Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/xMWQnNMvXkBnEZOvZ9FBahnTyyQ.roa
File: xMWQnNMvXkBnEZOvZ9FBahnTyyQ.roa (raw, json)
Hash identifier: 4+DU4Tm1OfMPPWvUC7X3f5mAxKoUpl/eRa0ZDHdWBDk=
Subject key identifier: C4:C5:90:9C:D3:2F:5E:40:67:11:93:AF:67:D1:41:6A:19:D3:CB:24
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 018570FBA89FAADB64CD80678024DE21FB06
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/xMWQnNMvXkBnEZOvZ9FBahnTyyQ.roa
Signing time: Mon 02 Jan 2023 05:36:58 +0000
ROA not before: Mon 02 Jan 2023 05:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201975
IP address blocks: 193.148.20.0/22 maxlen: 24
45.86.176.0/22 maxlen: 24
185.54.180.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a8:9f:aa:db:64:cd:80:67:80:24:de:21:fb:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Jan 2 05:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4c5909cd32f5e40671193af67d1416a19d3cb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:ff:3f:82:ad:44:4f:80:e9:f2:14:54:16:
04:12:51:06:a7:03:15:87:dd:e1:b9:4a:c4:1a:f3:
01:75:82:4b:58:85:52:c1:ce:c8:2c:c5:9f:d8:43:
ff:47:31:3e:bd:c7:b3:6e:f7:fb:eb:44:84:94:aa:
2b:89:18:35:c2:a4:e8:11:53:1c:a0:ec:87:4f:1c:
05:b1:fe:c6:b3:87:f1:97:25:9c:a5:ec:8d:2a:67:
49:1d:3c:e5:e9:dc:ce:72:f5:0a:e7:4b:fb:8c:a3:
2c:a6:c5:e0:33:01:8d:bc:a6:d2:4a:40:04:03:4a:
2a:30:4b:a6:67:e6:66:07:64:a1:5f:50:d0:0c:04:
dd:d1:c5:87:5f:ac:ae:52:7a:e8:48:71:01:17:00:
b1:86:a5:bf:a2:3a:4f:47:89:e5:96:f5:23:7a:d1:
8c:04:33:ae:42:3b:9a:78:c1:8f:fa:0a:89:f2:bc:
9a:e1:8c:f8:c5:54:2f:dd:1c:5f:a1:07:c8:60:c1:
71:03:c9:c7:db:5e:ef:5d:d3:8d:e5:2a:89:f2:b1:
98:66:e5:a2:56:c1:ba:b3:ae:31:67:49:74:8e:b6:
c3:ec:bc:4a:4b:ae:c3:49:b2:03:1d:c0:a9:cb:81:
66:bd:f1:ad:4b:2f:65:86:a6:55:d7:2d:79:79:0b:
80:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C5:90:9C:D3:2F:5E:40:67:11:93:AF:67:D1:41:6A:19:D3:CB:24
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/xMWQnNMvXkBnEZOvZ9FBahnTyyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
06:fa:cf:0c:97:82:5b:15:2f:17:2e:30:c4:14:a8:74:ca:31:
70:1e:9b:2b:c5:09:a7:62:d6:1f:01:bc:55:f3:88:f0:34:bf:
48:6b:0d:d9:97:37:40:38:a5:59:dd:fc:64:b5:38:33:ce:9b:
47:0c:ae:ce:b0:4f:80:b0:c7:7b:ed:93:83:75:59:58:3a:3d:
91:71:1a:1e:d8:af:c3:26:c1:f5:2f:76:da:7f:14:56:dd:69:
25:76:73:a7:d4:ab:5f:46:51:a6:33:d6:fe:ee:01:fc:74:cd:
57:3a:b8:1c:54:2a:8b:16:c0:98:ba:3f:16:a6:c9:65:c1:0a:
44:8d:de:a7:64:56:82:3e:ce:55:25:59:dd:89:5a:64:f3:1a:
86:42:62:1b:96:14:29:ac:2a:a7:78:f2:90:95:c0:26:7e:d1:
59:69:2d:d6:cd:d8:69:a0:62:5d:4b:42:8b:59:b7:a1:78:0a:
b6:d9:3b:ed:40:f2:36:d0:c7:75:a5:56:63:0f:22:e2:56:6a:
11:eb:b4:3c:bd:b4:f4:c0:a1:54:75:31:26:63:45:f2:d9:d3:
02:d7:87:db:e9:4e:71:f9:fe:9f:49:98:2e:78:fb:6e:f3:a8:
e4:4b:30:20:21:d8:dd:58:69:05:b2:59:5e:06:64:e7:df:45:
97:40:4a:90
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw+6ifqttkzYBngCTeIfsGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjMwMTAyMDUzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM1OTA5Y2QzMmY1ZTQwNjcxMTkzYWY2N2QxNDE2YTE5ZDNjYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcP/P4KtRE+A6fIUVBYEElEGpwMV
h93huUrEGvMBdYJLWIVSwc7ILMWf2EP/RzE+vcezbvf760SElKoriRg1wqToEVMc
oOyHTxwFsf7Gs4fxlyWcpeyNKmdJHTzl6dzOcvUK50v7jKMspsXgMwGNvKbSSkAE
A0oqMEumZ+ZmB2ShX1DQDATd0cWHX6yuUnroSHEBFwCxhqW/ojpPR4nllvUjetGM
BDOuQjuaeMGP+gqJ8rya4Yz4xVQv3RxfoQfIYMFxA8nH217vXdON5SqJ8rGYZuWi
VsG6s64xZ0l0jrbD7LxKS67DSbIDHcCpy4FmvfGtSy9lhqZV1y15eQuAjQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMTFkJzTL15AZxGTr2fRQWoZ08skMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEveE1XUW5OTXZYa0JuRVpPdlo5RkJhaG5UeXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQAG+s8Ml4JbFS8XLjDEFKh0yjFwHpsrxQmnYtYfAbxV84jwNL9Iaw3Z
lzdAOKVZ3fxktTgzzptHDK7OsE+AsMd77ZODdVlYOj2RcRoe2K/DJsH1L3bafxRW
3WkldnOn1KtfRlGmM9b+7gH8dM1XOrgcVCqLFsCYuj8WpsllwQpEjd6nZFaCPs5V
JVndiVpk8xqGQmIblhQprCqnePKQlcAmftFZaS3WzdhpoGJdS0KLWbeheAq22Tvt
QPI20Md1pVZjDyLiVmoR67Q8vbT0wKFUdTEmY0Xy2dMC14fb6U5x+f6fSZguePtu
86jkSzAgIdjdWGkFslleBmTn30WXQEqQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:13 2024 by rpki-client on console-fra.rpki-client.org