Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/XxMmXmq9Anwd7W7ahab5CWDxq-o.roa
File: XxMmXmq9Anwd7W7ahab5CWDxq-o.roa (raw, json)
Hash identifier: 96gH4/amwPdOKJYWJQ+39JXfutu4yvdZkdJLVDoui+o=
Subject key identifier: 5F:13:26:5E:6A:BD:02:7C:1D:ED:6E:DA:85:A6:F9:09:60:F1:AB:EA
Certificate issuer: /CN=8e36117135f6b86d0a9e1fa67e04baf5bcd86169
Certificate serial: 01857246F2B2DB67D5E9F12A02E9BBAF9457
Authority key identifier: 8E:36:11:71:35:F6:B8:6D:0A:9E:1F:A6:7E:04:BA:F5:BC:D8:61:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/XxMmXmq9Anwd7W7ahab5CWDxq-o.roa
Signing time: Mon 02 Jan 2023 11:38:50 +0000
ROA not before: Mon 02 Jan 2023 11:38:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200064
IP address blocks: 92.118.252.0/22 maxlen: 24
79.98.216.0/21 maxlen: 24
185.28.140.0/22 maxlen: 24
45.156.40.0/22 maxlen: 24
139.28.56.0/22 maxlen: 24
141.105.96.0/20 maxlen: 24
2a02:2f80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:f2:b2:db:67:d5:e9:f1:2a:02:e9:bb:af:94:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e36117135f6b86d0a9e1fa67e04baf5bcd86169
Validity
Not Before: Jan 2 11:38:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f13265e6abd027c1ded6eda85a6f90960f1abea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:02:75:f8:80:e3:01:ae:f5:71:e0:10:c4:85:
c8:c7:b1:82:b1:a5:a0:ce:18:0d:1a:94:e3:92:34:
3b:08:97:52:bc:51:59:ba:2b:a5:e3:80:36:38:bf:
87:9b:30:ba:42:c9:e8:ca:c5:e8:48:06:31:59:0d:
a7:7f:0d:8b:95:a2:9a:62:6a:f2:41:81:ab:e8:18:
33:30:3d:4f:e6:ae:9f:0c:64:1d:2b:df:4f:6b:73:
d7:5b:5c:a0:c3:bd:16:24:ec:48:96:4b:94:8a:87:
bb:b2:a7:e0:83:54:ba:66:bc:6f:3f:82:5b:f0:6b:
fd:7a:3a:28:36:b2:12:67:a5:93:12:7c:d1:2b:51:
fc:e6:db:e0:75:06:99:63:33:09:90:2f:2a:c7:14:
56:5b:14:80:c6:86:4f:51:97:7a:1b:2f:14:c2:66:
99:ec:96:63:2f:75:50:4f:15:48:39:c9:c6:f5:e1:
60:52:32:26:14:94:a6:d3:46:15:2f:5c:b6:03:e5:
90:01:0d:41:a2:0c:37:9b:a4:e1:b7:38:17:96:26:
61:95:04:57:90:3c:28:6f:fa:26:14:ad:80:37:d9:
15:8e:27:80:54:0d:b2:f3:cc:d8:bc:d0:50:cd:8c:
99:22:e3:24:3e:68:7f:5f:57:b9:7c:43:2a:20:3f:
21:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:13:26:5E:6A:BD:02:7C:1D:ED:6E:DA:85:A6:F9:09:60:F1:AB:EA
X509v3 Authority Key Identifier:
keyid:8E:36:11:71:35:F6:B8:6D:0A:9E:1F:A6:7E:04:BA:F5:BC:D8:61:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jjYRcTX2uG0Knh-mfgS69bzYYWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/XxMmXmq9Anwd7W7ahab5CWDxq-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/edb4d3-33c8-45dc-a40e-c85b60fd8c8b/1/jjYRcTX2uG0Knh-mfgS69bzYYWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.40.0/22
79.98.216.0/21
92.118.252.0/22
139.28.56.0/22
141.105.96.0/20
185.28.140.0/22
IPv6:
2a02:2f80::/29
Signature Algorithm: sha256WithRSAEncryption
0d:84:02:b2:69:62:3f:e6:12:e8:2a:d5:81:aa:ed:9a:c3:24:
aa:27:29:b4:db:fd:6a:29:a3:5b:68:d3:9a:83:b9:59:e1:ba:
a6:0d:21:11:94:86:fd:ef:d9:08:7b:4a:76:e6:91:09:e4:8b:
92:7c:85:93:73:57:11:b6:ea:4d:23:0c:89:fe:7a:4b:a1:ab:
a7:f8:0d:c3:fc:0d:07:b6:48:6e:f6:fc:a6:f4:08:5b:a4:e0:
e9:bd:36:70:9b:b1:dd:79:96:6c:96:01:07:c5:2e:04:b2:79:
e2:81:93:51:ca:1e:e9:8e:72:41:76:da:3f:f4:6e:cd:48:8d:
ad:32:ea:31:45:ff:f8:a3:c9:53:55:4c:72:0b:47:a6:60:5d:
96:36:a7:bd:dc:66:87:a3:a1:fb:f9:d7:8f:b3:36:ab:99:f4:
69:78:fa:10:59:8e:e5:ff:35:3c:b8:93:78:de:e2:c8:5e:83:
02:ba:af:aa:1f:e5:94:d5:bf:0f:25:5c:24:a7:33:df:9d:c1:
28:23:b0:79:3b:ee:85:77:f5:df:0a:25:e9:88:70:24:71:06:
90:1d:54:25:e1:4c:25:65:36:ec:57:85:e0:7b:1e:dd:6d:f9:
23:e2:da:11:b6:ba:b2:a9:83:44:9f:ff:c0:32:d0:9a:09:90:
8a:3a:25:1f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVyRvKy22fV6fEqAum7r5RXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMzYxMTcxMzVmNmI4NmQwYTllMWZhNjdlMDRiYWY1YmNk
ODYxNjkwHhcNMjMwMTAyMTEzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjEzMjY1ZTZhYmQwMjdjMWRlZDZlZGE4NWE2ZjkwOTYwZjFhYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQJ1+IDjAa71ceAQxIXIx7GCsaWg
zhgNGpTjkjQ7CJdSvFFZuiul44A2OL+HmzC6QsnoysXoSAYxWQ2nfw2LlaKaYmry
QYGr6BgzMD1P5q6fDGQdK99Pa3PXW1ygw70WJOxIlkuUioe7sqfgg1S6ZrxvP4Jb
8Gv9ejooNrISZ6WTEnzRK1H85tvgdQaZYzMJkC8qxxRWWxSAxoZPUZd6Gy8UwmaZ
7JZjL3VQTxVIOcnG9eFgUjImFJSm00YVL1y2A+WQAQ1Bogw3m6ThtzgXliZhlQRX
kDwob/omFK2AN9kVjieAVA2y88zYvNBQzYyZIuMkPmh/X1e5fEMqID8hrQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF8TJl5qvQJ8He1u2oWm+Qlg8avqMB8GA1UdIwQY
MBaAFI42EXE19rhtCp4fpn4EuvW82GFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvampZUmNUWDJ1RzBLbmgtbWZnUzY5YnpZWVdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lZGI0ZDMtMzNjOC00NWRjLWE0MGUt
Yzg1YjYwZmQ4YzhiLzEvWHhNbVhtcTlBbndkN1c3YWhhYjVDV0R4cS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lZGI0ZDMtMzNjOC00NWRjLWE0MGUtYzg1YjYwZmQ4Yzhi
LzEvampZUmNUWDJ1RzBLbmgtbWZnUzY5YnpZWVdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZwoAwQD
T2LYAwQCXHb8AwQCixw4AwQEjWlgAwQCuRyMMA0EAgACMAcDBQMqAi+AMA0GCSqG
SIb3DQEBCwUAA4IBAQANhAKyaWI/5hLoKtWBqu2awySqJym02/1qKaNbaNOag7lZ
4bqmDSERlIb979kIe0p25pEJ5IuSfIWTc1cRtupNIwyJ/npLoaun+A3D/A0Htkhu
9vym9AhbpODpvTZwm7HdeZZslgEHxS4EsnnigZNRyh7pjnJBdto/9G7NSI2tMuox
Rf/4o8lTVUxyC0emYF2WNqe93GaHo6H7+dePszarmfRpePoQWY7l/zU8uJN43uLI
XoMCuq+qH+WU1b8PJVwkpzPfncEoI7B5O+6Fd/XfCiXpiHAkcQaQHVQl4UwlZTbs
V4Xgex7dbfkj4toRtrqyqYNEn//AMtCaCZCKOiUf
-----END CERTIFICATE-----
Generated at Wed Dec 20 09:22:38 2023 by rpki-client on console-fra.rpki-client.org