Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XcxS29xeldkEGSUgfRDfT3bqRZw.roa
File: XcxS29xeldkEGSUgfRDfT3bqRZw.roa (raw, json)
Hash identifier: oT37NsK+w4B0k6aJiV92jfq60ICaEUNKPh49S5cVkPY=
Subject key identifier: 5D:CC:52:DB:DC:5E:95:D9:04:19:25:20:7D:10:DF:4F:76:EA:45:9C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018644C46994D60EFC0DBD398577E68663CE
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XcxS29xeldkEGSUgfRDfT3bqRZw.roa
Signing time: Sun 12 Feb 2023 08:36:08 +0000
ROA not before: Sun 12 Feb 2023 08:36:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 91.200.222.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Feb 2023 12:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:44:c4:69:94:d6:0e:fc:0d:bd:39:85:77:e6:86:63:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 12 08:36:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dcc52dbdc5e95d9041925207d10df4f76ea459c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5e:c9:ef:34:bc:33:e9:19:00:6a:2c:65:ee:
a6:b7:c4:c0:30:be:af:f3:a7:13:6a:71:ef:11:ca:
1e:48:af:ca:95:c2:39:b8:33:de:58:ce:45:36:bf:
b5:df:14:97:b0:56:5a:d0:61:3a:f9:a0:7c:39:5d:
4b:1d:75:5d:7d:6b:fd:f3:f5:86:d8:86:0a:2f:9a:
23:2e:7c:e7:7a:a9:65:c2:6b:3f:88:84:35:bd:1b:
cf:4b:7e:62:db:ba:21:79:13:01:b7:fd:cb:89:7b:
79:04:6c:d0:6f:55:85:08:d6:3d:8a:49:7d:59:1c:
3b:51:9f:42:de:d0:a2:6d:b5:07:80:74:be:19:02:
e8:c5:75:78:a5:d2:ed:5b:e6:f4:85:79:4d:5a:b5:
e2:35:f8:b0:10:fb:95:d2:76:42:be:f7:f1:1d:6c:
e6:bd:aa:b2:52:cd:bc:b6:af:d3:3e:71:68:6b:01:
eb:52:21:82:f1:89:ac:0e:7d:c5:ec:00:6d:6b:71:
34:52:45:17:48:91:5d:29:1a:45:43:25:d4:42:29:
2d:12:8f:4d:18:3d:02:a2:08:42:55:2a:5d:15:53:
86:e5:d3:a7:c6:16:64:e9:d4:56:34:4f:e8:85:48:
a5:e2:7b:8a:52:60:ad:36:00:c5:10:9c:43:ad:32:
3d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CC:52:DB:DC:5E:95:D9:04:19:25:20:7D:10:DF:4F:76:EA:45:9C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/XcxS29xeldkEGSUgfRDfT3bqRZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.222.0/24
109.122.40.0-109.122.42.255
Signature Algorithm: sha256WithRSAEncryption
43:31:c4:cf:a5:c2:00:7b:2d:43:ab:93:f1:9e:1a:08:ad:a7:
f9:00:c5:58:23:6b:2e:6b:40:95:81:b9:7d:60:e3:dd:63:1c:
ab:3f:f7:46:ad:90:f9:4b:fa:63:ee:10:84:72:ab:54:24:0c:
64:d6:cc:69:84:b8:7a:4c:58:68:33:ab:f7:27:af:ad:b5:2c:
06:0b:08:38:b6:96:de:f8:ab:39:49:da:ce:52:7c:55:ec:38:
b7:6c:98:ce:33:2d:21:4b:7e:78:6f:04:a0:25:ff:40:7e:24:
b0:e1:b0:9f:46:5c:c9:7d:6c:52:2a:6e:e0:b2:b1:d2:59:a5:
1a:98:71:ec:0b:e8:11:74:9b:8d:8e:b6:2e:e5:c5:0b:43:6f:
ad:74:26:b6:4e:e5:35:07:04:2f:1a:34:16:64:f6:7a:54:ce:
5c:2c:76:26:26:77:2b:40:62:00:5a:a9:19:40:2c:66:60:7c:
81:c4:7e:6c:a3:83:b8:08:05:d6:84:64:46:b0:99:44:0e:13:
f7:2a:db:03:fd:73:14:2c:8c:2c:ab:2b:65:4f:f4:be:71:06:
3f:b0:fb:ee:63:7d:07:62:1b:fa:34:c4:33:d3:57:51:5e:cd:
00:b1:3f:b7:75:0f:9a:be:12:9a:c7:fa:7e:62:01:6c:10:b2:
4a:dd:e2:f5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYZExGmU1g78Db05hXfmhmPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMjEyMDgzNjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNjNTJkYmRjNWU5NWQ5MDQxOTI1MjA3ZDEwZGY0Zjc2ZWE0NTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF7J7zS8M+kZAGosZe6mt8TAML6v
86cTanHvEcoeSK/KlcI5uDPeWM5FNr+13xSXsFZa0GE6+aB8OV1LHXVdfWv98/WG
2IYKL5ojLnzneqllwms/iIQ1vRvPS35i27oheRMBt/3LiXt5BGzQb1WFCNY9ikl9
WRw7UZ9C3tCibbUHgHS+GQLoxXV4pdLtW+b0hXlNWrXiNfiwEPuV0nZCvvfxHWzm
vaqyUs28tq/TPnFoawHrUiGC8YmsDn3F7ABta3E0UkUXSJFdKRpFQyXUQiktEo9N
GD0CoghCVSpdFVOG5dOnxhZk6dRWNE/ohUil4nuKUmCtNgDFEJxDrTI99QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF3MUtvcXpXZBBklIH0Q30926kWcMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWGN4UzI5eGVsZGtFR1NVZ2ZSRGZUM2JxUlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAW8jeMAwD
BANteigDBABteiowDQYJKoZIhvcNAQELBQADggEBAEMxxM+lwgB7LUOrk/GeGgit
p/kAxVgjay5rQJWBuX1g491jHKs/90atkPlL+mPuEIRyq1QkDGTWzGmEuHpMWGgz
q/cnr621LAYLCDi2lt74qzlJ2s5SfFXsOLdsmM4zLSFLfnhvBKAl/0B+JLDhsJ9G
XMl9bFIqbuCysdJZpRqYcewL6BF0m42Oti7lxQtDb610JrZO5TUHBC8aNBZk9npU
zlwsdiYmdytAYgBaqRlALGZgfIHEfmyjg7gIBdaEZEawmUQOE/cq2wP9cxQsjCyr
K2VP9L5xBj+w++5jfQdiG/o0xDPTV1FezQCxP7d1D5q+EprH+n5iAWwQskrd4vU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org