Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/XSJ2kzsu7D7QD1Q5VB6J-L79lZg.roa
File: XSJ2kzsu7D7QD1Q5VB6J-L79lZg.roa (raw, json)
Hash identifier: oIvzWpVHeGfyL3lvxe4Mu+vohSlpF1osa4Gs7oaPerI=
Subject key identifier: 5D:22:76:93:3B:2E:EC:3E:D0:0F:54:39:54:1E:89:F8:BE:FD:95:98
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 018977C3078667DE84F3F9A6491475CA0B01
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/XSJ2kzsu7D7QD1Q5VB6J-L79lZg.roa
Signing time: Fri 21 Jul 2023 09:23:37 +0000
ROA not before: Fri 21 Jul 2023 09:23:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.102.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 11:47:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:c3:07:86:67:de:84:f3:f9:a6:49:14:75:ca:0b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Jul 21 09:23:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d2276933b2eec3ed00f5439541e89f8befd9598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:a3:6b:1f:bf:d4:2c:82:f7:13:4a:78:64:
45:6a:b7:e2:e5:c7:41:c7:90:61:c3:d5:2f:29:7f:
be:bf:fc:cc:9f:9e:35:54:83:19:b4:e1:cb:d8:dd:
e9:d2:24:0d:f8:69:32:e2:df:05:69:ab:d4:56:c6:
38:25:bd:23:d3:18:6c:36:d0:1b:32:83:37:4d:e1:
60:7b:29:70:1d:2e:d4:78:12:27:1c:15:ef:26:fc:
07:7e:84:50:76:90:b7:fb:47:8d:f2:05:45:cb:ea:
37:c3:bd:f5:49:b9:53:5d:9f:67:fe:1c:cc:8c:ba:
91:aa:32:66:d2:f1:a2:0f:1a:ee:04:0c:48:4b:e0:
8e:5b:4c:a3:31:65:8d:80:00:83:70:4f:e9:a5:46:
68:3d:a5:f8:94:86:cc:48:50:33:11:1b:92:0d:9c:
ab:d0:74:d2:90:f4:e6:4b:f7:0f:da:30:16:55:12:
a2:36:79:dd:54:8a:f9:6e:64:9e:ea:d2:5c:32:64:
14:de:51:55:ab:d9:15:91:fa:22:3c:a1:78:c5:4c:
11:4f:4a:cd:47:4b:75:68:c7:6f:07:c5:84:24:d5:
d0:11:04:fa:d7:2e:e3:a2:00:7c:8c:0f:e5:77:07:
64:97:8a:a5:e0:ea:25:15:33:70:d4:8b:bd:1b:3c:
0c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:22:76:93:3B:2E:EC:3E:D0:0F:54:39:54:1E:89:F8:BE:FD:95:98
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/XSJ2kzsu7D7QD1Q5VB6J-L79lZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/22
Signature Algorithm: sha256WithRSAEncryption
03:4d:6b:72:a4:38:86:15:4f:93:c5:d2:6b:55:7f:31:3e:87:
a9:b4:4a:0d:98:d9:da:45:83:bb:73:74:f4:82:3d:aa:bb:c5:
14:98:0a:c5:9e:6c:f0:97:d3:da:97:b0:c4:da:6f:4d:f6:f8:
67:ad:0a:70:fe:35:c1:37:bc:00:be:30:62:e6:cf:a0:b1:08:
5c:3a:0a:80:59:44:75:ff:10:c4:70:b7:b8:7f:b6:d6:f1:a7:
2b:3b:5e:98:40:90:30:33:96:38:d7:d3:b4:41:b0:ae:de:a3:
32:aa:1e:b5:89:8f:d8:36:ab:64:c9:34:e5:bb:b1:d2:63:b9:
de:15:b6:62:e9:4f:ba:de:86:cc:a8:4b:20:33:8c:7b:3c:c4:
93:5e:a5:0e:01:82:04:b5:b5:53:b1:d5:72:0a:77:de:df:96:
bf:8e:89:3e:e2:d5:ff:3e:f4:79:f7:3b:a6:3f:5d:ec:49:06:
4a:65:89:9c:cd:14:26:66:bc:3e:cf:ed:1a:b9:96:88:c9:db:
bf:71:fd:27:de:6b:c2:32:64:5a:84:1d:2e:82:8d:95:ac:63:
03:3f:6d:7a:a8:0f:73:06:55:2f:02:90:0f:ce:8b:36:af:2b:
20:c3:bd:f2:51:ba:3d:4a:0c:a7:8b:9b:3d:c5:bf:e5:d5:51:
e5:78:65:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl3wweGZ96E8/mmSRR1ygsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjMwNzIxMDkyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIyNzY5MzNiMmVlYzNlZDAwZjU0Mzk1NDFlODlmOGJlZmQ5NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrOjax+/1CyC9xNKeGRFarfi5cdB
x5Bhw9UvKX++v/zMn541VIMZtOHL2N3p0iQN+Gky4t8FaavUVsY4Jb0j0xhsNtAb
MoM3TeFgeylwHS7UeBInHBXvJvwHfoRQdpC3+0eN8gVFy+o3w731SblTXZ9n/hzM
jLqRqjJm0vGiDxruBAxIS+COW0yjMWWNgACDcE/ppUZoPaX4lIbMSFAzERuSDZyr
0HTSkPTmS/cP2jAWVRKiNnndVIr5bmSe6tJcMmQU3lFVq9kVkfoiPKF4xUwRT0rN
R0t1aMdvB8WEJNXQEQT61y7jogB8jA/ldwdkl4ql4OolFTNw1Iu9GzwMHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0idpM7Luw+0A9UOVQeifi+/ZWYMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvWFNKMmt6c3U3RDdRRDFRNVZCNkotTDc5bFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudBkMA0G
CSqGSIb3DQEBCwUAA4IBAQADTWtypDiGFU+TxdJrVX8xPoeptEoNmNnaRYO7c3T0
gj2qu8UUmArFnmzwl9Pal7DE2m9N9vhnrQpw/jXBN7wAvjBi5s+gsQhcOgqAWUR1
/xDEcLe4f7bW8acrO16YQJAwM5Y419O0QbCu3qMyqh61iY/YNqtkyTTlu7HSY7ne
FbZi6U+63obMqEsgM4x7PMSTXqUOAYIEtbVTsdVyCnfe35a/jok+4tX/PvR59zum
P13sSQZKZYmczRQmZrw+z+0auZaIydu/cf0n3mvCMmRahB0ugo2VrGMDP216qA9z
BlUvApAPzos2rysgw73yUbo9Sgyni5s9xb/l1VHleGUF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:17 2024 by rpki-client on console-ams.rpki-client.org