Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/xNsmA2Q5pnIccs-ZPjvLfV4PXJ8.roa
File: xNsmA2Q5pnIccs-ZPjvLfV4PXJ8.roa (raw, json)
Hash identifier: 40kBqqbGCHHTtao1JewOjNkAALv/prqW24FYHvyxmfQ=
Subject key identifier: C4:DB:26:03:64:39:A6:72:1C:72:CF:99:3E:3B:CB:7D:5E:0F:5C:9F
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 01856EB8EFCF040D28B335AEC3BC9F6EC2C2
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/xNsmA2Q5pnIccs-ZPjvLfV4PXJ8.roa
Signing time: Sun 01 Jan 2023 19:04:51 +0000
ROA not before: Sun 01 Jan 2023 19:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201382
IP address blocks: 213.208.171.0/24 maxlen: 24
85.91.105.0/24 maxlen: 24
85.91.107.0/24 maxlen: 24
85.91.108.0/22 maxlen: 22
85.91.108.0/24 maxlen: 24
85.91.123.0/24 maxlen: 24
84.47.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 11:17:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:ef:cf:04:0d:28:b3:35:ae:c3:bc:9f:6e:c2:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Jan 1 19:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4db26036439a6721c72cf993e3bcb7d5e0f5c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d7:22:89:6e:55:20:dc:ca:51:f3:03:df:ae:
fa:83:e2:d7:4c:94:4a:6d:08:52:7b:b1:dc:21:89:
97:93:5c:7a:61:6b:81:af:5e:d6:e2:b2:a4:ac:6d:
f2:ca:b7:77:41:2e:63:12:36:ee:8e:38:05:2a:25:
3a:4a:ed:0c:99:0a:78:e7:34:bf:df:6f:f0:86:04:
a6:3d:d9:da:df:32:65:4e:24:b5:ee:8c:40:e8:28:
a9:0a:f5:7a:79:dc:24:24:b1:63:76:e3:4b:55:e6:
d2:c5:1a:12:c4:5e:ab:21:af:1e:ac:c8:b0:f5:80:
8c:0b:a8:cb:85:93:38:3b:ae:a0:50:f5:2f:01:a7:
d4:e8:00:f7:c0:2e:17:d0:4c:5b:eb:67:dc:08:25:
40:c5:15:83:f2:ae:8f:4c:7e:91:9e:2d:57:0b:69:
6d:66:74:4a:3c:02:f6:ec:4e:e6:aa:4a:7e:c0:c8:
99:3c:3c:bc:c9:ca:f9:ec:fe:65:9b:ee:5b:12:53:
43:7f:82:5b:5e:90:08:1b:50:60:d5:e8:5e:df:0b:
79:6a:75:fc:79:e5:70:00:57:42:fb:c8:c1:4c:e0:
7a:78:1f:ac:da:4b:97:45:85:ed:cf:f1:cc:47:6c:
79:41:e1:64:00:ca:52:66:98:54:f1:8b:10:1d:5c:
cd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DB:26:03:64:39:A6:72:1C:72:CF:99:3E:3B:CB:7D:5E:0F:5C:9F
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/xNsmA2Q5pnIccs-ZPjvLfV4PXJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.189.0/24
85.91.105.0/24
85.91.107.0-85.91.111.255
85.91.123.0/24
213.208.171.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b3:d0:28:97:bb:e9:5e:2e:e7:9f:44:75:23:45:ae:b9:91:
18:72:6d:2e:14:c5:d8:90:98:71:6d:91:c8:53:95:2c:ea:29:
a2:41:bf:75:54:ef:c3:63:c4:bc:75:b8:79:73:69:67:7d:f0:
fe:cf:59:ee:5f:e5:b3:1a:5d:c3:41:e5:c9:7e:7b:64:85:d9:
a3:41:9e:a4:cb:5d:f1:e4:09:0b:79:01:45:50:8e:4d:5b:97:
e6:d9:15:a9:ac:1a:b8:d2:17:a3:c6:68:83:fa:8e:fe:48:1f:
c2:dd:ed:e9:f6:26:4a:e6:f9:c4:0c:70:1f:c4:6c:d0:97:b9:
23:f9:c0:05:c4:fa:66:69:a4:de:fc:a4:d3:d2:42:f8:19:5e:
4b:66:e9:ee:ba:1f:ec:e6:b6:43:3f:bf:ed:1e:fe:b5:d5:0c:
64:6c:62:a3:3c:08:68:19:7d:ea:66:0f:09:11:c5:4e:d6:12:
29:50:cc:57:78:ee:fd:c9:fb:a5:75:83:70:3a:bc:41:53:a8:
68:17:bf:ac:1b:48:60:30:c5:bb:33:44:4d:d8:8e:3f:82:ed:
67:d2:3c:37:53:7a:45:34:f6:38:63:ca:7c:fe:e5:ea:23:d9:
23:f7:fb:6c:ae:f0:11:9c:25:93:09:cc:b1:ae:54:68:a6:71:
cf:32:ad:fb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuuO/PBA0oszWuw7yfbsLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjMwMTAxMTkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRiMjYwMzY0MzlhNjcyMWM3MmNmOTkzZTNiY2I3ZDVlMGY1YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNciiW5VINzKUfMD3676g+LXTJRK
bQhSe7HcIYmXk1x6YWuBr17W4rKkrG3yyrd3QS5jEjbujjgFKiU6Su0MmQp45zS/
32/whgSmPdna3zJlTiS17oxA6CipCvV6edwkJLFjduNLVebSxRoSxF6rIa8erMiw
9YCMC6jLhZM4O66gUPUvAafU6AD3wC4X0Exb62fcCCVAxRWD8q6PTH6Rni1XC2lt
ZnRKPAL27E7mqkp+wMiZPDy8ycr57P5lm+5bElNDf4JbXpAIG1Bg1ehe3wt5anX8
eeVwAFdC+8jBTOB6eB+s2kuXRYXtz/HMR2x5QeFkAMpSZphU8YsQHVzNywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMTbJgNkOaZyHHLPmT47y31eD1yfMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEveE5zbUEyUTVwbkljY3MtWlBqdkxmVjRQWEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVC+9AwQA
VVtpMAwDBABVW2sDBARVW2ADBABVW3sDBADV0KswDQYJKoZIhvcNAQELBQADggEB
AH2z0CiXu+leLuefRHUjRa65kRhybS4UxdiQmHFtkchTlSzqKaJBv3VU78NjxLx1
uHlzaWd98P7PWe5f5bMaXcNB5cl+e2SF2aNBnqTLXfHkCQt5AUVQjk1bl+bZFams
GrjSF6PGaIP6jv5IH8Ld7en2Jkrm+cQMcB/EbNCXuSP5wAXE+mZppN78pNPSQvgZ
Xktm6e66H+zmtkM/v+0e/rXVDGRsYqM8CGgZfepmDwkRxU7WEilQzFd47v3J+6V1
g3A6vEFTqGgXv6wbSGAwxbszRE3Yjj+C7WfSPDdTekU09jhjynz+5eoj2SP3+2yu
8BGcJZMJzLGuVGimcc8yrfs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:21 2024 by rpki-client on console-ams.rpki-client.org