Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XnasDqa2bBOppS_ERjaNqcDvCCI.roa
File: XnasDqa2bBOppS_ERjaNqcDvCCI.roa (raw, json)
Hash identifier: pcbU1u0tsxihw+ciIB00ioVeP/1HfbZrn076oPc7+ys=
Subject key identifier: 5E:76:AC:0E:A6:B6:6C:13:A9:A5:2F:C4:46:36:8D:A9:C0:EF:08:22
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018847DCFCC8D42176B7840BAAA46DD660B3
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XnasDqa2bBOppS_ERjaNqcDvCCI.roa
Signing time: Tue 23 May 2023 09:07:24 +0000
ROA not before: Tue 23 May 2023 09:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198513
IP address blocks: 185.227.81.0/24 maxlen: 24
194.146.45.0/24 maxlen: 24
2a0b:3c40:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:dc:fc:c8:d4:21:76:b7:84:0b:aa:a4:6d:d6:60:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: May 23 09:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e76ac0ea6b66c13a9a52fc446368da9c0ef0822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:97:b7:dd:76:ee:62:2b:c1:c4:2d:33:88:1b:
f1:22:98:73:24:84:43:17:cb:68:b1:d6:72:da:2d:
24:23:4c:9a:b2:15:68:54:82:ec:78:0e:20:88:01:
7c:d3:a6:29:29:92:d1:cd:42:e7:ae:00:95:22:83:
28:3d:37:fa:1b:76:54:3d:63:f5:e0:87:9f:03:f5:
c1:b9:5b:10:b4:8f:6e:d3:fa:16:8d:ac:d4:b3:04:
ab:09:7d:d6:a8:e6:a5:0e:2c:f6:04:50:a5:17:2f:
1a:e7:12:47:b7:b4:1b:14:d2:cd:84:81:79:f9:f7:
d3:88:04:38:30:e8:eb:78:7a:78:df:39:78:ea:ef:
cf:ff:1c:ca:2d:8c:40:5b:86:f3:3a:74:1d:90:94:
e9:39:25:cd:48:8c:65:1e:e4:d4:c6:4d:35:b5:8c:
90:f2:95:cc:53:a9:0a:12:24:d6:dd:dd:f8:59:92:
62:97:87:47:4a:cd:df:1f:71:16:85:89:96:3a:5c:
e8:ff:be:cf:6a:85:a2:f0:be:62:84:a0:f0:e0:0e:
62:8d:76:c4:ca:89:ca:7c:15:22:61:e7:7b:fe:00:
71:72:a3:38:d4:7a:80:04:dc:46:07:36:c1:63:03:
4f:e4:8d:73:40:9a:1e:1b:37:12:7e:6e:d0:27:88:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:76:AC:0E:A6:B6:6C:13:A9:A5:2F:C4:46:36:8D:A9:C0:EF:08:22
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XnasDqa2bBOppS_ERjaNqcDvCCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.81.0/24
194.146.45.0/24
IPv6:
2a0b:3c40:13::/48
Signature Algorithm: sha256WithRSAEncryption
21:e8:c3:e5:bd:28:69:72:d0:02:1e:44:7e:fa:ec:8c:60:0a:
8a:35:bb:f6:68:02:1c:a9:58:32:6e:39:da:e6:0d:30:f2:da:
df:e6:16:38:16:b6:22:22:2c:bd:06:aa:04:8b:a5:03:8d:0f:
43:8f:17:db:2f:6b:02:6d:a6:db:fa:f6:62:ed:a4:ab:b0:9a:
62:4a:99:99:f5:90:21:89:13:89:78:f6:f1:3c:0f:72:52:af:
5f:0e:7f:09:d5:5a:08:c8:a8:35:c0:42:04:3b:55:ef:4d:33:
fe:78:3a:6c:5d:f3:67:1d:cd:74:f4:ab:8f:94:4e:69:67:00:
3b:ad:d0:5f:cf:6b:52:e7:89:08:f3:b9:77:8f:b9:16:36:a6:
7e:a0:d5:f6:35:5b:dc:29:73:45:87:a8:2e:bf:7e:37:2d:cc:
99:d9:9a:f4:b7:68:31:9d:36:57:9f:1f:f1:b6:52:cc:a7:53:
1c:7d:d2:f4:f3:4d:bd:e9:b7:76:b2:47:c2:64:e4:f1:3e:49:
b2:1e:73:8d:cc:db:d5:93:c9:ef:57:3e:84:4d:ca:28:06:05:
09:34:19:13:fe:27:73:a8:ac:4c:fd:3b:43:69:34:e2:04:7b:
ba:9e:9d:c3:f2:ba:bf:bf:1a:42:79:17:80:ee:24:8b:fc:5a:
8f:23:c7:95
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYhH3PzI1CF2t4QLqqRt1mCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwNTIzMDkwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc2YWMwZWE2YjY2YzEzYTlhNTJmYzQ0NjM2OGRhOWMwZWYwODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZe33XbuYivBxC0ziBvxIphzJIRD
F8tosdZy2i0kI0yashVoVILseA4giAF806YpKZLRzULnrgCVIoMoPTf6G3ZUPWP1
4IefA/XBuVsQtI9u0/oWjazUswSrCX3WqOalDiz2BFClFy8a5xJHt7QbFNLNhIF5
+ffTiAQ4MOjreHp43zl46u/P/xzKLYxAW4bzOnQdkJTpOSXNSIxlHuTUxk01tYyQ
8pXMU6kKEiTW3d34WZJil4dHSs3fH3EWhYmWOlzo/77PaoWi8L5ihKDw4A5ijXbE
yonKfBUiYed7/gBxcqM41HqABNxGBzbBYwNP5I1zQJoeGzcSfm7QJ4jegwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFF52rA6mtmwTqaUvxEY2janA7wgiMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWG5hc0RxYTJiQk9wcFNfRVJqYU5xY0R2Q0NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAueNRAwQA
wpItMA8EAgACMAkDBwAqCzxAABMwDQYJKoZIhvcNAQELBQADggEBACHow+W9KGly
0AIeRH767IxgCoo1u/ZoAhypWDJuOdrmDTDy2t/mFjgWtiIiLL0GqgSLpQOND0OP
F9svawJtptv69mLtpKuwmmJKmZn1kCGJE4l49vE8D3JSr18OfwnVWgjIqDXAQgQ7
Ve9NM/54Omxd82cdzXT0q4+UTmlnADut0F/Pa1LniQjzuXePuRY2pn6g1fY1W9wp
c0WHqC6/fjctzJnZmvS3aDGdNlefH/G2UsynUxx90vTzTb3pt3ayR8Jk5PE+SbIe
c43M29WTye9XPoRNyigGBQk0GRP+J3OorEz9O0NpNOIEe7qencPyur+/GkJ5F4Du
JIv8Wo8jx5U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org