Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/2f380d-843f-42e2-8fb3-ce9e1b82967d/1/XKT4ta1a7lWHILlHo-PayCBqwmw.roa
File: XKT4ta1a7lWHILlHo-PayCBqwmw.roa (raw, json)
Hash identifier: R0gSZTustfQwrYOmi2PCQ7F1EZ74bVWFLCDO5G/XlKo=
Subject key identifier: 5C:A4:F8:B5:AD:5A:EE:55:87:20:B9:47:A3:E3:DA:C8:20:6A:C2:6C
Certificate issuer: /CN=840e9d038f1bc005f3b09c5dca820ad810948b3e
Certificate serial: 01856DA6632FC487EFA0CAD33F68DF9A2C62
Authority key identifier: 84:0E:9D:03:8F:1B:C0:05:F3:B0:9C:5D:CA:82:0A:D8:10:94:8B:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hA6dA48bwAXzsJxdyoIK2BCUiz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/2f380d-843f-42e2-8fb3-ce9e1b82967d/1/XKT4ta1a7lWHILlHo-PayCBqwmw.roa
Signing time: Sun 01 Jan 2023 14:04:58 +0000
ROA not before: Sun 01 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43576
IP address blocks: 91.197.145.0/24 maxlen: 24
91.197.144.0/24 maxlen: 24
91.197.144.0/22 maxlen: 22
91.197.147.0/24 maxlen: 24
91.197.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:63:2f:c4:87:ef:a0:ca:d3:3f:68:df:9a:2c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=840e9d038f1bc005f3b09c5dca820ad810948b3e
Validity
Not Before: Jan 1 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca4f8b5ad5aee558720b947a3e3dac8206ac26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fe:bc:c0:ff:c7:a8:27:f4:65:60:9f:c6:6f:
89:38:f8:33:b0:ed:a0:2b:fd:bf:c3:ef:5e:4c:61:
f8:c3:ec:07:14:f0:0c:45:d0:f9:8e:24:61:92:47:
78:a6:fc:3c:d0:86:a3:4c:bf:eb:65:c7:d9:94:a6:
0f:45:97:fc:63:7f:5c:3f:bb:d9:13:20:23:46:42:
19:f3:01:6c:1d:bd:8a:1e:57:d1:b7:e4:35:ed:28:
46:35:37:6c:fb:7a:20:b7:34:16:50:15:bc:6c:b7:
5d:27:e7:1c:d5:4b:59:6f:14:13:64:f7:5e:48:ce:
5f:ef:75:7b:d2:9a:80:16:5b:f6:52:e0:b5:88:43:
6d:eb:9d:d5:1b:d0:86:e8:92:45:cf:2c:4e:dd:ad:
d4:69:cf:7d:6d:0a:dc:ac:63:3a:0e:6e:51:01:d3:
cd:c5:5e:a1:2b:62:4a:eb:ac:59:71:40:49:ac:16:
6e:e1:35:39:2c:e6:09:70:d2:20:01:f8:05:45:e7:
2c:f8:9b:6c:44:0c:8a:c5:dd:b3:bd:1d:2c:7b:55:
c6:ad:1b:e3:3a:49:91:ac:4b:5a:dd:f6:db:38:8d:
4a:bf:2b:e3:d2:9f:fc:e4:d3:a8:b4:3b:c7:06:a0:
a2:2a:28:8a:e3:a0:76:00:1f:91:9c:a7:10:d8:6b:
e0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A4:F8:B5:AD:5A:EE:55:87:20:B9:47:A3:E3:DA:C8:20:6A:C2:6C
X509v3 Authority Key Identifier:
keyid:84:0E:9D:03:8F:1B:C0:05:F3:B0:9C:5D:CA:82:0A:D8:10:94:8B:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hA6dA48bwAXzsJxdyoIK2BCUiz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2f380d-843f-42e2-8fb3-ce9e1b82967d/1/XKT4ta1a7lWHILlHo-PayCBqwmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2f380d-843f-42e2-8fb3-ce9e1b82967d/1/hA6dA48bwAXzsJxdyoIK2BCUiz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.144.0/22
Signature Algorithm: sha256WithRSAEncryption
d5:65:ea:ff:c2:0b:9f:9e:3d:b6:0d:77:e6:ab:9c:a8:a8:b8:
15:e5:62:2a:42:66:38:06:3e:d4:20:11:30:dc:96:57:9a:a5:
f3:c0:0d:37:b1:a1:6d:94:b1:5c:74:bd:7c:54:42:a0:08:81:
07:b3:df:29:de:ec:10:22:96:ce:97:7e:30:fb:22:0b:55:40:
ee:38:bc:3f:de:6c:33:5e:a1:da:fe:b4:c9:61:f5:5c:f1:49:
c5:07:75:eb:4e:92:57:25:63:4c:47:ef:26:2d:07:6a:01:0e:
a5:42:fb:d6:a5:ce:5b:fe:fa:f4:f7:69:5b:f9:18:f7:d9:1b:
de:a6:6d:67:17:3c:6e:e0:6c:58:e1:63:76:2e:09:7e:1c:29:
42:9b:f8:ff:a8:d6:6f:59:dd:64:d7:2d:39:8f:fa:62:43:d2:
14:bc:9c:c6:6c:83:d1:6e:74:23:ec:7f:67:bf:ac:f7:43:2f:
fe:6b:12:4b:90:6c:ff:0c:a6:10:a1:cf:27:bb:72:d7:f9:b8:
9d:cc:77:d9:f7:cf:61:60:99:32:7d:32:3e:c6:22:f5:6f:6c:
84:09:b1:b9:2d:70:3d:c8:d0:b6:71:d8:eb:bf:f3:42:51:db:
98:12:3a:75:bb:a4:95:2e:91:9a:b6:06:43:5b:13:f7:27:54:
ff:43:50:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpmMvxIfvoMrTP2jfmixiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MGU5ZDAzOGYxYmMwMDVmM2IwOWM1ZGNhODIwYWQ4MTA5
NDhiM2UwHhcNMjMwMTAxMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E0ZjhiNWFkNWFlZTU1ODcyMGI5NDdhM2UzZGFjODIwNmFjMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/68wP/HqCf0ZWCfxm+JOPgzsO2g
K/2/w+9eTGH4w+wHFPAMRdD5jiRhkkd4pvw80IajTL/rZcfZlKYPRZf8Y39cP7vZ
EyAjRkIZ8wFsHb2KHlfRt+Q17ShGNTds+3ogtzQWUBW8bLddJ+cc1UtZbxQTZPde
SM5f73V70pqAFlv2UuC1iENt653VG9CG6JJFzyxO3a3Uac99bQrcrGM6Dm5RAdPN
xV6hK2JK66xZcUBJrBZu4TU5LOYJcNIgAfgFRecs+JtsRAyKxd2zvR0se1XGrRvj
OkmRrEta3fbbOI1Kvyvj0p/85NOotDvHBqCiKiiK46B2AB+RnKcQ2GvgVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyk+LWtWu5VhyC5R6Pj2sggasJsMB8GA1UdIwQY
MBaAFIQOnQOPG8AF87CcXcqCCtgQlIs+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEE2ZEE0OGJ3QVh6c0p4ZHlvSUsyQkNVaXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yZjM4MGQtODQzZi00MmUyLThmYjMt
Y2U5ZTFiODI5NjdkLzEvWEtUNHRhMWE3bFdISUxsSG8tUGF5Q0Jxd213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yZjM4MGQtODQzZi00MmUyLThmYjMtY2U5ZTFiODI5Njdk
LzEvaEE2ZEE0OGJ3QVh6c0p4ZHlvSUsyQkNVaXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8WQMA0G
CSqGSIb3DQEBCwUAA4IBAQDVZer/wgufnj22DXfmq5yoqLgV5WIqQmY4Bj7UIBEw
3JZXmqXzwA03saFtlLFcdL18VEKgCIEHs98p3uwQIpbOl34w+yILVUDuOLw/3mwz
XqHa/rTJYfVc8UnFB3XrTpJXJWNMR+8mLQdqAQ6lQvvWpc5b/vr092lb+Rj32Rve
pm1nFzxu4GxY4WN2Lgl+HClCm/j/qNZvWd1k1y05j/piQ9IUvJzGbIPRbnQj7H9n
v6z3Qy/+axJLkGz/DKYQoc8nu3LX+bidzHfZ989hYJkyfTI+xiL1b2yECbG5LXA9
yNC2cdjrv/NCUduYEjp1u6SVLpGatgZDWxP3J1T/Q1CU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:48 2024 by rpki-client on console-fra.rpki-client.org