Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/XtOqT2Bs24I--4u5pks-Pc8G60I.roa
File: XtOqT2Bs24I--4u5pks-Pc8G60I.roa (raw, json)
Hash identifier: ev36TLUTd6/ohLfvaioq5/eDm3gWOf4hEGWbyupuPcQ=
Subject key identifier: 5E:D3:AA:4F:60:6C:DB:82:3E:FB:8B:B9:A6:4B:3E:3D:CF:06:EB:42
Certificate issuer: /CN=c0cac8d524a5fec7fc83a23830fbf9226a7601ae
Certificate serial: 01890C0679478E295418F7991A7004CE3E5B
Authority key identifier: C0:CA:C8:D5:24:A5:FE:C7:FC:83:A2:38:30:FB:F9:22:6A:76:01:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/XtOqT2Bs24I--4u5pks-Pc8G60I.roa
Signing time: Fri 30 Jun 2023 11:18:18 +0000
ROA not before: Fri 30 Jun 2023 11:18:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35575
IP address blocks: 84.19.40.0/21 maxlen: 21
84.19.48.0/21 maxlen: 21
185.25.236.0/22 maxlen: 22
84.19.56.0/21 maxlen: 21
209.42.0.0/19 maxlen: 19
185.152.216.0/22 maxlen: 22
185.219.92.0/22 maxlen: 22
46.149.240.0/20 maxlen: 20
188.127.64.0/19 maxlen: 19
84.19.32.0/21 maxlen: 21
84.19.32.0/19 maxlen: 19
2a02:29d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Jul 2023 11:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:06:79:47:8e:29:54:18:f7:99:1a:70:04:ce:3e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0cac8d524a5fec7fc83a23830fbf9226a7601ae
Validity
Not Before: Jun 30 11:18:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ed3aa4f606cdb823efb8bb9a64b3e3dcf06eb42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:00:9b:e8:59:dc:0e:11:9d:ab:cb:1a:c6:19:
1e:46:6f:12:96:9d:af:0c:b7:88:34:83:ef:56:ea:
78:ae:e3:1e:b2:e9:10:65:4b:56:da:ce:e3:ca:44:
ca:68:e3:4a:a6:95:24:b1:f5:1d:63:f8:c1:a0:6f:
9b:12:c8:9e:bb:18:44:76:91:04:72:40:a9:21:71:
a8:19:af:fb:d6:c5:1b:2d:29:e2:4e:12:11:77:5c:
89:8b:4f:d7:50:da:9d:59:78:d0:17:1d:b9:53:7c:
8a:e5:7a:4d:21:08:70:58:f1:58:01:73:f0:a4:68:
0b:69:f6:46:4d:16:41:dc:ba:6e:3a:9f:7e:57:15:
4f:24:ad:14:7d:f7:e2:f4:fc:cb:e3:43:11:a0:5a:
e6:5f:d5:70:1e:cb:94:4a:65:f6:40:78:e6:f7:35:
8f:c6:f5:40:a3:93:cc:a4:d0:ac:ed:0c:10:0c:0c:
53:68:01:62:e6:7f:15:a2:79:b6:04:8b:d5:6c:c5:
07:d2:1e:4d:07:8b:30:da:72:58:81:54:1a:9b:a4:
b4:f5:00:2b:d8:b6:a0:32:db:48:31:88:0a:50:94:
75:a8:2d:a6:2a:42:5b:05:d7:9a:a9:84:52:c6:2b:
a9:a7:93:09:b2:be:2e:14:3a:8b:81:1b:c2:e1:9f:
b5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D3:AA:4F:60:6C:DB:82:3E:FB:8B:B9:A6:4B:3E:3D:CF:06:EB:42
X509v3 Authority Key Identifier:
keyid:C0:CA:C8:D5:24:A5:FE:C7:FC:83:A2:38:30:FB:F9:22:6A:76:01:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/XtOqT2Bs24I--4u5pks-Pc8G60I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9f5b81-ae4d-46a4-bb82-7655c89f14d6/1/wMrI1SSl_sf8g6I4MPv5Imp2Aa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.240.0/20
84.19.32.0/19
185.25.236.0/22
185.152.216.0/22
185.219.92.0/22
188.127.64.0/19
209.42.0.0/19
IPv6:
2a02:29d0::/32
Signature Algorithm: sha256WithRSAEncryption
a6:75:bc:3c:37:f7:90:d8:9d:ce:3a:5c:e2:02:a2:8f:48:a8:
8b:41:86:0d:04:81:d6:8b:68:bc:91:56:0e:3b:cb:a5:58:8f:
71:1d:51:40:66:6e:2b:b6:0d:14:e3:5e:94:36:c4:46:62:e9:
2c:a7:29:4c:e1:89:89:5c:bc:4f:12:ea:5f:b9:94:ee:e1:ff:
dc:29:80:f7:19:72:56:49:40:94:9a:f0:1b:f0:57:15:e6:6d:
fc:54:f2:13:ba:c2:ea:3b:8c:a3:6d:da:63:68:79:14:af:a9:
87:f7:85:d1:e6:4e:ca:fb:6a:ee:7c:7c:d2:b7:c5:73:fe:f6:
b7:e8:4c:d2:05:a0:e5:1a:df:3e:49:4d:83:a8:63:d7:53:6c:
1c:61:56:e9:c2:b1:4b:50:19:c1:68:f0:65:9c:1f:67:d3:e7:
b0:3d:80:4c:97:94:7b:08:6b:f5:d7:0e:9b:50:22:50:be:4f:
06:3f:a1:a2:dd:d9:ab:5c:db:7a:f2:84:ba:07:2d:99:55:21:
b8:d5:4d:db:8d:4c:9c:78:7b:9c:e1:76:55:61:c9:5e:3c:16:
62:74:d3:8c:83:49:19:7e:60:15:ed:fa:3e:11:9b:62:4c:f7:
12:db:64:36:5d:1c:aa:5e:62:b8:14:bb:8c:08:1c:73:ef:d0:
af:9d:70:5f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYkMBnlHjilUGPeZGnAEzj5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwY2FjOGQ1MjRhNWZlYzdmYzgzYTIzODMwZmJmOTIyNmE3
NjAxYWUwHhcNMjMwNjMwMTExODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQzYWE0ZjYwNmNkYjgyM2VmYjhiYjlhNjRiM2UzZGNmMDZlYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQCb6FncDhGdq8saxhkeRm8Slp2v
DLeINIPvVup4ruMesukQZUtW2s7jykTKaONKppUksfUdY/jBoG+bEsieuxhEdpEE
ckCpIXGoGa/71sUbLSniThIRd1yJi0/XUNqdWXjQFx25U3yK5XpNIQhwWPFYAXPw
pGgLafZGTRZB3LpuOp9+VxVPJK0Ufffi9PzL40MRoFrmX9VwHsuUSmX2QHjm9zWP
xvVAo5PMpNCs7QwQDAxTaAFi5n8Vonm2BIvVbMUH0h5NB4sw2nJYgVQam6S09QAr
2LagMttIMYgKUJR1qC2mKkJbBdeaqYRSxiupp5MJsr4uFDqLgRvC4Z+1dwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFF7Tqk9gbNuCPvuLuaZLPj3PButCMB8GA1UdIwQY
MBaAFMDKyNUkpf7H/IOiODD7+SJqdgGuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01ySTFTU2xfc2Y4ZzZJNE1QdjVJbXAyQWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85ZjViODEtYWU0ZC00NmE0LWJiODIt
NzY1NWM4OWYxNGQ2LzEvWHRPcVQyQnMyNEktLTR1NXBrcy1QYzhHNjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85ZjViODEtYWU0ZC00NmE0LWJiODItNzY1NWM4OWYxNGQ2
LzEvd01ySTFTU2xfc2Y4ZzZJNE1QdjVJbXAyQWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELpXwAwQF
VBMgAwQCuRnsAwQCuZjYAwQCudtcAwQFvH9AAwQF0SoAMA0EAgACMAcDBQAqAinQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCmdbw8N/eQ2J3OOlziAqKPSKiLQYYNBIHWi2i8
kVYOO8ulWI9xHVFAZm4rtg0U416UNsRGYukspylM4YmJXLxPEupfuZTu4f/cKYD3
GXJWSUCUmvAb8FcV5m38VPITusLqO4yjbdpjaHkUr6mH94XR5k7K+2rufHzSt8Vz
/va36EzSBaDlGt8+SU2DqGPXU2wcYVbpwrFLUBnBaPBlnB9n0+ewPYBMl5R7CGv1
1w6bUCJQvk8GP6Gi3dmrXNt68oS6By2ZVSG41U3bjUyceHuc4XZVYclePBZidNOM
g0kZfmAV7fo+EZtiTPcS22Q2XRyqXmK4FLuMCBxz79CvnXBf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:16 2024 by rpki-client on console-ams.rpki-client.org