Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/XTL_NoHjdBLjTcOj1RV2nJCYgiw.roa
File: XTL_NoHjdBLjTcOj1RV2nJCYgiw.roa (raw, json)
Hash identifier: C9VU7K2IhIeURHQbHziFgY2RH7UgMXGnkQ28DUjVuwY=
Subject key identifier: 5D:32:FF:36:81:E3:74:12:E3:4D:C3:A3:D5:15:76:9C:90:98:82:2C
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 01856D819E5ECA5CC18300E5A197E37E67AE
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/XTL_NoHjdBLjTcOj1RV2nJCYgiw.roa
Signing time: Sun 01 Jan 2023 13:24:49 +0000
ROA not before: Sun 01 Jan 2023 13:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9
IP address blocks: 188.127.37.0/24 maxlen: 24
95.141.135.0/24 maxlen: 24
188.0.131.0/24 maxlen: 24
188.0.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:9e:5e:ca:5c:c1:83:00:e5:a1:97:e3:7e:67:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 13:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d32ff3681e37412e34dc3a3d515769c9098822c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:aa:8d:26:7b:38:c5:10:59:f9:88:75:11:
c0:17:48:ce:08:23:0e:b5:e1:2b:3f:4a:a3:08:0c:
b8:27:1b:6d:11:bb:f6:fe:7a:62:9a:f1:22:9e:75:
28:fc:47:ab:3b:a3:cf:dc:16:15:5f:a7:8a:a5:f1:
b7:b6:1a:0a:51:25:fc:89:54:d8:35:f5:59:c8:9a:
3a:1a:52:bb:4d:68:72:bf:52:3b:49:20:6d:09:ce:
e0:f2:7f:72:d1:82:65:33:ac:b0:8a:45:d0:02:bd:
a3:99:60:fd:d5:71:36:05:4e:0e:8e:c3:8c:ab:00:
c8:e3:d9:3a:b8:c3:92:fa:d5:bb:df:65:a9:f2:37:
12:b5:a1:0b:4f:a8:f5:5d:58:ab:d9:42:ec:af:21:
6f:99:d4:3c:79:c1:73:3a:40:32:9d:71:1a:92:d4:
88:c5:21:a8:c4:04:08:7a:68:49:b0:0b:a9:6d:e9:
83:c9:30:41:cf:1f:ee:03:ea:a6:96:73:c9:56:9d:
5b:e5:c5:d1:6b:e2:0d:68:c0:32:b3:e9:f8:43:94:
bf:53:6b:9a:29:99:05:15:64:cd:cd:43:a1:fc:34:
1c:92:07:9a:42:9e:ee:7b:0d:ac:51:b7:f5:77:6d:
b6:46:5d:28:97:9c:76:bd:8c:dc:0a:f1:ef:fc:9c:
bc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:32:FF:36:81:E3:74:12:E3:4D:C3:A3:D5:15:76:9C:90:98:82:2C
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/XTL_NoHjdBLjTcOj1RV2nJCYgiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.135.0/24
188.0.131.0/24
188.0.144.0/24
188.127.37.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d1:51:b9:6a:90:5a:c9:d3:b2:42:1b:5d:3d:fd:7d:6d:a5:
8b:15:25:a0:aa:4d:2c:74:82:cc:93:e6:9d:cb:90:4a:b9:94:
d1:d6:e2:ea:0b:0f:4f:0c:66:8e:f6:1d:1b:74:d7:38:a0:fe:
1c:ae:42:34:bd:f8:3a:e2:d1:56:2c:88:6b:f5:57:17:a9:22:
70:11:da:e4:aa:5e:76:6d:0a:b1:b5:89:9b:28:be:53:be:89:
9e:a2:39:e7:b5:5c:31:15:36:a1:73:2c:35:52:d3:58:3e:d0:
dc:53:51:05:1e:c3:48:48:2a:1c:c8:cf:9a:dd:ca:50:75:6f:
80:08:ed:fd:fb:76:9e:b6:fa:99:94:8a:19:bb:bb:a9:a6:ae:
db:8a:81:b3:91:c9:11:57:d8:46:a7:23:10:0b:8a:5c:4d:fa:
b2:be:66:f0:3f:74:29:ea:a6:5b:81:9a:19:55:24:76:e0:4c:
66:2d:f8:56:06:5e:b1:39:aa:bf:2a:c1:36:a7:fd:51:a4:b3:
5f:a1:0b:b6:c2:9b:0a:ca:cc:b6:1f:31:9b:e3:2b:c3:fc:1b:
97:29:97:98:27:ed:c5:8c:38:82:c3:bd:ae:8b:28:fe:fe:c8:
fb:3f:47:a4:24:45:4c:c9:17:66:51:b6:a6:21:66:5c:97:65:
9f:46:2a:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtgZ5eylzBgwDloZfjfmeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjMwMTAxMTMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMyZmYzNjgxZTM3NDEyZTM0ZGMzYTNkNTE1NzY5YzkwOTg4MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8WqjSZ7OMUQWfmIdRHAF0jOCCMO
teErP0qjCAy4JxttEbv2/npimvEinnUo/EerO6PP3BYVX6eKpfG3thoKUSX8iVTY
NfVZyJo6GlK7TWhyv1I7SSBtCc7g8n9y0YJlM6ywikXQAr2jmWD91XE2BU4OjsOM
qwDI49k6uMOS+tW732Wp8jcStaELT6j1XVir2ULsryFvmdQ8ecFzOkAynXEaktSI
xSGoxAQIemhJsAupbemDyTBBzx/uA+qmlnPJVp1b5cXRa+INaMAys+n4Q5S/U2ua
KZkFFWTNzUOh/DQckgeaQp7uew2sUbf1d222Rl0ol5x2vYzcCvHv/Jy8/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF0y/zaB43QS403Do9UVdpyQmIIsMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvWFRMX05vSGpkQkxqVGNPajFSVjJuSkNZZ2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX42HAwQA
vACDAwQAvACQAwQAvH8lMA0GCSqGSIb3DQEBCwUAA4IBAQBH0VG5apBaydOyQhtd
Pf19baWLFSWgqk0sdILMk+ady5BKuZTR1uLqCw9PDGaO9h0bdNc4oP4crkI0vfg6
4tFWLIhr9VcXqSJwEdrkql52bQqxtYmbKL5TvomeojnntVwxFTahcyw1UtNYPtDc
U1EFHsNISCocyM+a3cpQdW+ACO39+3aetvqZlIoZu7uppq7bioGzkckRV9hGpyMQ
C4pcTfqyvmbwP3Qp6qZbgZoZVSR24ExmLfhWBl6xOaq/KsE2p/1RpLNfoQu2wpsK
ysy2HzGb4yvD/BuXKZeYJ+3FjDiCw72uiyj+/sj7P0ekJEVMyRdmUbamIWZcl2Wf
Riqc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org