Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/XUAyQ26YM2TiBi64fTtvH5q8KGg.roa
File: XUAyQ26YM2TiBi64fTtvH5q8KGg.roa (raw, json)
Hash identifier: 3PBq7HPziXRqb8QsL6FYIu3gewAUF7riLSK+bNaZAS8=
Subject key identifier: 5D:40:32:43:6E:98:33:64:E2:06:2E:B8:7D:3B:6F:1F:9A:BC:28:68
Certificate issuer: /CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Certificate serial: 018A21693F7AF6A7EF91CC2F246E8257D133
Authority key identifier: 9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/XUAyQ26YM2TiBi64fTtvH5q8KGg.roa
Signing time: Wed 23 Aug 2023 08:01:00 +0000
ROA not before: Wed 23 Aug 2023 08:01:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43905
IP address blocks: 213.234.96.0/25 maxlen: 25
213.234.96.128/25 maxlen: 25
93.91.96.0/21 maxlen: 21
185.85.130.0/23 maxlen: 23
213.234.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Tue 14 Nov 2023 12:53:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:69:3f:7a:f6:a7:ef:91:cc:2f:24:6e:82:57:d1:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Validity
Not Before: Aug 23 08:01:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d4032436e983364e2062eb87d3b6f1f9abc2868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:11:60:5d:32:57:06:d7:0e:ec:fe:c3:e4:a1:
26:59:5a:99:2d:4d:16:5d:b1:4b:f0:9e:4c:fd:13:
3c:f1:77:c1:58:a1:06:9a:05:74:dc:e2:2d:53:d0:
9a:ba:2b:38:a4:fa:02:fb:0a:39:72:4b:fe:d8:00:
71:69:74:6f:23:3f:4c:6b:ab:aa:fe:a5:a7:dc:82:
a3:a0:76:73:fa:58:33:fd:3e:78:60:ad:f6:eb:03:
d7:cc:8f:e6:16:5b:c0:71:73:79:f3:c2:cd:1b:54:
e0:d1:bc:17:21:9e:37:87:f9:60:e5:f6:05:41:27:
ce:2e:be:f2:d3:fa:3f:89:6c:74:97:5b:96:2e:08:
28:ca:b9:a6:28:d1:d0:ce:93:9c:00:2a:0d:69:d5:
e3:99:e4:ff:b3:cb:e6:0c:28:3c:46:e9:b2:ba:50:
09:0e:c3:a3:54:a4:7f:18:0d:74:4c:2c:40:9d:ae:
ba:86:68:cb:71:20:cf:a0:d2:d5:9f:cc:db:ed:be:
4d:7e:c3:98:24:ba:1f:54:c5:1e:1a:68:d1:b9:6a:
86:29:84:19:96:f1:a5:94:ff:72:84:ed:55:a5:fb:
ad:08:8b:2d:aa:4d:be:27:63:ee:14:2e:ed:72:86:
5e:55:95:40:18:59:46:36:12:d4:79:20:bd:f2:15:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:40:32:43:6E:98:33:64:E2:06:2E:B8:7D:3B:6F:1F:9A:BC:28:68
X509v3 Authority Key Identifier:
keyid:9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/XUAyQ26YM2TiBi64fTtvH5q8KGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.96.0/21
185.85.130.0/23
213.234.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4f:44:b2:8c:a7:64:13:13:f5:62:be:fa:fe:81:43:eb:b3:9b:
2e:69:2b:14:be:f2:95:0c:20:73:46:a8:e0:56:d2:6e:30:82:
47:c0:a1:16:45:5b:e2:53:c1:2a:18:ed:92:f1:e2:f2:9e:3d:
3d:47:d6:1c:9a:c7:b8:51:dd:64:f0:50:36:9b:13:a2:56:a6:
1c:c1:86:cb:07:24:ef:4c:44:b1:20:46:fc:59:95:f0:25:fd:
a5:40:42:35:bc:74:f5:ea:c4:c9:6e:96:9a:7b:e7:31:fd:b0:
67:71:31:ea:a2:2b:fb:83:44:d9:a0:8a:4d:98:b6:90:c7:fb:
5d:fb:ee:b9:ee:63:ad:68:42:9f:68:40:0d:fd:0a:87:a4:59:
0a:d2:dc:0e:53:b0:bb:2d:f1:a3:7c:e0:ca:c7:a6:ff:52:19:
08:f4:c7:54:79:3a:96:53:b9:48:2a:cd:2a:45:23:de:a5:72:
61:b1:5b:77:19:d0:bf:70:95:f5:d4:29:ff:5a:1b:69:ba:a6:
d1:4a:8a:d0:9d:27:5b:02:dc:21:47:ab:56:97:3a:6e:ac:c8:
88:0e:13:c5:fd:cc:07:17:1d:10:40:f3:51:2e:4d:ec:32:f5:
fa:04:41:3d:ba:0f:89:8d:8e:01:eb:3a:70:6b:19:d6:3f:98:
52:6b:c4:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYohaT969qfvkcwvJG6CV9EzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzQwNjk5YzhlZDk3MGE4YzllZDhjMTYyMDg4ZjIwNjdj
MzMyNTAwHhcNMjMwODIzMDgwMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQwMzI0MzZlOTgzMzY0ZTIwNjJlYjg3ZDNiNmYxZjlhYmMyODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBFgXTJXBtcO7P7D5KEmWVqZLU0W
XbFL8J5M/RM88XfBWKEGmgV03OItU9Cauis4pPoC+wo5ckv+2ABxaXRvIz9Ma6uq
/qWn3IKjoHZz+lgz/T54YK326wPXzI/mFlvAcXN588LNG1Tg0bwXIZ43h/lg5fYF
QSfOLr7y0/o/iWx0l1uWLggoyrmmKNHQzpOcACoNadXjmeT/s8vmDCg8RumyulAJ
DsOjVKR/GA10TCxAna66hmjLcSDPoNLVn8zb7b5NfsOYJLofVMUeGmjRuWqGKYQZ
lvGllP9yhO1VpfutCIstqk2+J2PuFC7tcoZeVZVAGFlGNhLUeSC98hURYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF1AMkNumDNk4gYuuH07bx+avChoMB8GA1UdIwQY
MBaAFJs0BpnI7ZcKjJ7YwWIIjyBnwzJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDct
ZTA4YmUwZWRhZjc2LzEvWFVBeVEyNllNMlRpQmk2NGZUdHZINXE4S0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDctZTA4YmUwZWRhZjc2
LzEvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXVtgAwQB
uVWCAwQG1epAMA0GCSqGSIb3DQEBCwUAA4IBAQBPRLKMp2QTE/Vivvr+gUPrs5su
aSsUvvKVDCBzRqjgVtJuMIJHwKEWRVviU8EqGO2S8eLynj09R9Ycmse4Ud1k8FA2
mxOiVqYcwYbLByTvTESxIEb8WZXwJf2lQEI1vHT16sTJbpaae+cx/bBncTHqoiv7
g0TZoIpNmLaQx/td++657mOtaEKfaEAN/QqHpFkK0twOU7C7LfGjfODKx6b/UhkI
9MdUeTqWU7lIKs0qRSPepXJhsVt3GdC/cJX11Cn/WhtpuqbRSorQnSdbAtwhR6tW
lzpurMiIDhPF/cwHFx0QQPNRLk3sMvX6BEE9ug+JjY4B6zpwaxnWP5hSa8RK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:00 2024 by rpki-client on console-ams.rpki-client.org