/32
2a0d:1643::/32
2a0d:63c0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:d7:c0:58:22:7e:e6:0c:3d:20:93:ac:0e:de:fb:e8:cf:a9:
bd:31:1e:b2:38:5f:3c:25:ac:50:68:bb:0c:93:de:b8:87:38:
a6:ab:ab:4a:82:8e:33:fe:7d:40:07:93:3f:63:13:d7:d5:3d:
7f:e8:3b:a8:51:0b:86:b0:f3:f7:85:83:f7:ce:80:72:04:51:
48:d8:60:4d:b9:9e:89:35:f3:32:9b:ba:fe:6b:0f:f1:b3:10:
b8:96:a1:16:c6:c7:f7:e3:94:af:5e:4e:24:8a:9f:c1:13:7b:
84:07:ca:da:39:60:49:e1:ff:aa:3d:27:63:36:c4:29:2e:7c:
7a:a2:5a:ed:4b:ba:00:48:aa:ba:78:a6:bf:f0:3a:d5:79:ce:
e0:ab:9f:4f:b5:2c:53:e9:7a:f1:6e:a7:1c:00:bc:e8:c8:9c:
09:63:90:fc:26:18:2d:1f:68:cb:9a:4a:d0:7a:79:7b:4e:58:
fe:3f:85:7d:f0:54:43:0f:0f:e9:2e:d5:18:17:99:43:67:4f:
c6:0e:08:d1:57:11:4d:84:ba:f4:c0:eb:ec:fd:1c:28:39:b8:
80:11:4a:14:ca:3d:1f:cc:45:53:23:cf:61:3b:01:37:05:89:
ec:3c:8d:c1:0f:08:b5:9c:72:a4:10:ea:e4:83:75:6d:20:ae:
cc:80:60:91
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYqTCiSb2DOfrraQyf0zhIHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwOTE0MDkzMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkyYmNhMzhlZjE1YjAxYjU4YmE2YjE5OTVkY2JlMTE1MDhlN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeiYx1ODDoKgFqpUy5ZTHLG310BH
5vSbmdYLkK6CelNzn8Vo4xq6C5Gm0irAlv0lJdPfIrxQ+iwe2SGXfm5Krjj2M7+j
ItiDXTExlxVNTC3smB9xhtfOIcTd8Ss3EEk0ianTUb2JRsKYGXO8XIX9s2nrH6uZ
uyEXpqskx8sYxLF9SFlcsq3U+/szHiEf9BncUwOFUGzd8yIplsSQNr48q7JVQZFX
of+eiEcM6+WrwHzROT9Rds2q1Bgnd6sRbR2qfbjLO+iN6jmRUndptnHOtVxIKaok
k3goxqZamm8JPw06N/HOVRHsZqDEphHD8gDIxbCPDqg13WRosSGjTr1joQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMWSvKOO8VsBtYumsZldy+EVCOemMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEveFpLOG80N3hXd0cxaTZheG1WM0w0UlVJNTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCudSAAwQA
ueg0AwQAwyuTMBsEAgACMBUDBQAqDRZAAwUAKg0WQwMFACoNY8AwDQYJKoZIhvcN
AQELBQADggEBAKrXwFgifuYMPSCTrA7e++jPqb0xHrI4XzwlrFBouwyT3riHOKar
q0qCjjP+fUAHkz9jE9fVPX/oO6hRC4aw8/eFg/fOgHIEUUjYYE25nok18zKbuv5r
D/GzELiWoRbGx/fjlK9eTiSKn8ETe4QHyto5YEnh/6o9J2M2xCkufHqiWu1LugBI
qrp4pr/wOtV5zuCrn0+1LFPpevFupxwAvOjInAljkPwmGC0faMuaStB6eXtOWP4/
hX3wVEMPD+ku1RgXmUNnT8YOCNFXEU2EuvTA6+z9HCg5uIARShTKPR/MRVMjz2E7
ATcFiew8jcEPCLWccqQQ6uSDdW0grsyAYJE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org