Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/xWM9pBMy1VmELg9irqj9cOfa8QQ.roa
File: xWM9pBMy1VmELg9irqj9cOfa8QQ.roa (raw, json)
Hash identifier: vB6KsGZen03VPCeTgfDwcFEFZFLXkp8HDAcCjgaMmxE=
Subject key identifier: C5:63:3D:A4:13:32:D5:59:84:2E:0F:62:AE:A8:FD:70:E7:DA:F1:04
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01856CE61AD35DF1C2A6C6508E1DCEC2683D
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/xWM9pBMy1VmELg9irqj9cOfa8QQ.roa
Signing time: Sun 01 Jan 2023 10:34:57 +0000
ROA not before: Sun 01 Jan 2023 10:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 37.221.92.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
45.131.111.0/24 maxlen: 24
45.131.108.0/24 maxlen: 24
5.253.246.0/24 maxlen: 24
92.118.207.0/24 maxlen: 24
45.142.104.0/24 maxlen: 24
45.142.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 19:18:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:1a:d3:5d:f1:c2:a6:c6:50:8e:1d:ce:c2:68:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 1 10:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5633da41332d559842e0f62aea8fd70e7daf104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c1:70:0a:e9:9b:37:aa:4d:a6:5d:e4:eb:d2:
ae:6a:45:07:ef:d9:3d:b5:36:4a:48:f3:df:49:da:
ae:da:aa:86:62:71:62:6d:ce:6c:63:2a:0e:dc:0b:
d5:61:db:f5:e9:e5:3e:11:1c:12:d5:f4:ab:63:a9:
3f:77:0c:5e:5f:ec:d3:7b:e6:a2:07:73:2f:8d:a4:
aa:ed:45:33:d7:53:ee:d0:0f:c7:05:20:bc:3d:d9:
dc:e3:66:fb:50:04:e1:04:48:33:07:d5:46:5f:66:
ce:69:d2:d2:5b:09:6e:7f:e3:1f:93:ee:6e:09:79:
1d:03:e9:5a:5d:8b:c0:d3:d1:81:e4:62:a4:eb:49:
18:27:3c:f7:48:61:9e:73:cb:05:38:1d:c9:0a:6d:
b0:31:6a:6b:6a:d8:a3:4b:8f:52:1a:66:0a:0d:5b:
a1:f6:4a:2e:af:b5:2e:e1:f3:26:d2:78:e0:48:e8:
09:8f:c1:46:af:81:65:1f:2f:67:07:c3:f6:51:5f:
36:55:ee:1e:32:f2:f8:f5:74:cd:c4:d5:84:a7:54:
f9:13:be:59:d4:64:76:ed:bb:f3:20:41:4c:0b:d3:
ee:f1:96:50:e0:a0:7e:00:08:be:6e:43:42:08:bd:
e8:73:c9:b0:ed:f3:a2:e7:a3:9f:b2:1a:58:66:0e:
8c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:63:3D:A4:13:32:D5:59:84:2E:0F:62:AE:A8:FD:70:E7:DA:F1:04
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/xWM9pBMy1VmELg9irqj9cOfa8QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.246.0/24
37.221.92.0/24
45.13.227.0/24
45.131.108.0/24
45.131.111.0/24
45.142.104.0/24
45.142.107.0/24
92.118.207.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:0e:ce:41:eb:c9:fc:b6:fc:f7:c5:8a:9e:52:20:ea:61:52:
aa:aa:a2:ad:db:85:df:fb:5c:ce:af:ec:ae:c9:54:26:24:5b:
3e:f2:fa:2d:98:1e:9c:02:7a:ed:f2:b8:90:17:45:6d:4a:15:
87:23:a3:03:dd:8c:71:57:9c:88:4e:33:39:c9:42:15:f0:37:
f4:07:78:85:36:ff:56:a7:97:24:95:17:4b:25:21:7a:cb:9e:
06:4d:84:b4:54:cc:ca:50:a6:3c:83:5d:83:55:76:12:2c:ab:
b6:9f:94:2b:46:58:4e:59:9a:a2:57:6e:2e:83:16:3d:e8:7b:
1b:7e:78:66:42:b3:da:36:59:58:d3:4c:b6:43:cd:07:f0:d6:
6b:31:0d:d5:06:85:22:9b:0a:8e:03:b6:34:31:c5:c8:77:89:
3e:03:7d:34:31:83:b1:2b:45:ec:d0:0c:bc:09:f3:84:8a:57:
8f:fe:83:16:e5:9e:42:47:38:a6:3f:eb:f9:4f:b8:55:75:60:
15:72:69:b3:af:db:9e:a8:60:71:90:30:ec:1d:8d:05:72:64:
16:00:da:1a:16:e4:fe:69:6f:1f:5f:d4:5f:8d:69:85:94:c5:
9c:29:e9:2b:f2:81:de:56:62:28:cf:71:b5:46:38:ce:d3:1a:
cc:31:ed:59
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVs5hrTXfHCpsZQjh3Owmg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTYzM2RhNDEzMzJkNTU5ODQyZTBmNjJhZWE4ZmQ3MGU3ZGFmMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8FwCumbN6pNpl3k69KuakUH79k9
tTZKSPPfSdqu2qqGYnFibc5sYyoO3AvVYdv16eU+ERwS1fSrY6k/dwxeX+zTe+ai
B3MvjaSq7UUz11Pu0A/HBSC8Pdnc42b7UAThBEgzB9VGX2bOadLSWwluf+Mfk+5u
CXkdA+laXYvA09GB5GKk60kYJzz3SGGec8sFOB3JCm2wMWpratijS49SGmYKDVuh
9kour7Uu4fMm0njgSOgJj8FGr4FlHy9nB8P2UV82Ve4eMvL49XTNxNWEp1T5E75Z
1GR27bvzIEFMC9Pu8ZZQ4KB+AAi+bkNCCL3oc8mw7fOi56OfshpYZg6MdwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMVjPaQTMtVZhC4PYq6o/XDn2vEEMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEveFdNOXBCTXkxVm1FTGc5aXJxajljT2ZhOFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABf32AwQA
Jd1cAwQALQ3jAwQALYNsAwQALYNvAwQALY5oAwQALY5rAwQAXHbPAwQAuXUDMA0G
CSqGSIb3DQEBCwUAA4IBAQB7Ds5B68n8tvz3xYqeUiDqYVKqqqKt24Xf+1zOr+yu
yVQmJFs+8votmB6cAnrt8riQF0VtShWHI6MD3YxxV5yITjM5yUIV8Df0B3iFNv9W
p5cklRdLJSF6y54GTYS0VMzKUKY8g12DVXYSLKu2n5QrRlhOWZqiV24ugxY96Hsb
fnhmQrPaNllY00y2Q80H8NZrMQ3VBoUimwqOA7Y0McXId4k+A300MYOxK0Xs0Ay8
CfOEileP/oMW5Z5CRzimP+v5T7hVdWAVcmmzr9ueqGBxkDDsHY0FcmQWANoaFuT+
aW8fX9RfjWmFlMWcKekr8oHeVmIoz3G1RjjO0xrMMe1Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org