Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/1dc5f4-ff5d-45d8-91cd-80532dd74d4d/1/XVUCNvyEdJ2bzfwhx3gmdx2_8A0.roa
File: XVUCNvyEdJ2bzfwhx3gmdx2_8A0.roa (raw, json)
Hash identifier: OLHSBSp0Luyu6ULAQGWBHmSoZ62S3ga8/rf4RqK2FWE=
Subject key identifier: 5D:55:02:36:FC:84:74:9D:9B:CD:FC:21:C7:78:26:77:1D:BF:F0:0D
Certificate issuer: /CN=67c008dc0bf0ad2233f4e0d658a714a45b48a1c4
Certificate serial: 018C1F7B940F4374712B0DCB1B8661215976
Authority key identifier: 67:C0:08:DC:0B:F0:AD:22:33:F4:E0:D6:58:A7:14:A4:5B:48:A1:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8AI3AvwrSIz9ODWWKcUpFtIocQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/1dc5f4-ff5d-45d8-91cd-80532dd74d4d/1/XVUCNvyEdJ2bzfwhx3gmdx2_8A0.roa
Signing time: Thu 30 Nov 2023 09:07:21 +0000
ROA not before: Thu 30 Nov 2023 09:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3311
IP address blocks: 185.118.123.0/24 maxlen: 24
185.118.122.0/24 maxlen: 24
185.118.121.0/24 maxlen: 24
185.118.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1f:7b:94:0f:43:74:71:2b:0d:cb:1b:86:61:21:59:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67c008dc0bf0ad2233f4e0d658a714a45b48a1c4
Validity
Not Before: Nov 30 09:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d550236fc84749d9bcdfc21c77826771dbff00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:99:cd:84:fc:32:cd:96:57:c8:92:95:6b:21:
f7:fb:5a:f7:de:fe:35:b7:16:8a:ce:64:8a:8a:d8:
c8:3a:2d:d4:8b:20:06:9f:6d:5f:74:7a:3b:0c:4d:
00:03:93:a6:d0:27:d9:38:d6:15:de:60:22:11:57:
e6:e8:6a:5e:0c:d1:88:59:00:e0:2d:41:d5:57:c3:
87:20:37:52:4b:19:cc:1e:3b:5f:bb:c3:cd:47:a2:
c3:d3:17:2f:b9:7e:a9:4c:8b:93:df:b4:ee:aa:28:
38:24:e4:3f:8f:82:13:e2:e5:d8:c0:ca:6e:47:6b:
93:fd:19:07:1f:50:73:17:7a:8a:b7:8d:be:56:81:
6a:be:60:21:d7:fe:71:f9:79:f9:0e:25:7a:e2:7d:
64:ea:08:9c:19:51:f9:a4:65:5b:5f:65:75:c1:4d:
4c:86:21:b9:61:b9:68:90:c6:8d:ac:54:3f:81:e9:
d4:d7:76:95:b7:4b:07:24:b8:93:12:e2:73:ac:b6:
64:4c:ba:08:ae:80:9f:c3:79:a5:24:77:c4:ca:de:
f5:90:7e:73:9e:e1:b3:e4:db:c4:36:5a:a8:3e:b7:
97:51:31:e0:c6:60:f7:8c:c6:bf:0e:0f:37:d5:c0:
d0:08:b6:d2:1a:95:aa:21:d7:42:d5:bc:43:2b:13:
63:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:55:02:36:FC:84:74:9D:9B:CD:FC:21:C7:78:26:77:1D:BF:F0:0D
X509v3 Authority Key Identifier:
keyid:67:C0:08:DC:0B:F0:AD:22:33:F4:E0:D6:58:A7:14:A4:5B:48:A1:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8AI3AvwrSIz9ODWWKcUpFtIocQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/1dc5f4-ff5d-45d8-91cd-80532dd74d4d/1/XVUCNvyEdJ2bzfwhx3gmdx2_8A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/1dc5f4-ff5d-45d8-91cd-80532dd74d4d/1/Z8AI3AvwrSIz9ODWWKcUpFtIocQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.120.0/22
Signature Algorithm: sha256WithRSAEncryption
82:f0:43:26:c2:ae:c1:50:97:1e:b8:e1:47:58:eb:bc:77:b8:
9b:02:4d:2c:5d:31:80:64:13:20:f9:0c:7c:be:85:bd:b4:3d:
21:15:f1:6f:53:22:07:a1:12:1a:59:54:ff:bf:e2:6d:94:d3:
0c:9c:63:be:60:a7:fd:33:10:59:fd:f1:38:4f:4a:b4:95:50:
c9:b0:ba:ba:b3:ef:88:38:16:8b:13:f4:2c:a2:38:fa:c5:23:
24:f0:4e:fd:23:cf:50:17:78:d7:2c:d5:a0:55:4f:12:69:1a:
43:0e:1e:42:fc:a1:f9:41:2b:a7:5f:62:d5:42:15:12:3d:e3:
da:f3:63:9c:16:96:94:c1:64:7a:b2:f4:55:1d:0d:3c:78:18:
4e:40:a7:09:b7:8d:5a:c4:a6:54:ef:4f:67:df:54:2e:6a:a8:
7d:9a:a4:da:e3:35:bd:cc:d9:46:8d:7c:67:83:38:2d:01:05:
11:25:f5:6c:a0:25:9a:0a:c4:6b:57:f6:d6:fc:d6:2f:5e:ef:
7d:bc:1d:6d:a1:85:ec:83:17:7c:d9:36:54:8b:74:c4:b0:00:
5c:16:3e:bd:da:91:6d:71:2d:07:8a:a4:f6:be:f4:f6:fa:55:
25:6d:c7:7a:3d:50:80:d1:88:ec:79:9d:6e:5b:05:f9:74:da:
65:0a:79:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwfe5QPQ3RxKw3LG4ZhIVl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzAwOGRjMGJmMGFkMjIzM2Y0ZTBkNjU4YTcxNGE0NWI0
OGExYzQwHhcNMjMxMTMwMDkwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU1MDIzNmZjODQ3NDlkOWJjZGZjMjFjNzc4MjY3NzFkYmZmMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpnNhPwyzZZXyJKVayH3+1r33v41
txaKzmSKitjIOi3UiyAGn21fdHo7DE0AA5Om0CfZONYV3mAiEVfm6GpeDNGIWQDg
LUHVV8OHIDdSSxnMHjtfu8PNR6LD0xcvuX6pTIuT37Tuqig4JOQ/j4IT4uXYwMpu
R2uT/RkHH1BzF3qKt42+VoFqvmAh1/5x+Xn5DiV64n1k6gicGVH5pGVbX2V1wU1M
hiG5YblokMaNrFQ/genU13aVt0sHJLiTEuJzrLZkTLoIroCfw3mlJHfEyt71kH5z
nuGz5NvENlqoPreXUTHgxmD3jMa/Dg831cDQCLbSGpWqIddC1bxDKxNjfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1VAjb8hHSdm838Icd4Jncdv/ANMB8GA1UdIwQY
MBaAFGfACNwL8K0iM/Tg1linFKRbSKHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhBSTNBdndyU0l6OU9EV1dLY1VwRnRJb2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xZGM1ZjQtZmY1ZC00NWQ4LTkxY2Qt
ODA1MzJkZDc0ZDRkLzEvWFZVQ052eUVkSjJiemZ3aHgzZ21keDJfOEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xZGM1ZjQtZmY1ZC00NWQ4LTkxY2QtODA1MzJkZDc0ZDRk
LzEvWjhBSTNBdndyU0l6OU9EV1dLY1VwRnRJb2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXZ4MA0G
CSqGSIb3DQEBCwUAA4IBAQCC8EMmwq7BUJceuOFHWOu8d7ibAk0sXTGAZBMg+Qx8
voW9tD0hFfFvUyIHoRIaWVT/v+JtlNMMnGO+YKf9MxBZ/fE4T0q0lVDJsLq6s++I
OBaLE/Qsojj6xSMk8E79I89QF3jXLNWgVU8SaRpDDh5C/KH5QSunX2LVQhUSPePa
82OcFpaUwWR6svRVHQ08eBhOQKcJt41axKZU709n31Quaqh9mqTa4zW9zNlGjXxn
gzgtAQURJfVsoCWaCsRrV/bW/NYvXu99vB1toYXsgxd82TZUi3TEsABcFj692pFt
cS0HiqT2vvT2+lUlbcd6PVCA0YjseZ1uWwX5dNplCnmq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:26 2024 by rpki-client on console-fra.rpki-client.org