Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/_XMX2sdNhIYNjeJ-5DzWjEpyUzA.roa
File: _XMX2sdNhIYNjeJ-5DzWjEpyUzA.roa (raw, json)
Hash identifier: eX/Y1UxBNq6XaEl2qssiwTouhAGDPadA/KrCKh5ykkk=
Subject key identifier: FD:73:17:DA:C7:4D:84:86:0D:8D:E2:7E:E4:3C:D6:8C:4A:72:53:30
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E79AA451EB22A3DDF990459BAB9EEC648
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/_XMX2sdNhIYNjeJ-5DzWjEpyUzA.roa
Signing time: Tue 26 Mar 2024 07:29:45 +0000
ROA not before: Tue 26 Mar 2024 07:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207967
IP address blocks: 147.45.160.0/22 maxlen: 22
147.45.164.0/22 maxlen: 22
147.45.168.0/22 maxlen: 22
147.45.172.0/22 maxlen: 22
147.45.224.0/19 maxlen: 19
193.233.108.0/22 maxlen: 22
193.233.112.0/22 maxlen: 22
193.233.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 23 Apr 2024 18:39:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:aa:45:1e:b2:2a:3d:df:99:04:59:ba:b9:ee:c6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 26 07:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd7317dac74d84860d8de27ee43cd68c4a725330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8f:d3:36:dd:a1:83:29:90:be:dc:a2:2e:f7:
52:16:28:8b:79:4b:aa:b4:b0:dc:c2:69:fb:92:e2:
bf:88:cb:6d:29:a5:ae:7b:59:fe:d9:e8:ae:3a:d9:
a3:38:f0:ca:3c:6e:41:74:ec:24:e7:35:84:26:12:
7e:06:bb:03:fd:25:ab:f9:b9:11:f1:3c:53:61:1a:
2b:b2:94:90:2b:84:33:a6:5e:7c:9b:86:6b:61:03:
9d:56:24:12:36:95:76:0b:65:ef:81:c4:e5:aa:b4:
8c:a9:11:ca:d6:e1:be:d4:47:ee:02:4a:5e:d8:9f:
1a:ca:ff:ff:0b:d9:a5:cf:bb:56:a2:b2:8d:37:fb:
25:69:19:dd:d0:99:45:c6:f5:00:60:1b:78:a4:ee:
0c:05:dc:01:13:1e:0c:9c:2c:28:b0:83:a9:e2:ae:
a5:1b:f3:2a:32:d3:e3:7e:1d:41:56:66:06:62:f8:
e3:25:c7:02:8b:f5:d9:52:23:29:93:04:c5:f9:ea:
05:1b:e4:fb:11:03:d9:e3:0c:10:3d:6b:48:83:20:
1b:80:89:94:15:26:3a:01:98:64:37:75:2c:b8:89:
68:fc:b5:98:7a:cd:30:20:fc:08:d9:f1:0d:62:33:
7f:bd:74:fc:5a:36:0c:7f:22:55:1f:29:7b:42:d9:
2e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:73:17:DA:C7:4D:84:86:0D:8D:E2:7E:E4:3C:D6:8C:4A:72:53:30
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/_XMX2sdNhIYNjeJ-5DzWjEpyUzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.160.0/20
147.45.224.0/19
193.233.108.0-193.233.119.255
Signature Algorithm: sha256WithRSAEncryption
6f:9d:ca:6e:2c:ce:8d:27:4a:96:74:dd:94:a2:dc:58:7b:2a:
63:18:62:75:37:4a:46:64:cf:7e:87:b9:02:9a:c7:2d:44:f7:
ce:42:a2:7a:af:5b:b0:67:1a:4c:1c:f8:46:e3:27:84:85:34:
99:ae:fb:e2:ca:97:c2:ac:61:20:4a:4b:95:7d:6e:f7:d4:da:
1c:03:71:52:ac:0e:86:9c:5b:16:e9:2f:74:6b:45:3c:dc:b5:
28:00:ff:52:71:c8:6a:3a:4c:72:6d:95:6e:b5:9b:92:21:6c:
d4:3d:53:f5:ac:91:59:26:44:73:27:c7:a6:59:c6:ae:ab:2a:
21:85:ef:79:22:06:b9:68:55:55:8d:1e:23:ef:bb:6c:42:f4:
b4:df:42:ed:73:04:1c:92:17:37:94:60:2b:e7:56:91:5f:ed:
80:c1:43:cc:fb:8e:9f:b8:0d:3f:e7:36:48:d6:25:47:16:2f:
32:39:5b:7f:66:53:6b:99:19:82:31:a6:6f:79:6e:eb:43:07:
e1:f0:4a:1b:b2:3d:4c:c3:60:4d:8c:2c:00:59:ad:16:52:fc:
58:41:c8:04:13:5f:7f:06:91:88:4a:b0:4e:99:99:7c:4f:95:
18:e9:54:2d:8c:dd:a8:77:21:43:b7:29:63:3b:8d:1a:78:86:
6c:17:fc:c2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY55qkUesio935kEWbq57sZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzI2MDcyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDczMTdkYWM3NGQ4NDg2MGQ4ZGUyN2VlNDNjZDY4YzRhNzI1MzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI/TNt2hgymQvtyiLvdSFiiLeUuq
tLDcwmn7kuK/iMttKaWue1n+2eiuOtmjOPDKPG5BdOwk5zWEJhJ+BrsD/SWr+bkR
8TxTYRorspSQK4Qzpl58m4ZrYQOdViQSNpV2C2XvgcTlqrSMqRHK1uG+1EfuAkpe
2J8ayv//C9mlz7tWorKNN/slaRnd0JlFxvUAYBt4pO4MBdwBEx4MnCwosIOp4q6l
G/MqMtPjfh1BVmYGYvjjJccCi/XZUiMpkwTF+eoFG+T7EQPZ4wwQPWtIgyAbgImU
FSY6AZhkN3UsuIlo/LWYes0wIPwI2fENYjN/vXT8WjYMfyJVHyl7QtkuFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP1zF9rHTYSGDY3ifuQ81oxKclMwMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvX1hNWDJzZE5oSVlOamVKLTVEeldqRXB5VXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEky2gAwQF
ky3gMAwDBALB6WwDBAPB6XAwDQYJKoZIhvcNAQELBQADggEBAG+dym4szo0nSpZ0
3ZSi3Fh7KmMYYnU3SkZkz36HuQKaxy1E985ConqvW7BnGkwc+EbjJ4SFNJmu++LK
l8KsYSBKS5V9bvfU2hwDcVKsDoacWxbpL3RrRTzctSgA/1JxyGo6THJtlW61m5Ih
bNQ9U/WskVkmRHMnx6ZZxq6rKiGF73kiBrloVVWNHiPvu2xC9LTfQu1zBBySFzeU
YCvnVpFf7YDBQ8z7jp+4DT/nNkjWJUcWLzI5W39mU2uZGYIxpm95butDB+HwShuy
PUzDYE2MLABZrRZS/FhByAQTX38GkYhKsE6ZmXxPlRjpVC2M3ah3IUO3KWM7jRp4
hmwX/MI=
-----END CERTIFICATE-----
Generated at Tue Apr 23 22:12:08 2024 by rpki-client on console-ams.rpki-client.org