Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/xiJtRf8j5A7fQo4Q_TqLr-9_QUg.roa
File: xiJtRf8j5A7fQo4Q_TqLr-9_QUg.roa (raw, json)
Hash identifier: H1veSnFSSL/RatPV7r2p0uDhZIw6N3+0dEcyFb8ETn4=
Subject key identifier: C6:22:6D:45:FF:23:E4:0E:DF:42:8E:10:FD:3A:8B:AF:EF:7F:41:48
Certificate issuer: /CN=1e7e08d56475bae407a4f2bca8e89a0997685a3a
Certificate serial: 018BA875D414FD86F7E29A171CC67FD962C4
Authority key identifier: 1E:7E:08:D5:64:75:BA:E4:07:A4:F2:BC:A8:E8:9A:09:97:68:5A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hn4I1WR1uuQHpPK8qOiaCZdoWjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/xiJtRf8j5A7fQo4Q_TqLr-9_QUg.roa
Signing time: Tue 07 Nov 2023 06:26:16 +0000
ROA not before: Tue 07 Nov 2023 06:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34525
IP address blocks: 109.231.0.0/18 maxlen: 18
109.231.0.0/20 maxlen: 22
109.231.16.0/20 maxlen: 22
83.175.144.0/20 maxlen: 22
185.13.232.0/22 maxlen: 22
109.231.48.0/21 maxlen: 22
91.224.120.0/23 maxlen: 23
2a00:1ce8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:75:d4:14:fd:86:f7:e2:9a:17:1c:c6:7f:d9:62:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e7e08d56475bae407a4f2bca8e89a0997685a3a
Validity
Not Before: Nov 7 06:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6226d45ff23e40edf428e10fd3a8bafef7f4148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:9a:0a:c4:a5:b6:8f:2a:54:b3:69:8f:33:99:
24:84:57:1c:7f:34:cd:49:37:44:cd:6c:1a:d6:df:
e8:e9:87:52:1d:ca:fe:53:ba:88:78:a9:6f:ca:f4:
fd:6d:2c:77:77:39:6c:58:67:a2:af:94:31:c7:81:
35:a7:49:50:ef:39:12:ff:13:64:65:cd:a0:c8:3a:
a4:e8:9d:14:78:29:fa:97:43:f7:bc:63:39:ac:fc:
bb:50:c3:36:4c:f8:0c:05:00:11:ab:43:c3:78:f1:
5a:31:8d:cb:6d:7d:87:45:fe:7c:2a:8e:48:9b:0b:
31:af:13:77:9c:76:d3:d9:1b:8b:54:c5:9c:76:28:
c9:9e:63:8a:62:9f:c0:b0:bd:69:fb:a0:e1:35:9d:
36:5a:f8:6a:77:2f:66:b3:b4:30:0e:55:49:c9:cf:
5d:ca:f1:21:da:7f:a8:c9:86:97:2c:d2:75:db:23:
92:ea:44:f9:cb:61:a5:53:86:65:61:e1:a8:a5:6a:
b8:e2:ca:55:e6:73:fb:e3:e5:ed:54:96:82:9a:a4:
12:3b:95:e6:d4:37:71:ea:5a:84:34:af:0c:af:89:
cd:17:11:05:9a:53:a4:33:ee:77:fe:ed:95:b2:a1:
d8:7e:51:b1:21:86:32:ac:24:27:60:c1:7b:2f:6d:
86:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:22:6D:45:FF:23:E4:0E:DF:42:8E:10:FD:3A:8B:AF:EF:7F:41:48
X509v3 Authority Key Identifier:
keyid:1E:7E:08:D5:64:75:BA:E4:07:A4:F2:BC:A8:E8:9A:09:97:68:5A:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hn4I1WR1uuQHpPK8qOiaCZdoWjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/xiJtRf8j5A7fQo4Q_TqLr-9_QUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d27567-710c-48cd-9e5d-3002df825d5d/1/Hn4I1WR1uuQHpPK8qOiaCZdoWjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.175.144.0/20
91.224.120.0/23
109.231.0.0/18
185.13.232.0/22
IPv6:
2a00:1ce8::/32
Signature Algorithm: sha256WithRSAEncryption
1a:52:47:b5:4c:7e:9f:f4:a2:de:b5:1c:ed:4e:f2:a4:b8:19:
7b:53:39:f1:4d:fc:94:11:8d:50:34:4d:80:f1:db:e7:37:ee:
bc:0a:65:70:6e:94:93:91:65:6b:24:a2:13:ab:81:4f:c3:12:
3f:af:a8:da:33:04:ce:44:1c:c6:b4:88:2e:ea:0a:3a:ef:ba:
60:0c:d2:07:01:be:ea:6c:eb:96:6d:a1:74:b1:88:f5:ec:ef:
17:0a:e5:cf:a3:45:ec:75:14:e5:c1:fb:ca:ca:f5:14:94:1a:
b6:09:27:43:ec:43:71:2c:80:c5:eb:4f:9c:dc:26:92:d4:41:
41:f4:b2:b4:35:48:3c:82:f0:a2:c9:0c:f0:ab:80:ae:a4:54:
8d:59:98:82:6e:18:a5:dc:62:f8:55:0c:4f:08:aa:27:3e:2d:
7e:8c:1e:51:b5:35:eb:90:ce:7b:c3:c5:c3:4d:85:3c:90:46:
ae:b2:65:f6:a1:59:de:08:88:39:fd:b0:2b:a1:36:13:07:8f:
b3:f3:ac:b9:46:0c:26:15:79:c8:12:df:90:2f:6a:94:c1:2b:
6d:3a:b6:06:2b:cd:87:b1:d9:db:84:05:6f:24:d7:5b:a4:39:
54:d2:7f:15:f5:83:a9:20:cd:69:e2:26:0c:85:cc:09:8a:62:
2a:bc:a1:08
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYuoddQU/Yb34poXHMZ/2WLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlN2UwOGQ1NjQ3NWJhZTQwN2E0ZjJiY2E4ZTg5YTA5OTc2
ODVhM2EwHhcNMjMxMTA3MDYyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjIyNmQ0NWZmMjNlNDBlZGY0MjhlMTBmZDNhOGJhZmVmN2Y0MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JoKxKW2jypUs2mPM5kkhFccfzTN
STdEzWwa1t/o6YdSHcr+U7qIeKlvyvT9bSx3dzlsWGeir5Qxx4E1p0lQ7zkS/xNk
Zc2gyDqk6J0UeCn6l0P3vGM5rPy7UMM2TPgMBQARq0PDePFaMY3LbX2HRf58Ko5I
mwsxrxN3nHbT2RuLVMWcdijJnmOKYp/AsL1p+6DhNZ02Wvhqdy9ms7QwDlVJyc9d
yvEh2n+oyYaXLNJ12yOS6kT5y2GlU4ZlYeGopWq44spV5nP74+XtVJaCmqQSO5Xm
1Ddx6lqENK8Mr4nNFxEFmlOkM+53/u2VsqHYflGxIYYyrCQnYMF7L22GmwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMYibUX/I+QO30KOEP06i6/vf0FIMB8GA1UdIwQY
MBaAFB5+CNVkdbrkB6TyvKjomgmXaFo6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSG40STFXUjF1dVFIcFBLOHFPaWFDWmRvV2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kMjc1NjctNzEwYy00OGNkLTllNWQt
MzAwMmRmODI1ZDVkLzEveGlKdFJmOGo1QTdmUW80UV9UcUxyLTlfUVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kMjc1NjctNzEwYy00OGNkLTllNWQtMzAwMmRmODI1ZDVk
LzEvSG40STFXUjF1dVFIcFBLOHFPaWFDWmRvV2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEU6+QAwQB
W+B4AwQGbecAAwQCuQ3oMA0EAgACMAcDBQAqABzoMA0GCSqGSIb3DQEBCwUAA4IB
AQAaUke1TH6f9KLetRztTvKkuBl7UznxTfyUEY1QNE2A8dvnN+68CmVwbpSTkWVr
JKITq4FPwxI/r6jaMwTORBzGtIgu6go677pgDNIHAb7qbOuWbaF0sYj17O8XCuXP
o0XsdRTlwfvKyvUUlBq2CSdD7ENxLIDF60+c3CaS1EFB9LK0NUg8gvCiyQzwq4Cu
pFSNWZiCbhil3GL4VQxPCKonPi1+jB5RtTXrkM57w8XDTYU8kEausmX2oVneCIg5
/bAroTYTB4+z86y5RgwmFXnIEt+QL2qUwSttOrYGK82HsdnbhAVvJNdbpDlU0n8V
9YOpIM1p4iYMhcwJimIqvKEI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:53 2024 by rpki-client on console-fra.rpki-client.org