Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/XuS4WlzmEt7DoUKG8WDkMZKaz7E.roa
File: XuS4WlzmEt7DoUKG8WDkMZKaz7E.roa (raw, json)
Hash identifier: Obb6wKhBH9ahiKVAP8ErwPoqeWFM6hO1NaJPYVJq124=
Subject key identifier: 5E:E4:B8:5A:5C:E6:12:DE:C3:A1:42:86:F1:60:E4:31:92:9A:CF:B1
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 01856F1D8313EDBBD89E985B70E52A60C219
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/XuS4WlzmEt7DoUKG8WDkMZKaz7E.roa
Signing time: Sun 01 Jan 2023 20:54:43 +0000
ROA not before: Sun 01 Jan 2023 20:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207088
IP address blocks: 195.210.96.0/22 maxlen: 22
195.210.104.0/22 maxlen: 22
195.210.100.0/22 maxlen: 22
195.210.116.0/22 maxlen: 22
195.210.120.0/22 maxlen: 22
2a0a:a200::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Apr 2023 08:28:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:83:13:ed:bb:d8:9e:98:5b:70:e5:2a:60:c2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Jan 1 20:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ee4b85a5ce612dec3a14286f160e431929acfb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bd:b2:07:0e:cc:50:40:79:59:c8:0c:b0:14:
f2:a4:27:5d:5b:83:2c:20:d0:5e:cd:f1:d1:de:7f:
5d:07:f7:aa:61:bc:6e:f4:80:f1:a3:ac:ff:98:68:
f9:25:09:c5:87:30:2a:ec:db:c8:a5:cc:d5:26:be:
b1:20:7c:55:bd:0f:47:0f:e2:50:6e:04:42:e0:c4:
61:a6:94:18:a8:7d:ef:66:48:98:db:cd:4b:84:a5:
3e:db:a8:4f:53:35:d2:66:1b:23:92:1e:c3:ff:36:
a4:67:95:60:26:72:41:1a:c1:c6:df:f9:c5:1f:bb:
ef:51:8f:fd:a9:20:83:50:d2:3d:15:2a:e1:b7:2f:
d0:79:70:29:68:f4:e9:1d:12:a5:67:ee:69:b4:c8:
1b:59:b1:c9:93:aa:52:df:2c:c8:30:df:3b:26:7a:
6e:73:a6:32:cc:2a:be:9a:1c:9a:5c:3e:cd:04:b7:
2c:ac:1d:5a:d7:32:49:f5:1e:e6:2b:f4:df:5e:82:
81:b6:47:6a:54:1c:9e:f1:51:13:2f:58:62:cf:c2:
be:cd:7e:c1:4d:b3:68:67:98:f2:db:78:57:39:85:
50:08:d4:29:a1:50:bc:26:0c:8c:f6:50:49:1e:45:
80:2c:bc:9d:72:13:a9:58:cc:fb:5a:03:b0:2a:9e:
8d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E4:B8:5A:5C:E6:12:DE:C3:A1:42:86:F1:60:E4:31:92:9A:CF:B1
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/XuS4WlzmEt7DoUKG8WDkMZKaz7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.96.0-195.210.107.255
195.210.116.0-195.210.123.255
IPv6:
2a0a:a200::/29
Signature Algorithm: sha256WithRSAEncryption
11:43:77:a2:d7:74:4f:4c:d2:7d:31:9c:01:e9:f4:a9:55:4b:
55:19:8c:3e:34:f7:0d:64:9a:2e:f1:ba:1e:dc:2a:36:e3:52:
c6:67:d5:a3:1e:c2:17:ee:f1:75:56:4e:15:23:b7:7b:52:f1:
7c:83:2d:f0:ba:79:e4:a1:04:c2:7b:e4:ed:90:54:7d:91:0c:
43:3c:f8:77:f7:a7:3f:9f:55:27:f3:87:f7:34:67:39:21:d3:
ba:8a:a6:ac:fc:79:2a:8c:61:ab:74:42:e4:ec:2d:0b:19:1b:
c5:42:f0:9a:a0:66:fa:35:49:59:cf:2c:47:c3:87:7c:bb:69:
a4:4c:5a:21:6f:1e:44:6b:93:b6:0e:4f:39:b0:02:c0:4e:7f:
04:c0:f1:b3:61:31:0f:be:d3:3f:eb:c2:74:b6:53:38:af:bd:
fa:48:35:72:7a:12:34:a9:cd:96:c9:b5:99:eb:48:10:ce:98:
80:fb:08:67:0e:28:e2:3b:8a:f1:87:ba:d8:87:c9:d3:a1:c0:
d9:c7:2e:69:0a:2b:cd:10:0c:8f:41:bb:29:0a:3e:18:eb:42:
5f:07:c5:de:7f:68:63:a3:ad:c4:cf:03:85:32:07:bc:a9:1b:
56:e1:ec:b6:c2:4e:da:39:5a:c5:e7:f1:1e:6d:56:23:25:c8:
04:3f:e2:6d
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVvHYMT7bvYnphbcOUqYMIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYjg0ZDlmOGY5ZTMzMTU2NTg5YTVlYmY3MjIyMDNhODk5
ZTBhNTEwHhcNMjMwMTAxMjA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU0Yjg1YTVjZTYxMmRlYzNhMTQyODZmMTYwZTQzMTkyOWFjZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg72yBw7MUEB5WcgMsBTypCddW4Ms
INBezfHR3n9dB/eqYbxu9IDxo6z/mGj5JQnFhzAq7NvIpczVJr6xIHxVvQ9HD+JQ
bgRC4MRhppQYqH3vZkiY281LhKU+26hPUzXSZhsjkh7D/zakZ5VgJnJBGsHG3/nF
H7vvUY/9qSCDUNI9FSrhty/QeXApaPTpHRKlZ+5ptMgbWbHJk6pS3yzIMN87Jnpu
c6YyzCq+mhyaXD7NBLcsrB1a1zJJ9R7mK/TfXoKBtkdqVBye8VETL1hiz8K+zX7B
TbNoZ5jy23hXOYVQCNQpoVC8JgyM9lBJHkWALLydchOpWMz7WgOwKp6NZQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFF7kuFpc5hLew6FChvFg5DGSms+xMB8GA1UdIwQY
MBaAFP64TZ+PnjMVZYml6/ciIDqJngpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMt
YWYxY2MyMzE3ZTM5LzEvWHVTNFdsem1FdDdEb1VLRzhXRGtNWkthejdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMtYWYxY2MyMzE3ZTM5
LzEvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAXD0mAD
BALD0mgwDAMEAsPSdAMEAsPSeDANBAIAAjAHAwUDKgqiADANBgkqhkiG9w0BAQsF
AAOCAQEAEUN3otd0T0zSfTGcAen0qVVLVRmMPjT3DWSaLvG6HtwqNuNSxmfVox7C
F+7xdVZOFSO3e1LxfIMt8Lp55KEEwnvk7ZBUfZEMQzz4d/enP59VJ/OH9zRnOSHT
uoqmrPx5Koxhq3RC5OwtCxkbxULwmqBm+jVJWc8sR8OHfLtppExaIW8eRGuTtg5P
ObACwE5/BMDxs2ExD77TP+vCdLZTOK+9+kg1cnoSNKnNlsm1metIEM6YgPsIZw4o
4juK8Ye62IfJ06HA2ccuaQorzRAMj0G7KQo+GOtCXwfF3n9oY6OtxM8DhTIHvKkb
VuHstsJO2jlaxefxHm1WIyXIBD/ibQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org