Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/xkZu3JZ90MSiyI5d8ecr3R11Myw.roa
File: xkZu3JZ90MSiyI5d8ecr3R11Myw.roa (raw, json)
Hash identifier: fLgmpF7kwg7BlwUYrVEaCwW/VW4oeSyKvbkNdEoEaxk=
Subject key identifier: C6:46:6E:DC:96:7D:D0:C4:A2:C8:8E:5D:F1:E7:2B:DD:1D:75:33:2C
Certificate issuer: /CN=0350df78fc785813724ec66648df9b494f9b8da7
Certificate serial: 01856ECBB183CF43E978DF267454FB0E38A6
Authority key identifier: 03:50:DF:78:FC:78:58:13:72:4E:C6:66:48:DF:9B:49:4F:9B:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/xkZu3JZ90MSiyI5d8ecr3R11Myw.roa
Signing time: Sun 01 Jan 2023 19:25:21 +0000
ROA not before: Sun 01 Jan 2023 19:25:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59905
IP address blocks: 185.92.125.0/24 maxlen: 24
185.92.126.0/24 maxlen: 24
185.92.127.0/24 maxlen: 24
91.220.77.0/24 maxlen: 24
185.49.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:b1:83:cf:43:e9:78:df:26:74:54:fb:0e:38:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0350df78fc785813724ec66648df9b494f9b8da7
Validity
Not Before: Jan 1 19:25:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6466edc967dd0c4a2c88e5df1e72bdd1d75332c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d8:38:69:a5:96:ce:c0:f2:90:13:3b:b9:3a:
ea:94:d2:d8:cc:0d:54:59:e5:fc:b0:d4:a7:ad:04:
1c:24:34:6a:61:ed:74:3d:e8:b8:38:0b:0c:19:70:
47:54:12:cb:db:2b:7d:5d:a5:85:c3:fa:8a:e7:6a:
16:81:50:a5:0e:5f:64:b1:54:fd:9a:31:5e:a9:b0:
a5:58:5d:a2:46:ac:7a:96:a9:9c:59:15:71:05:66:
0b:51:11:f4:7b:50:2b:24:00:04:db:52:f7:4d:38:
74:5c:a3:e2:4a:a9:ae:fd:7e:67:3a:0d:ac:18:d0:
98:8c:cf:d4:99:c7:7c:fe:8f:98:ec:3d:29:7c:4f:
fd:ed:7d:74:cf:94:cc:12:7d:ba:5c:df:42:24:6a:
74:11:2c:5f:78:2a:3a:f2:dd:9c:23:46:b3:08:95:
68:77:71:4a:d4:ef:42:37:92:6f:23:6a:9c:d6:a7:
30:19:0d:f2:1d:62:31:40:aa:92:72:6e:1e:40:d9:
6a:d4:0e:de:9d:2f:77:d2:1d:7b:f7:a7:76:9d:39:
64:8c:66:53:55:b2:c7:4b:1f:bf:59:4d:76:8d:69:
3c:2f:99:f5:e4:b4:13:b9:66:2e:1d:a2:ce:2c:8e:
a9:91:7c:03:4e:9e:4e:bb:3e:b7:18:a8:2a:ab:70:
df:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:46:6E:DC:96:7D:D0:C4:A2:C8:8E:5D:F1:E7:2B:DD:1D:75:33:2C
X509v3 Authority Key Identifier:
keyid:03:50:DF:78:FC:78:58:13:72:4E:C6:66:48:DF:9B:49:4F:9B:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1DfePx4WBNyTsZmSN-bSU-bjac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/xkZu3JZ90MSiyI5d8ecr3R11Myw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/ab586e-4b2a-47f6-ace8-d292ab7ce9fa/1/A1DfePx4WBNyTsZmSN-bSU-bjac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.77.0/24
185.49.220.0/22
185.92.125.0-185.92.127.255
Signature Algorithm: sha256WithRSAEncryption
96:da:d2:12:38:84:66:73:c0:d5:b4:b5:6b:0c:92:72:6f:25:
fc:70:ba:ea:26:28:87:58:5b:96:6c:72:20:18:32:05:a0:9e:
c3:66:a6:44:6e:f2:db:0f:6f:d5:0d:91:45:2a:f9:eb:83:e7:
b8:f2:ac:48:89:db:5c:a2:92:aa:b8:18:85:73:ba:97:67:d7:
11:7e:09:70:c9:bd:49:82:6c:d3:5b:4d:fe:cb:86:9e:a3:87:
17:8f:d9:6a:02:c1:03:63:f0:c8:f0:b8:a3:7a:ef:ff:95:95:
73:6d:19:ac:4d:d8:50:35:f0:fc:35:c7:00:6d:34:11:fd:83:
79:cc:0d:70:3e:67:eb:e1:fd:bb:b1:4f:98:c4:c3:52:e7:74:
ea:66:af:67:f6:f0:9c:20:81:5f:a4:32:33:d3:32:47:64:36:
60:20:fb:1e:87:3e:a0:e7:5e:1b:e6:77:9b:93:ee:6f:ae:1d:
d2:34:00:eb:d7:ab:78:9f:c3:a9:31:36:19:94:83:0e:30:1a:
f6:84:bc:7c:01:8f:62:fb:f3:78:e3:04:04:b1:dd:91:78:e3:
ee:d8:94:2c:c2:0f:25:3a:a0:55:71:f5:99:b2:02:61:9f:08:
7d:b5:f1:1a:54:f0:93:d3:a1:ce:7d:a8:6a:f6:bf:a3:e6:2e:
88:32:64:91
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVuy7GDz0PpeN8mdFT7DjimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTBkZjc4ZmM3ODU4MTM3MjRlYzY2NjQ4ZGY5YjQ5NGY5
YjhkYTcwHhcNMjMwMTAxMTkyNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ2NmVkYzk2N2RkMGM0YTJjODhlNWRmMWU3MmJkZDFkNzUzMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9g4aaWWzsDykBM7uTrqlNLYzA1U
WeX8sNSnrQQcJDRqYe10Pei4OAsMGXBHVBLL2yt9XaWFw/qK52oWgVClDl9ksVT9
mjFeqbClWF2iRqx6lqmcWRVxBWYLURH0e1ArJAAE21L3TTh0XKPiSqmu/X5nOg2s
GNCYjM/Umcd8/o+Y7D0pfE/97X10z5TMEn26XN9CJGp0ESxfeCo68t2cI0azCJVo
d3FK1O9CN5JvI2qc1qcwGQ3yHWIxQKqScm4eQNlq1A7enS930h1796d2nTlkjGZT
VbLHSx+/WU12jWk8L5n15LQTuWYuHaLOLI6pkXwDTp5Ouz63GKgqq3DfswIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMZGbtyWfdDEosiOXfHnK90ddTMsMB8GA1UdIwQY
MBaAFANQ33j8eFgTck7GZkjfm0lPm42nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFEZmVQeDRXQk55VHNabVNOLWJTVS1iamFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hYjU4NmUtNGIyYS00N2Y2LWFjZTgt
ZDI5MmFiN2NlOWZhLzEveGtadTNKWjkwTVNpeUk1ZDhlY3IzUjExTXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hYjU4NmUtNGIyYS00N2Y2LWFjZTgtZDI5MmFiN2NlOWZh
LzEvQTFEZmVQeDRXQk55VHNabVNOLWJTVS1iamFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW9xNAwQC
uTHcMAwDBAC5XH0DBAe5XAAwDQYJKoZIhvcNAQELBQADggEBAJba0hI4hGZzwNW0
tWsMknJvJfxwuuomKIdYW5ZsciAYMgWgnsNmpkRu8tsPb9UNkUUq+euD57jyrEiJ
21yikqq4GIVzupdn1xF+CXDJvUmCbNNbTf7Lhp6jhxeP2WoCwQNj8MjwuKN67/+V
lXNtGaxN2FA18Pw1xwBtNBH9g3nMDXA+Z+vh/buxT5jEw1LndOpmr2f28JwggV+k
MjPTMkdkNmAg+x6HPqDnXhvmd5uT7m+uHdI0AOvXq3ifw6kxNhmUgw4wGvaEvHwB
j2L783jjBASx3ZF44+7YlCzCDyU6oFVx9ZmyAmGfCH218RpU8JPToc59qGr2v6Pm
LogyZJE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:50 2024 by rpki-client on console-ams.rpki-client.org