Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/xcgXAgTYfeJ4O04Ue6NrX5Et-ZI.roa
File: xcgXAgTYfeJ4O04Ue6NrX5Et-ZI.roa (raw, json)
Hash identifier: Dswo0I473tHQ9yUgJht7hpf1i9GpPcHVZhY8Vjck9Js=
Subject key identifier: C5:C8:17:02:04:D8:7D:E2:78:3B:4E:14:7B:A3:6B:5F:91:2D:F9:92
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018AF031EC7366D6636FF761D50B7F48A8E0
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/xcgXAgTYfeJ4O04Ue6NrX5Et-ZI.roa
Signing time: Mon 02 Oct 2023 11:41:58 +0000
ROA not before: Mon 02 Oct 2023 11:41:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.94.139.0/24 maxlen: 24
45.94.136.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
45.81.160.0/24 maxlen: 24
2.56.32.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:31:ec:73:66:d6:63:6f:f7:61:d5:0b:7f:48:a8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Oct 2 11:41:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5c8170204d87de2783b4e147ba36b5f912df992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:aa:d4:42:74:fc:d4:6a:0a:90:5e:05:69:1a:
27:d1:19:91:cc:ca:4d:e3:17:e8:ed:87:08:ff:cd:
9d:d6:2b:e0:70:b8:50:ce:5d:4e:00:30:81:c6:20:
dc:99:c7:fe:3e:65:42:c1:6c:2a:47:67:20:5d:82:
b6:b0:a9:cf:d4:e6:91:b2:23:80:cd:14:31:91:f1:
0a:8b:5c:39:e8:c9:de:6b:92:aa:88:a4:4e:55:29:
a8:48:88:9a:24:0a:00:6a:1d:ca:04:58:72:fe:0c:
f0:87:bf:37:c3:f1:a2:6c:70:64:67:b8:a5:8f:30:
d9:93:9a:f5:37:7e:d2:4a:62:dc:46:ba:d2:d1:e1:
c8:b8:74:54:c6:b4:5c:50:d8:1f:17:aa:81:dd:d3:
63:e9:a9:1e:5a:e4:4f:85:27:b8:93:2e:b6:0d:62:
6e:1a:20:6e:95:0a:82:93:82:01:af:a8:f7:aa:80:
38:b9:79:b3:86:51:2f:09:7d:1a:d5:87:7f:4d:f1:
64:d0:b1:a5:af:12:16:31:0f:99:67:3a:a7:0f:ee:
82:3b:55:d0:e9:11:15:cb:8f:1b:8e:73:6f:08:ba:
c3:24:8b:fc:46:89:c4:b6:a1:6f:88:8d:11:16:e9:
b0:fe:cd:31:61:3b:30:a9:77:a4:68:42:0d:91:b0:
79:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C8:17:02:04:D8:7D:E2:78:3B:4E:14:7B:A3:6B:5F:91:2D:F9:92
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/xcgXAgTYfeJ4O04Ue6NrX5Et-ZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.32.0/22
45.81.160.0/24
45.94.136.0/24
45.94.139.0/24
185.219.161.0/24
Signature Algorithm: sha256WithRSAEncryption
25:54:70:8c:a2:5c:46:ce:93:df:5c:15:fb:99:f1:90:25:bb:
b9:eb:51:9e:cf:e1:64:5c:8b:41:6a:4e:47:5c:41:de:59:83:
aa:fe:01:3c:44:0b:98:cc:85:f4:bd:cf:c6:eb:1f:8a:c0:5e:
ab:9c:3d:64:c7:6f:3d:63:68:ec:e7:47:de:5d:b8:5b:04:bc:
fa:5a:cb:01:a5:41:74:1b:7e:02:c4:bc:32:43:14:a2:5f:b8:
2d:44:59:ca:13:e5:f4:52:fc:a1:12:a4:4f:9a:b4:f3:88:8b:
8a:1a:e8:68:4e:58:f3:c5:3b:53:06:a4:60:82:9e:6e:4b:b5:
76:52:6a:47:a6:01:5a:75:37:35:c4:c4:c4:49:0f:39:a3:e7:
a6:be:0a:2c:86:31:ec:6a:62:4a:38:f6:8e:17:14:4b:9e:c2:
0b:de:b2:05:5a:c2:6c:6e:71:bc:44:66:7f:fe:d1:69:2f:83:
29:fd:45:78:bb:0b:b6:11:4d:7f:b5:17:46:b2:7b:c6:41:8d:
06:2f:6b:59:1e:fd:46:48:5b:25:9d:4a:3b:b9:fb:e1:2d:31:
5e:81:58:c4:ef:5a:bd:ed:2f:b1:a9:df:37:86:72:60:04:f1:
c1:9b:e6:e8:d3:91:73:03:cb:5a:9e:c9:16:4f:fc:ef:30:73:
af:b3:78:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrwMexzZtZjb/dh1Qt/SKjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMxMDAyMTE0MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM4MTcwMjA0ZDg3ZGUyNzgzYjRlMTQ3YmEzNmI1ZjkxMmRmOTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqrUQnT81GoKkF4FaRon0RmRzMpN
4xfo7YcI/82d1ivgcLhQzl1OADCBxiDcmcf+PmVCwWwqR2cgXYK2sKnP1OaRsiOA
zRQxkfEKi1w56Mnea5KqiKROVSmoSIiaJAoAah3KBFhy/gzwh783w/GibHBkZ7il
jzDZk5r1N37SSmLcRrrS0eHIuHRUxrRcUNgfF6qB3dNj6akeWuRPhSe4ky62DWJu
GiBulQqCk4IBr6j3qoA4uXmzhlEvCX0a1Yd/TfFk0LGlrxIWMQ+ZZzqnD+6CO1XQ
6REVy48bjnNvCLrDJIv8RonEtqFviI0RFumw/s0xYTswqXekaEINkbB5vwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMXIFwIE2H3ieDtOFHuja1+RLfmSMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEveGNnWEFnVFlmZUo0TzA0VWU2TnJYNUV0LVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjggAwQA
LVGgAwQALV6IAwQALV6LAwQAuduhMA0GCSqGSIb3DQEBCwUAA4IBAQAlVHCMolxG
zpPfXBX7mfGQJbu561Gez+FkXItBak5HXEHeWYOq/gE8RAuYzIX0vc/G6x+KwF6r
nD1kx289Y2js50feXbhbBLz6WssBpUF0G34CxLwyQxSiX7gtRFnKE+X0UvyhEqRP
mrTziIuKGuhoTljzxTtTBqRggp5uS7V2UmpHpgFadTc1xMTESQ85o+emvgoshjHs
amJKOPaOFxRLnsIL3rIFWsJsbnG8RGZ//tFpL4Mp/UV4uwu2EU1/tRdGsnvGQY0G
L2tZHv1GSFslnUo7ufvhLTFegVjE71q97S+xqd83hnJgBPHBm+bo05FzA8tanskW
T/zvMHOvs3iW
-----END CERTIFICATE-----
Generated at Thu Oct 19 12:04:57 2023 by rpki-client on console-fra.rpki-client.org