Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/xzO4paD37m2yi5bCVX35b2d8le0.roa
File: xzO4paD37m2yi5bCVX35b2d8le0.roa (raw, json)
Hash identifier: hdIptm86P8LzACKy3VCKqQJqovuGd8mamMtGdNrVaoU=
Subject key identifier: C7:33:B8:A5:A0:F7:EE:6D:B2:8B:96:C2:55:7D:F9:6F:67:7C:95:ED
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018CC7935243E834E64802888D82D85C701D
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/xzO4paD37m2yi5bCVX35b2d8le0.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.224.0/22 maxlen: 22
195.180.228.0/22 maxlen: 22
194.163.192.0/20 maxlen: 22
195.180.196.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
194.64.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 25 Jan 2024 10:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:52:43:e8:34:e6:48:02:88:8d:82:d8:5c:70:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c733b8a5a0f7ee6db28b96c2557df96f677c95ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:86:48:7d:bd:52:2b:65:b5:63:91:a8:d8:87:
76:aa:5c:f4:bc:14:f0:c9:99:13:a4:b4:2c:6c:75:
2a:97:da:61:fc:cf:f4:83:fa:1a:b9:3a:26:7e:7a:
95:57:17:7d:11:88:bd:1a:49:bf:73:5c:00:83:44:
5c:90:d8:a3:70:84:0e:f4:a4:3b:e7:f0:b0:57:06:
7d:a2:c1:57:c0:7f:ef:42:e9:5d:4e:6c:3d:5e:ed:
68:ef:83:32:4d:94:bf:b8:f5:81:ce:8f:6b:3f:4d:
aa:f9:76:7d:d3:3d:bd:b1:1b:65:09:37:9e:84:dd:
3e:46:b5:ee:79:27:1b:94:4d:5d:ad:a7:ef:94:4c:
d1:fc:67:9b:5b:34:9a:19:4b:bb:ff:8b:dd:ae:0f:
9a:5f:c6:79:3c:a9:58:24:fb:42:0c:76:4e:e1:a4:
97:b4:01:db:b0:c7:25:4d:0f:2d:70:01:9f:9a:d3:
db:ae:79:cb:df:7e:89:54:a6:52:2b:d5:b0:7b:fa:
a9:1c:cb:c1:62:41:58:d8:3d:04:5d:68:2b:82:11:
a7:84:41:18:3f:49:1f:17:fd:4c:7d:41:54:c1:0e:
27:7d:9c:d4:b1:4a:20:98:47:a1:c2:ac:ba:5b:7b:
1b:c6:69:cb:65:8a:42:9a:b3:af:f5:26:94:4f:30:
4e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:33:B8:A5:A0:F7:EE:6D:B2:8B:96:C2:55:7D:F9:6F:67:7C:95:ED
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/xzO4paD37m2yi5bCVX35b2d8le0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
194.64.152.0/22
194.163.192.0/20
195.180.196.0/22
195.180.224.0/21
Signature Algorithm: sha256WithRSAEncryption
80:c1:d7:78:ff:c3:ce:b4:c7:ad:84:10:e7:b8:0f:87:52:47:
34:26:c3:ac:89:17:3c:61:8f:a7:fd:ef:49:5c:63:03:82:d1:
20:2b:34:d7:ec:e8:63:65:25:05:7e:c1:26:32:67:09:c6:58:
83:50:2b:84:34:9e:97:d5:fc:1e:28:48:ff:21:ee:fb:0b:09:
ca:fd:ab:ff:6a:bc:a9:44:44:7d:9a:1e:7a:8f:06:7c:2a:2d:
5c:b9:7e:45:ae:aa:81:45:66:ac:a8:10:f1:82:03:fd:a1:93:
a9:e7:f2:a4:a3:75:2d:f6:8f:00:be:9d:a8:44:15:55:4d:15:
8d:72:5b:c9:5f:bd:2d:56:6e:d6:f0:94:ed:69:cf:fc:93:f6:
9e:74:3d:d9:d5:9c:ec:cf:16:32:96:a9:69:4d:c9:83:e6:67:
fd:37:20:ac:60:b0:04:e4:9f:cd:98:cb:ec:be:b1:50:88:99:
84:da:e3:d4:f0:9d:50:c5:c4:13:8d:2f:b3:e7:5f:02:bc:78:
67:ee:88:cd:b1:81:42:d4:ee:48:4d:42:b3:4d:f3:e1:e7:82:
30:a5:8a:7c:7f:60:6a:67:f0:de:92:67:cc:6f:12:a5:96:53:
d8:f4:73:cb:73:c7:cc:e7:f8:77:32:48:00:58:79:3c:2b:bf:
47:84:e1:2b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHk1JD6DTmSAKIjYLYXHAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzMzYjhhNWEwZjdlZTZkYjI4Yjk2YzI1NTdkZjk2ZjY3N2M5NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoZIfb1SK2W1Y5Go2Id2qlz0vBTw
yZkTpLQsbHUql9ph/M/0g/oauTomfnqVVxd9EYi9Gkm/c1wAg0RckNijcIQO9KQ7
5/CwVwZ9osFXwH/vQuldTmw9Xu1o74MyTZS/uPWBzo9rP02q+XZ90z29sRtlCTee
hN0+RrXueScblE1drafvlEzR/GebWzSaGUu7/4vdrg+aX8Z5PKlYJPtCDHZO4aSX
tAHbsMclTQ8tcAGfmtPbrnnL336JVKZSK9Wwe/qpHMvBYkFY2D0EXWgrghGnhEEY
P0kfF/1MfUFUwQ4nfZzUsUogmEehwqy6W3sbxmnLZYpCmrOv9SaUTzBOhQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMczuKWg9+5tsouWwlV9+W9nfJXtMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEveHpPNHBhRDM3bTJ5aTViQ1ZYMzViMmQ4bGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCPopAAwQC
wkCYAwQEwqPAAwQCw7TEAwQDw7TgMA0GCSqGSIb3DQEBCwUAA4IBAQCAwdd4/8PO
tMethBDnuA+HUkc0JsOsiRc8YY+n/e9JXGMDgtEgKzTX7OhjZSUFfsEmMmcJxliD
UCuENJ6X1fweKEj/Ie77CwnK/av/arypRER9mh56jwZ8Ki1cuX5FrqqBRWasqBDx
ggP9oZOp5/Kko3Ut9o8Avp2oRBVVTRWNclvJX70tVm7W8JTtac/8k/aedD3Z1Zzs
zxYylqlpTcmD5mf9NyCsYLAE5J/NmMvsvrFQiJmE2uPU8J1QxcQTjS+z518CvHhn
7ojNsYFC1O5ITUKzTfPh54IwpYp8f2BqZ/DekmfMbxKlllPY9HPLc8fM5/h3MkgA
WHk8K79HhOEr
-----END CERTIFICATE-----
Generated at Thu Jan 25 14:57:31 2024 by rpki-client on console-fra.rpki-client.org