Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/XZeExZtj7HWH_KOXLYHTdt_7PG8.roa
File: XZeExZtj7HWH_KOXLYHTdt_7PG8.roa (raw, json)
Hash identifier: esieMNWVQyckd7fjPSGNFOmtsH+v4Pjhv4ZLXRVA2mY=
Subject key identifier: 5D:97:84:C5:9B:63:EC:75:87:FC:A3:97:2D:81:D3:76:DF:FB:3C:6F
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 01863AB99D3B99061E9807460EA5823808C8
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/XZeExZtj7HWH_KOXLYHTdt_7PG8.roa
Signing time: Fri 10 Feb 2023 09:48:08 +0000
ROA not before: Fri 10 Feb 2023 09:48:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203501
IP address blocks: 194.113.27.0/24 maxlen: 24
194.113.26.0/24 maxlen: 24
89.37.88.0/22 maxlen: 24
45.86.116.0/22 maxlen: 24
45.87.198.0/24 maxlen: 24
45.87.197.0/24 maxlen: 24
45.87.196.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 May 2023 09:15:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:b9:9d:3b:99:06:1e:98:07:46:0e:a5:82:38:08:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Feb 10 09:48:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d9784c59b63ec7587fca3972d81d376dffb3c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5d:d2:61:ab:1e:00:e5:7e:1c:0f:34:e8:fc:
75:9f:d2:ea:c9:49:3f:d8:24:80:03:d8:a0:12:bf:
cc:f8:4f:56:7e:02:92:7b:e8:10:dc:4b:1a:da:66:
42:51:ae:eb:d1:6a:81:cb:da:32:5f:d8:2e:00:0e:
69:78:dc:17:f1:34:64:94:07:7f:21:24:6b:d0:2f:
f3:35:a0:b1:9c:76:93:99:f1:53:f4:33:cb:43:f1:
16:eb:c9:28:6a:04:fd:52:b3:4e:4a:70:45:d4:ae:
ff:01:fb:f1:32:5c:98:03:af:1f:8b:84:8e:c3:c4:
e6:a7:e6:19:ee:28:5d:66:1f:ca:e3:0c:64:5a:69:
7a:08:9b:2f:46:ff:4c:e6:41:8f:a7:28:b3:d2:53:
bd:28:75:ea:96:7f:17:4a:2e:2c:94:3c:04:29:89:
7d:26:54:9e:51:d4:8a:2c:cf:34:c5:37:6a:90:7d:
26:cf:e1:b8:32:14:68:23:e9:5e:af:f8:fc:cd:a1:
b8:cc:ff:b4:d1:f4:6b:39:61:f2:e9:a3:e6:bc:ec:
27:ec:55:be:75:df:d7:88:e5:55:01:e2:93:1b:57:
f2:96:c8:13:e5:06:f6:6a:cc:00:89:55:23:5a:f2:
6b:e1:b1:2d:4e:61:d8:07:22:1b:4a:ad:10:89:45:
48:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:97:84:C5:9B:63:EC:75:87:FC:A3:97:2D:81:D3:76:DF:FB:3C:6F
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/XZeExZtj7HWH_KOXLYHTdt_7PG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0-45.87.198.255
89.37.88.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
9b:df:a3:60:51:7d:da:ea:5d:be:33:9c:3e:8b:ad:df:7f:8b:
70:f4:35:24:e6:53:af:64:d0:2f:00:bb:b4:55:15:51:c2:ee:
22:d4:01:97:9e:31:77:8c:bd:ad:33:a5:ea:34:55:93:ab:02:
ad:e2:20:e1:ef:4a:64:8a:76:11:85:e5:a5:0f:a0:80:8d:61:
be:3c:13:20:55:92:d4:65:b2:ba:24:01:33:af:12:cb:9e:0c:
a4:00:b5:cc:5f:61:06:b5:df:02:16:80:52:e6:88:cf:5a:fb:
ad:b6:96:f3:f7:e8:31:f7:2f:ef:08:7e:da:75:f9:3c:c7:7f:
c7:92:c5:c6:df:f1:27:3e:b7:03:9e:44:1e:b5:67:47:fb:1d:
39:a9:96:94:2f:72:da:3e:d3:3c:cf:8f:88:36:04:e3:f0:e7:
95:91:91:d2:c8:4d:28:bd:48:1f:6a:6c:32:84:08:0b:e5:b7:
cc:4b:2a:bc:3b:cc:ae:ad:c7:bb:3f:f2:5f:83:0c:c3:b9:be:
24:1c:4c:d5:ae:3f:07:e2:06:1b:2e:55:34:91:a4:98:84:39:
65:29:ba:3c:3c:2d:df:13:8a:4d:e6:13:32:d9:5a:34:22:a1:
11:ba:0e:55:c7:9e:9a:5b:77:f4:4e:14:fa:3d:e4:38:89:37:
85:33:dd:31
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYY6uZ07mQYemAdGDqWCOAjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjMwMjEwMDk0ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk3ODRjNTliNjNlYzc1ODdmY2EzOTcyZDgxZDM3NmRmZmIzYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm13SYaseAOV+HA806Px1n9LqyUk/
2CSAA9igEr/M+E9WfgKSe+gQ3Esa2mZCUa7r0WqBy9oyX9guAA5peNwX8TRklAd/
ISRr0C/zNaCxnHaTmfFT9DPLQ/EW68koagT9UrNOSnBF1K7/AfvxMlyYA68fi4SO
w8Tmp+YZ7ihdZh/K4wxkWml6CJsvRv9M5kGPpyiz0lO9KHXqln8XSi4slDwEKYl9
JlSeUdSKLM80xTdqkH0mz+G4MhRoI+ler/j8zaG4zP+00fRrOWHy6aPmvOwn7FW+
dd/XiOVVAeKTG1fylsgT5Qb2aswAiVUjWvJr4bEtTmHYByIbSq0QiUVI5QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF2XhMWbY+x1h/yjly2B03bf+zxvMB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvWFplRXhadGo3SFdIX0tPWExZSFRkdF83UEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAmBAIAATAgAwQCLVZ0MAwD
BAItV8QDBAAtV8YDBAJZJVgDBAHCcRowDgQCAAIwCAMGACoCcED/MA0GCSqGSIb3
DQEBCwUAA4IBAQCb36NgUX3a6l2+M5w+i63ff4tw9DUk5lOvZNAvALu0VRVRwu4i
1AGXnjF3jL2tM6XqNFWTqwKt4iDh70pkinYRheWlD6CAjWG+PBMgVZLUZbK6JAEz
rxLLngykALXMX2EGtd8CFoBS5ojPWvuttpbz9+gx9y/vCH7adfk8x3/HksXG3/En
PrcDnkQetWdH+x05qZaUL3LaPtM8z4+INgTj8OeVkZHSyE0ovUgfamwyhAgL5bfM
Syq8O8yurce7P/JfgwzDub4kHEzVrj8H4gYbLlU0kaSYhDllKbo8PC3fE4pN5hMy
2Vo0IqERug5Vx56aW3f0ThT6PeQ4iTeFM90x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:51 2024 by rpki-client on console-fra.rpki-client.org