Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/XJqYiD9Ziqf9uZf_c0n8cCLZ3Ec.roa
File: XJqYiD9Ziqf9uZf_c0n8cCLZ3Ec.roa (raw, json)
Hash identifier: eKNMzkpNS1oSVK6Bdl9Lu1bc68kZzbR8Dh5F6AB8/iw=
Subject key identifier: 5C:9A:98:88:3F:59:8A:A7:FD:B9:97:FF:73:49:FC:70:22:D9:DC:47
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E2E6D6687196E5C82C09F31584E357A0D
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/XJqYiD9Ziqf9uZf_c0n8cCLZ3Ec.roa
Signing time: Mon 11 Mar 2024 16:51:45 +0000
ROA not before: Mon 11 Mar 2024 16:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21267
IP address blocks: 80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
195.26.32.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:6d:66:87:19:6e:5c:82:c0:9f:31:58:4e:35:7a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 11 16:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c9a98883f598aa7fdb997ff7349fc7022d9dc47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2e:ea:44:74:2d:c0:0b:be:b2:bb:40:fa:fe:
df:45:04:52:c1:de:6d:b0:6c:d3:c1:02:b1:6d:a7:
40:7b:3a:04:7a:47:65:d6:1e:89:d8:3d:d3:1c:de:
d8:7c:2a:8a:51:4e:16:a9:35:2b:56:8e:88:b9:fb:
a5:f8:12:14:0a:49:15:93:ae:25:5d:2b:63:d0:ee:
61:ef:93:99:e4:f1:0c:15:92:b1:ee:67:eb:84:8e:
12:9c:1e:7b:cd:02:d7:de:2c:ca:b6:cb:2a:bb:70:
32:40:b7:14:01:65:49:7b:75:2a:72:0d:2f:bc:da:
c3:65:6d:0b:78:d6:c1:2e:10:49:bc:2e:d3:55:30:
24:db:64:e3:a5:6b:66:39:6d:43:cd:34:c1:a9:f1:
1c:9f:c9:a7:b3:b6:c5:da:37:24:04:d7:e4:1c:db:
36:c4:d3:42:e4:4d:31:0d:80:e1:4b:4e:0e:46:61:
5b:ae:c6:90:a1:c6:2c:86:25:6a:e4:3f:68:92:f5:
a0:d9:99:cd:f4:df:41:f5:78:34:46:7d:29:85:b6:
5a:b2:1e:44:dc:19:cf:85:55:de:c9:5f:d5:ff:28:
1e:ef:3a:be:ee:6a:81:1a:54:12:36:ef:8b:b8:61:
5a:08:cb:e9:54:8b:26:e9:2d:07:29:2c:73:be:ab:
e6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9A:98:88:3F:59:8A:A7:FD:B9:97:FF:73:49:FC:70:22:D9:DC:47
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/XJqYiD9Ziqf9uZf_c0n8cCLZ3Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
195.26.32.0/19
Signature Algorithm: sha256WithRSAEncryption
41:8f:8c:86:a7:09:c2:ff:8f:11:5b:58:a1:0b:ae:4b:9a:4a:
e1:c2:bd:01:59:32:cf:38:c2:d1:d0:ad:a4:26:8b:16:41:e0:
c8:5b:8f:cd:c2:ae:1a:2e:34:80:b3:a0:20:20:a7:aa:d2:82:
b1:90:08:64:95:0a:25:69:22:39:14:09:8f:10:77:7f:9a:50:
34:49:1d:f3:79:c4:0f:78:b3:80:de:4a:3f:01:80:42:8c:b0:
7f:73:26:a6:e4:a0:67:63:82:35:3f:28:d9:a1:4b:27:10:3a:
9e:7f:16:5b:12:68:fd:5d:57:b5:f6:b1:10:0e:a3:23:7c:1a:
79:86:9c:ab:46:8d:38:8b:91:47:60:e2:d5:be:b2:26:09:b4:
3a:69:07:e9:9e:a3:36:ef:ba:c9:7e:15:d1:60:75:55:97:5b:
03:88:af:c2:0a:fd:0a:4f:f8:70:13:8a:83:87:b0:cd:51:6a:
e8:b8:be:1e:ce:04:a3:53:75:d0:ec:1b:86:3b:a4:a0:54:34:
6c:a6:74:56:38:49:29:04:b6:f6:06:2b:eb:ba:03:06:90:fd:
5c:eb:47:be:3f:42:73:71:b3:04:5f:2b:ec:4c:df:22:3b:30:
43:42:ba:cb:d6:ed:a7:6a:27:99:a4:bd:36:dc:d8:0e:bc:1d:
ba:6a:d5:0a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4ubWaHGW5cgsCfMVhONXoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzExMTY1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzlhOTg4ODNmNTk4YWE3ZmRiOTk3ZmY3MzQ5ZmM3MDIyZDlkYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC7qRHQtwAu+srtA+v7fRQRSwd5t
sGzTwQKxbadAezoEekdl1h6J2D3THN7YfCqKUU4WqTUrVo6Iuful+BIUCkkVk64l
XStj0O5h75OZ5PEMFZKx7mfrhI4SnB57zQLX3izKtssqu3AyQLcUAWVJe3Uqcg0v
vNrDZW0LeNbBLhBJvC7TVTAk22TjpWtmOW1DzTTBqfEcn8mns7bF2jckBNfkHNs2
xNNC5E0xDYDhS04ORmFbrsaQocYshiVq5D9okvWg2ZnN9N9B9Xg0Rn0phbZash5E
3BnPhVXeyV/V/yge7zq+7mqBGlQSNu+LuGFaCMvpVIsm6S0HKSxzvqvmYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFyamIg/WYqn/bmX/3NJ/HAi2dxHMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvWEpxWWlEOVppcWY5dVpmX2MwbjhjQ0xaM0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEUErwAwQF
VV9gAwQDXCp4AwQDX4FAAwQFwxogMA0GCSqGSIb3DQEBCwUAA4IBAQBBj4yGpwnC
/48RW1ihC65Lmkrhwr0BWTLPOMLR0K2kJosWQeDIW4/Nwq4aLjSAs6AgIKeq0oKx
kAhklQolaSI5FAmPEHd/mlA0SR3zecQPeLOA3ko/AYBCjLB/cyam5KBnY4I1PyjZ
oUsnEDqefxZbEmj9XVe19rEQDqMjfBp5hpyrRo04i5FHYOLVvrImCbQ6aQfpnqM2
77rJfhXRYHVVl1sDiK/CCv0KT/hwE4qDh7DNUWrouL4ezgSjU3XQ7BuGO6SgVDRs
pnRWOEkpBLb2BivrugMGkP1c60e+P0JzcbMEXyvsTN8iOzBDQrrL1u2naieZpL02
3NgOvB26atUK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org