Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/xl7NKw74kwXnmDVe6I775roCgi4.roa
File: xl7NKw74kwXnmDVe6I775roCgi4.roa (raw, json)
Hash identifier: rhR7PCWVuTXukyN2nZJv8gqYZWonpSAAAozL9cuz9AE=
Subject key identifier: C6:5E:CD:2B:0E:F8:93:05:E7:98:35:5E:E8:8E:FB:E6:BA:02:82:2E
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018C8C8A3A2703E60EF7750FFB1808726E7A
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/xl7NKw74kwXnmDVe6I775roCgi4.roa
Signing time: Thu 21 Dec 2023 13:21:58 +0000
ROA not before: Thu 21 Dec 2023 13:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136038
IP address blocks: 91.204.224.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Dec 2023 13:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:8a:3a:27:03:e6:0e:f7:75:0f:fb:18:08:72:6e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 21 13:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c65ecd2b0ef89305e798355ee88efbe6ba02822e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e4:85:1f:28:1c:41:6a:78:40:6c:f6:da:eb:
a3:cc:ed:c8:18:75:12:f4:c1:82:bf:8f:bc:bc:eb:
e7:7b:45:d3:f7:18:78:16:bd:7b:46:ee:f2:d1:24:
91:63:43:e4:f2:19:9c:05:8f:6d:8c:b2:c4:2b:de:
12:59:23:55:da:00:a3:80:06:ff:3e:d7:11:22:b0:
b4:d0:e3:bd:b1:31:7a:a9:8a:f1:7d:a5:a0:a9:89:
0f:61:9d:d3:f1:aa:20:c6:2c:50:ac:9f:41:88:48:
ab:a7:24:15:6d:87:20:e0:c6:88:d1:61:e7:69:64:
7a:bd:4a:ff:a1:6e:82:87:d8:20:e6:33:fe:ae:6a:
ab:83:13:82:8c:e4:d2:79:cf:b4:7a:71:68:44:51:
56:c3:0c:34:0a:b9:05:e1:ce:91:f4:66:71:c8:83:
71:55:1e:db:cb:ba:10:c1:36:21:de:ec:80:7a:33:
20:12:57:a2:0b:78:41:eb:2b:1e:20:bd:22:1f:59:
a2:d5:62:e0:ff:2d:c1:95:1d:c6:59:fd:0c:62:de:
ef:a0:ff:27:7e:38:9b:d0:de:d6:32:e9:ae:9e:3a:
91:42:f4:e2:3a:3c:e4:81:08:4f:a4:91:2d:03:58:
f9:a9:b1:33:3f:9d:2a:78:69:2c:34:c2:ee:f5:f7:
b0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5E:CD:2B:0E:F8:93:05:E7:98:35:5E:E8:8E:FB:E6:BA:02:82:2E
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/xl7NKw74kwXnmDVe6I775roCgi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.155.0/24
91.204.224.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:0f:86:21:86:05:14:ed:2e:6d:f9:0a:3c:73:a7:84:6e:00:
fe:48:8c:34:f7:b9:be:1d:ce:dd:c9:95:52:b7:0e:58:30:74:
d4:95:70:02:5f:b7:8b:bb:9b:d5:10:57:ff:43:62:af:0f:53:
3e:b1:ad:52:1c:14:d8:0c:0f:b5:60:fd:3c:e1:d8:18:6a:3f:
6c:97:e8:ef:7f:c7:37:4b:5b:9f:b2:8c:35:44:07:34:50:a6:
6e:ab:81:7a:64:cc:a9:24:25:6d:90:2a:57:0c:84:76:9f:b4:
d1:ba:08:5c:ed:d1:f8:4f:3d:71:e0:ca:6d:f1:84:01:e6:e0:
96:ba:fa:78:8b:07:63:04:e7:bb:9b:2c:2d:d6:f9:03:bb:ac:
1a:13:ae:61:27:06:2a:17:20:db:3f:b0:5d:44:ef:73:d6:04:
98:fb:ce:94:c3:44:37:50:61:f3:71:e0:c4:47:26:bb:0a:d4:
e7:73:59:96:db:b9:e2:df:68:c8:a0:34:29:06:16:37:13:5c:
f6:fe:1c:cb:1f:e1:34:2b:87:5d:65:78:b3:97:ac:1a:02:73:
50:d9:33:e7:30:65:41:e8:d6:8a:5c:42:22:43:f8:56:19:e1:
0c:9f:fb:97:75:75:bc:ff:43:9b:a7:2a:4b:4e:84:34:e0:fb:
53:86:7a:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyMijonA+YO93UP+xgIcm56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjIxMTMyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjVlY2QyYjBlZjg5MzA1ZTc5ODM1NWVlODhlZmJlNmJhMDI4MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneSFHygcQWp4QGz22uujzO3IGHUS
9MGCv4+8vOvne0XT9xh4Fr17Ru7y0SSRY0Pk8hmcBY9tjLLEK94SWSNV2gCjgAb/
PtcRIrC00OO9sTF6qYrxfaWgqYkPYZ3T8aogxixQrJ9BiEirpyQVbYcg4MaI0WHn
aWR6vUr/oW6Ch9gg5jP+rmqrgxOCjOTSec+0enFoRFFWwww0CrkF4c6R9GZxyINx
VR7by7oQwTYh3uyAejMgEleiC3hB6yseIL0iH1mi1WLg/y3BlR3GWf0MYt7voP8n
fjib0N7WMumunjqRQvTiOjzkgQhPpJEtA1j5qbEzP50qeGksNMLu9fewOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZezSsO+JMF55g1XuiO++a6AoIuMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEveGw3Tkt3NzRrd1hubURWZTZJNzc1cm9DZ2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjubAwQC
W8zgMA0GCSqGSIb3DQEBCwUAA4IBAQB9D4YhhgUU7S5t+Qo8c6eEbgD+SIw097m+
Hc7dyZVStw5YMHTUlXACX7eLu5vVEFf/Q2KvD1M+sa1SHBTYDA+1YP084dgYaj9s
l+jvf8c3S1ufsow1RAc0UKZuq4F6ZMypJCVtkCpXDIR2n7TRughc7dH4Tz1x4Mpt
8YQB5uCWuvp4iwdjBOe7mywt1vkDu6waE65hJwYqFyDbP7BdRO9z1gSY+86Uw0Q3
UGHzceDERya7CtTnc1mW27ni32jIoDQpBhY3E1z2/hzLH+E0K4ddZXizl6waAnNQ
2TPnMGVB6NaKXEIiQ/hWGeEMn/uXdXW8/0ObpypLToQ04PtThnra
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:56 2024 by rpki-client on console-fra.rpki-client.org