Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/XI-nO_c_uux6JYjNOckU772QxNc.roa
File: XI-nO_c_uux6JYjNOckU772QxNc.roa (raw, json)
Hash identifier: rIMggZEsFtZ1YFs3IeXO4GiNYrrcc7x2FnDv8TRJqjE=
Subject key identifier: 5C:8F:A7:3B:F7:3F:BA:EC:7A:25:88:CD:39:C9:14:EF:BD:90:C4:D7
Certificate issuer: /CN=bb190d102ac9603b405b36374d429868604937af
Certificate serial: 018CC794C0D4D64D5B3BCCD77B872C973058
Authority key identifier: BB:19:0D:10:2A:C9:60:3B:40:5B:36:37:4D:42:98:68:60:49:37:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uxkNECrJYDtAWzY3TUKYaGBJN68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/XI-nO_c_uux6JYjNOckU772QxNc.roa
Signing time: Tue 02 Jan 2024 00:31:03 +0000
ROA not before: Tue 02 Jan 2024 00:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202128
IP address blocks: 185.148.16.0/22 maxlen: 22
185.78.208.0/22 maxlen: 22
2a05:6d40::/29 maxlen: 29
2a07:5b80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Mar 2024 12:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:c0:d4:d6:4d:5b:3b:cc:d7:7b:87:2c:97:30:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb190d102ac9603b405b36374d429868604937af
Validity
Not Before: Jan 2 00:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c8fa73bf73fbaec7a2588cd39c914efbd90c4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ed:6c:a1:04:0e:29:99:9a:09:62:fc:a2:2f:
42:1d:57:50:95:37:96:23:cf:87:e6:a0:3a:b8:c1:
32:10:6f:36:d1:25:1f:a4:54:d5:cf:2d:ae:b2:bc:
c2:70:26:6c:d9:7e:c3:f1:0a:42:d3:18:f7:12:5d:
c1:56:fa:97:07:64:cd:d6:45:3d:07:36:55:51:49:
6e:d8:ad:44:03:e3:5a:5f:8e:b2:98:6b:92:95:0c:
5b:6b:22:37:71:fb:a5:03:92:ff:03:8c:26:44:5c:
4e:90:60:4e:4c:9f:30:55:7f:33:27:55:f9:d1:b0:
63:0f:87:62:70:78:83:6c:b2:fa:51:91:20:f4:ce:
b1:f6:83:8b:00:b0:97:3d:15:fb:c1:9e:4c:5d:b1:
99:30:3c:48:67:88:9b:49:c0:88:72:4b:f3:b6:1e:
6c:a4:e0:e3:43:86:67:2f:a7:34:7c:e7:f3:b5:f2:
71:0e:a0:19:e2:aa:08:df:94:df:96:48:98:30:fc:
e4:46:38:ac:96:a4:4c:82:14:c7:4f:92:7e:2b:4c:
e6:94:27:27:1d:20:b6:58:80:cf:47:35:36:29:50:
e9:b4:33:62:4e:6d:c4:c5:ef:60:98:1d:6b:d3:ca:
8f:28:15:38:df:de:ae:3c:a3:1d:60:60:18:18:a8:
35:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8F:A7:3B:F7:3F:BA:EC:7A:25:88:CD:39:C9:14:EF:BD:90:C4:D7
X509v3 Authority Key Identifier:
keyid:BB:19:0D:10:2A:C9:60:3B:40:5B:36:37:4D:42:98:68:60:49:37:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uxkNECrJYDtAWzY3TUKYaGBJN68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/XI-nO_c_uux6JYjNOckU772QxNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6369e6-2304-4922-afdf-e93e2eba69b9/1/uxkNECrJYDtAWzY3TUKYaGBJN68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.208.0/22
185.148.16.0/22
IPv6:
2a05:6d40::/29
2a07:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
b3:bb:67:88:a4:9d:9d:ec:3c:c0:07:05:0f:68:c4:a4:b7:37:
21:58:8b:67:c5:e1:20:4c:2a:4e:24:e7:48:68:01:3f:f8:be:
7c:38:07:e2:20:d5:f7:03:c4:79:51:4c:32:4e:32:b3:08:4d:
3f:bb:4b:c6:db:3e:28:1a:98:cd:a9:75:37:4e:ab:67:c4:2d:
45:37:2d:ef:82:3e:f4:64:10:c8:73:ee:da:80:67:2f:c4:6a:
cd:04:b6:f1:3e:ef:22:87:1b:83:7a:dc:8f:11:0f:cd:ab:37:
b4:82:27:f7:e2:48:a2:ba:5b:f6:bf:4e:b2:3a:df:dd:86:68:
cd:14:b7:97:9d:82:e6:ce:31:28:ea:a3:9d:09:ce:d2:eb:8b:
89:57:ad:2d:d5:ef:3b:a1:56:3a:e5:cc:5c:c5:2f:13:82:c9:
7a:a3:6a:aa:52:33:61:7e:c9:01:b3:b0:58:6e:eb:1f:7e:c7:
3a:e4:b6:c1:3b:d1:97:ae:fe:b4:1b:9a:c4:0d:58:02:44:ae:
1b:f8:ee:00:d4:0c:9f:e1:18:d1:0f:3d:7d:9b:52:ef:a0:c8:
bd:d4:63:4f:14:97:d2:bb:cb:67:ea:45:9a:e5:e2:96:66:ab:
af:fb:57:a3:c2:16:0e:f2:76:d3:ca:2b:cc:e5:66:c6:87:78:
11:cf:7c:a6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlMDU1k1bO8zXe4cslzBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMTkwZDEwMmFjOTYwM2I0MDViMzYzNzRkNDI5ODY4NjA0
OTM3YWYwHhcNMjQwMTAyMDAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzhmYTczYmY3M2ZiYWVjN2EyNTg4Y2QzOWM5MTRlZmJkOTBjNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu1soQQOKZmaCWL8oi9CHVdQlTeW
I8+H5qA6uMEyEG820SUfpFTVzy2usrzCcCZs2X7D8QpC0xj3El3BVvqXB2TN1kU9
BzZVUUlu2K1EA+NaX46ymGuSlQxbayI3cfulA5L/A4wmRFxOkGBOTJ8wVX8zJ1X5
0bBjD4dicHiDbLL6UZEg9M6x9oOLALCXPRX7wZ5MXbGZMDxIZ4ibScCIckvzth5s
pODjQ4ZnL6c0fOfztfJxDqAZ4qoI35TflkiYMPzkRjislqRMghTHT5J+K0zmlCcn
HSC2WIDPRzU2KVDptDNiTm3Exe9gmB1r08qPKBU4396uPKMdYGAYGKg1VQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFyPpzv3P7rseiWIzTnJFO+9kMTXMB8GA1UdIwQY
MBaAFLsZDRAqyWA7QFs2N01CmGhgSTevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXhrTkVDckpZRHRBV3pZM1RVS1lhR0JKTjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MzY5ZTYtMjMwNC00OTIyLWFmZGYt
ZTkzZTJlYmE2OWI5LzEvWEktbk9fY191dXg2SllqTk9ja1U3NzJReE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MzY5ZTYtMjMwNC00OTIyLWFmZGYtZTkzZTJlYmE2OWI5
LzEvdXhrTkVDckpZRHRBV3pZM1RVS1lhR0JKTjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuU7QAwQC
uZQQMBQEAgACMA4DBQMqBW1AAwUDKgdbgDANBgkqhkiG9w0BAQsFAAOCAQEAs7tn
iKSdnew8wAcFD2jEpLc3IViLZ8XhIEwqTiTnSGgBP/i+fDgH4iDV9wPEeVFMMk4y
swhNP7tLxts+KBqYzal1N06rZ8QtRTct74I+9GQQyHPu2oBnL8RqzQS28T7vIocb
g3rcjxEPzas3tIIn9+JIorpb9r9Osjrf3YZozRS3l52C5s4xKOqjnQnO0uuLiVet
LdXvO6FWOuXMXMUvE4LJeqNqqlIzYX7JAbOwWG7rH37HOuS2wTvRl67+tBuaxA1Y
AkSuG/juANQMn+EY0Q89fZtS76DIvdRjTxSX0rvLZ+pFmuXilmarr/tXo8IWDvJ2
08orzOVmxod4Ec98pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:04 2024 by rpki-client on console-ams.rpki-client.org