Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xrcGUBY9oEju-NC5Tcrre76hZ6w.roa
File: xrcGUBY9oEju-NC5Tcrre76hZ6w.roa (raw, json)
Hash identifier: pMCHGFmBlOfMfpIxA/hShIMXPt/IV0XbaQ7ensBN80E=
Subject key identifier: C6:B7:06:50:16:3D:A0:48:EE:F8:D0:B9:4D:CA:EB:7B:BE:A1:67:AC
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0185A116327131BD5B11B827CF3590BA330D
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xrcGUBY9oEju-NC5Tcrre76hZ6w.roa
Signing time: Wed 11 Jan 2023 13:47:44 +0000
ROA not before: Wed 11 Jan 2023 13:47:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43350
IP address blocks: 85.122.82.0/24 maxlen: 24
85.122.112.0/23 maxlen: 24
194.102.168.0/22 maxlen: 24
85.120.12.0/23 maxlen: 24
217.156.84.0/24 maxlen: 24
194.102.218.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jan 2023 07:35:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:16:32:71:31:bd:5b:11:b8:27:cf:35:90:ba:33:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 11 13:47:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6b70650163da048eef8d0b94dcaeb7bbea167ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:7b:5a:1d:81:ad:55:a8:be:be:a3:aa:9d:
b6:b8:60:3f:c2:a6:02:2b:1d:1f:8d:aa:f7:f9:f5:
ad:b3:98:3d:f4:f8:c9:7d:91:b0:5b:99:cd:7c:8c:
1a:b4:98:5f:ad:48:d3:a1:4f:c6:d0:2a:7d:3f:b5:
64:7c:98:4a:1e:5a:21:0e:ec:7f:4d:b9:7e:00:20:
5c:a3:59:b2:5a:3b:e4:20:84:a3:5f:96:e6:9f:f8:
31:7f:67:ee:6f:54:e3:0f:6a:ca:58:af:cc:a1:ec:
68:00:eb:e2:2e:6b:e8:61:a2:31:98:fa:90:52:85:
3c:89:cd:67:b0:e9:c7:42:da:b6:8f:83:0d:6a:c2:
bc:e5:47:44:0c:73:92:b6:2d:aa:5e:ff:fd:8f:19:
be:f2:9d:97:cd:0a:a4:61:b4:1a:84:78:7b:12:7c:
d8:dd:68:8f:b1:c0:8d:bf:e3:60:52:4e:6f:5d:be:
89:ba:93:dc:fd:a6:97:8b:bb:10:46:06:3a:9b:ca:
0c:55:f6:84:66:b3:a3:cc:1f:a6:f6:a3:7b:37:f2:
62:93:58:c1:61:d2:4b:aa:ae:f6:91:7d:9c:58:34:
b8:5a:00:4f:07:99:1b:8b:76:56:f3:55:8d:c5:0e:
ef:00:31:0b:cd:3f:42:79:08:a4:0c:27:1c:9e:ae:
67:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B7:06:50:16:3D:A0:48:EE:F8:D0:B9:4D:CA:EB:7B:BE:A1:67:AC
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xrcGUBY9oEju-NC5Tcrre76hZ6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.12.0/23
85.122.82.0/24
85.122.112.0/23
194.102.168.0/22
194.102.218.0/24
217.156.84.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:0a:e1:bc:9e:d4:5c:01:68:d3:9e:fc:30:88:14:a1:97:81:
53:24:45:7e:5b:7e:1d:3b:65:69:07:f1:e1:af:6f:31:36:e1:
b8:ae:1c:9f:71:b3:66:e8:09:0c:9d:c9:88:ab:1b:a5:e1:69:
a9:90:ee:16:2c:bc:2f:ec:81:c6:0b:59:85:2e:e9:a4:45:81:
3d:33:1a:55:9f:42:ac:fc:25:0c:1d:62:ce:a2:e2:22:ef:5a:
c8:bc:41:66:82:12:0b:d5:93:bd:31:98:f8:e9:34:0c:1d:67:
d6:9d:cb:c0:37:1b:8a:f8:63:cc:09:3e:71:e7:85:e3:9c:9a:
af:d6:d7:05:1a:61:2a:0f:ca:78:b3:03:d0:36:de:20:f4:ac:
f7:64:3b:4c:2c:a9:f4:d5:a9:ff:bb:72:08:0f:d8:94:1f:be:
a0:f4:bf:b7:3f:dc:b6:fe:c5:f7:5e:5a:6f:4d:9f:5b:77:15:
87:49:ff:81:5b:c2:31:4b:0a:e8:61:8b:4e:ac:66:df:ca:7f:
3a:b9:c1:07:81:ca:0b:d6:dc:25:84:51:d0:b8:28:e4:ee:d1:
57:28:1f:cb:ae:a3:90:ea:bf:8d:5c:f6:38:89:aa:d8:35:d6:
1b:7a:b1:ef:f6:2b:de:9b:cd:0f:0f:fa:ae:f6:c9:25:7b:6e:
20:b6:65:df
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWhFjJxMb1bEbgnzzWQujMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTExMTM0NzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmI3MDY1MDE2M2RhMDQ4ZWVmOGQwYjk0ZGNhZWI3YmJlYTE2N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstB7Wh2BrVWovr6jqp22uGA/wqYC
Kx0fjar3+fWts5g99PjJfZGwW5nNfIwatJhfrUjToU/G0Cp9P7VkfJhKHlohDux/
Tbl+ACBco1myWjvkIISjX5bmn/gxf2fub1TjD2rKWK/MoexoAOviLmvoYaIxmPqQ
UoU8ic1nsOnHQtq2j4MNasK85UdEDHOSti2qXv/9jxm+8p2XzQqkYbQahHh7EnzY
3WiPscCNv+NgUk5vXb6JupPc/aaXi7sQRgY6m8oMVfaEZrOjzB+m9qN7N/Jik1jB
YdJLqq72kX2cWDS4WgBPB5kbi3ZW81WNxQ7vADELzT9CeQikDCccnq5nqwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMa3BlAWPaBI7vjQuU3K63u+oWesMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEveHJjR1VCWTlvRWp1LU5DNVRjcnJlNzZoWjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVXgMAwQA
VXpSAwQBVXpwAwQCwmaoAwQAwmbaAwQA2ZxUAwQA2ZxgMA0GCSqGSIb3DQEBCwUA
A4IBAQCxCuG8ntRcAWjTnvwwiBShl4FTJEV+W34dO2VpB/Hhr28xNuG4rhyfcbNm
6AkMncmIqxul4WmpkO4WLLwv7IHGC1mFLumkRYE9MxpVn0Ks/CUMHWLOouIi71rI
vEFmghIL1ZO9MZj46TQMHWfWncvANxuK+GPMCT5x54XjnJqv1tcFGmEqD8p4swPQ
Nt4g9Kz3ZDtMLKn01an/u3IID9iUH76g9L+3P9y2/sX3XlpvTZ9bdxWHSf+BW8Ix
SwroYYtOrGbfyn86ucEHgcoL1twlhFHQuCjk7tFXKB/LrqOQ6r+NXPY4iarYNdYb
erHv9ivem80PD/qu9skle24gtmXf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:06 2024 by rpki-client on console-ams.rpki-client.org