Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/XBtK3vVJxu3nzas6JZH-MPOdYgY.roa
File: XBtK3vVJxu3nzas6JZH-MPOdYgY.roa (raw, json)
Hash identifier: nz+f+TiWTxlFE1fiXi8aehqJoDcBcDivSSGAnoG7xLs=
Subject key identifier: 5C:1B:4A:DE:F5:49:C6:ED:E7:CD:AB:3A:25:91:FE:30:F3:9D:62:06
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018EFD568263553EE1215A437C67ECF6C7B3
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/XBtK3vVJxu3nzas6JZH-MPOdYgY.roa
Signing time: Sat 20 Apr 2024 21:08:08 +0000
ROA not before: Sat 20 Apr 2024 21:08:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.168.28.0/22 maxlen: 22
185.201.136.0/22 maxlen: 22
2a06:b3c0::/29 maxlen: 29
2a06:b440::/29 maxlen: 29
2a06:cac0::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:f140::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6740::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
2a12:8ec0::/29 maxlen: 29
2a12:ccc0::/29 maxlen: 29
2a12:d3c0::/29 maxlen: 29
2a12:e240::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 May 2024 17:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fd:56:82:63:55:3e:e1:21:5a:43:7c:67:ec:f6:c7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Apr 20 21:08:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1b4adef549c6ede7cdab3a2591fe30f39d6206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ae:03:6f:08:c3:de:82:8a:b0:fb:37:fc:9b:
17:b0:8f:58:a5:c0:1c:a4:98:e4:9f:0f:83:de:0f:
be:44:95:72:d9:0c:90:be:14:1c:44:2d:ad:dd:a0:
bf:5f:9e:1b:84:85:06:27:45:59:2a:17:68:2b:e9:
02:5f:40:c9:88:a7:27:fb:64:49:58:44:25:98:da:
4b:d2:73:ce:77:ce:a2:12:f5:c8:6b:91:76:f7:fb:
70:83:a2:16:44:5f:df:f8:e9:2a:af:85:65:ee:c2:
50:e8:57:9f:16:53:00:55:a2:88:d3:f9:8c:f7:6d:
0b:a0:b5:f2:0a:d3:5e:59:a2:37:06:96:3c:5e:d5:
ee:09:a9:ed:7a:76:a9:58:42:8c:6d:9d:e0:27:55:
c9:77:4f:92:0a:29:50:45:79:0b:14:5d:c9:a4:92:
66:50:2f:27:7f:85:a0:8d:b6:cd:d3:18:8a:72:36:
19:99:53:8d:71:62:fe:68:2f:c5:27:0e:d3:b3:d9:
81:f4:c8:af:f5:7a:66:a5:3f:a0:ad:4c:36:15:1a:
ab:2d:74:7e:9e:60:c8:e1:29:7c:65:e5:98:42:75:
21:ff:04:29:23:c8:96:f4:94:28:80:ee:ad:a6:2a:
61:c5:d0:46:38:ac:77:80:e5:8d:8b:7e:0a:2a:da:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1B:4A:DE:F5:49:C6:ED:E7:CD:AB:3A:25:91:FE:30:F3:9D:62:06
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/XBtK3vVJxu3nzas6JZH-MPOdYgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.28.0/22
185.201.136.0/22
IPv6:
2a06:b3c0::/29
2a06:b440::/29
2a06:cac0::/29
2a0f:d480::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:7240::/29
2a11:9600::/29
2a11:f140::/29
2a12:440::/29
2a12:28c0::/29
2a12:6640::/29
2a12:6740::/29
2a12:6f40::/29
2a12:7740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
2a12:f0c0::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
29:90:db:9d:d7:e1:8e:45:f7:6d:e4:a3:25:19:ec:78:bf:fd:
df:8b:0f:f6:33:ea:28:62:fe:66:ce:8e:6d:43:35:b5:8b:22:
b6:12:e2:d7:1f:72:d2:66:82:22:81:4f:08:eb:8e:a4:98:cc:
8e:90:b4:7f:e3:c5:42:d4:a2:b5:e0:d5:82:7b:6f:9a:84:9c:
4c:16:e9:99:21:22:b3:72:be:c8:7b:f3:d1:11:59:be:cf:c6:
8e:1d:68:96:29:81:fb:6f:d9:24:d0:2d:98:ac:fa:18:8a:9a:
ce:4d:41:01:8a:98:f6:6e:7b:d4:0d:dd:f6:af:6c:8f:96:38:
89:a1:07:ef:6e:b8:be:ff:7f:d1:7e:a6:7b:37:d4:36:d3:4f:
55:0a:04:19:48:85:eb:cf:6e:94:9b:fa:93:ab:dd:ad:20:bd:
f7:a2:80:39:b6:f7:f5:19:a1:9f:ff:eb:35:12:25:fd:d3:78:
c6:64:51:1a:95:83:cf:a3:74:96:52:d6:f2:4d:fe:b2:3b:be:
de:cf:7f:66:40:c2:93:b4:e7:97:f4:ab:14:55:6f:4a:49:eb:
ae:e0:32:3c:48:0a:7b:86:ba:bc:77:7c:64:ad:44:ac:a3:79:
cb:3f:54:41:5e:1d:ff:48:d2:05:b7:e5:79:cb:e5:81:ab:40:
0d:c3:10:9a
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAY79VoJjVT7hIVpDfGfs9sezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNDIwMjEwODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFiNGFkZWY1NDljNmVkZTdjZGFiM2EyNTkxZmUzMGYzOWQ2MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo64DbwjD3oKKsPs3/JsXsI9YpcAc
pJjknw+D3g++RJVy2QyQvhQcRC2t3aC/X54bhIUGJ0VZKhdoK+kCX0DJiKcn+2RJ
WEQlmNpL0nPOd86iEvXIa5F29/twg6IWRF/f+Okqr4Vl7sJQ6FefFlMAVaKI0/mM
920LoLXyCtNeWaI3BpY8XtXuCantenapWEKMbZ3gJ1XJd0+SCilQRXkLFF3JpJJm
UC8nf4WgjbbN0xiKcjYZmVONcWL+aC/FJw7Ts9mB9Miv9XpmpT+grUw2FRqrLXR+
nmDI4Sl8ZeWYQnUh/wQpI8iW9JQogO6tpiphxdBGOKx3gOWNi34KKtovBwIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFFwbSt71Scbt582rOiWR/jDznWIGMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvWEJ0SzN2Vkp4dTNuemFzNkpaSC1NUE9kWWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTASBAIAATAMAwQCuagc
AwQCucmIMIG2BAIAAjCBrwMFAyoGs8ADBQMqBrRAAwUDKgbKwAMFAyoP1IADBQMq
ES9AAwUDKhE7QAMFAyoRckADBQMqEZYAAwUDKhHxQAMFAyoSBEADBQMqEijAAwUD
KhJmQAMFAyoSZ0ADBQMqEm9AAwUDKhJ3QAMFAyoSjsADBQMqEszAAwUDKhLTwAMF
AyoS4kADBQMqEvDAAwUDKhQAwAMFAyoUAUADBQMqFAHAAwUDKhQIAAMFAyoUD0Aw
DQYJKoZIhvcNAQELBQADggEBACmQ253X4Y5F923koyUZ7Hi//d+LD/Yz6ihi/mbO
jm1DNbWLIrYS4tcfctJmgiKBTwjrjqSYzI6QtH/jxULUorXg1YJ7b5qEnEwW6Zkh
IrNyvsh789ERWb7Pxo4daJYpgftv2STQLZis+hiKms5NQQGKmPZue9QN3favbI+W
OImhB+9uuL7/f9F+pns31DbTT1UKBBlIhevPbpSb+pOr3a0gvfeigDm29/UZoZ//
6zUSJf3TeMZkURqVg8+jdJZS1vJN/rI7vt7Pf2ZAwpO055f0qxRVb0pJ667gMjxI
CnuGurx3fGStRKyjecs/VEFeHf9I0gW35XnL5YGrQA3DEJo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org