Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/xqLmLtgBBHZbUfNjLxoSo0-J2cI.roa
File: xqLmLtgBBHZbUfNjLxoSo0-J2cI.roa (raw, json)
Hash identifier: q5oa6Gr8FcUkR6w8UvhpLISpiRJhscbyPuK0UNbaxVI=
Subject key identifier: C6:A2:E6:2E:D8:01:04:76:5B:51:F3:63:2F:1A:12:A3:4F:89:D9:C2
Certificate issuer: /CN=0c037dd22b7aabe282225afb256b8d9dcbeba353
Certificate serial: 018DF9BC10CCD25CBAEBE36F4B2FD583F9BF
Authority key identifier: 0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/xqLmLtgBBHZbUfNjLxoSo0-J2cI.roa
Signing time: Fri 01 Mar 2024 11:17:48 +0000
ROA not before: Fri 01 Mar 2024 11:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50023
IP address blocks: 109.68.12.0/22 maxlen: 22
185.14.212.0/22 maxlen: 22
185.137.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 01 Mar 2024 11:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:bc:10:cc:d2:5c:ba:eb:e3:6f:4b:2f:d5:83:f9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c037dd22b7aabe282225afb256b8d9dcbeba353
Validity
Not Before: Mar 1 11:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6a2e62ed80104765b51f3632f1a12a34f89d9c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b5:cd:72:e7:f3:c9:10:17:d3:d4:1a:bc:e2:
9c:c9:0a:77:c8:47:3f:2b:60:f5:14:63:27:2a:25:
db:57:40:c4:69:06:13:57:fd:b6:83:f8:98:ec:e9:
a7:0a:aa:2b:2e:f9:7e:10:6d:45:43:6d:0b:7c:53:
d4:6a:00:e3:d7:37:d1:3b:b3:e2:63:ad:14:a9:c7:
09:87:b1:fe:ad:7e:81:85:93:1f:2d:55:51:a2:c1:
58:48:c1:bc:ce:d0:45:c3:6d:da:8f:39:1f:84:c0:
a2:4d:72:7d:60:a5:0e:7d:a1:fc:c8:32:53:fe:e5:
ee:e8:c8:98:0d:25:c7:8a:42:99:92:4f:75:85:b2:
3c:08:f1:39:11:82:0b:55:b4:f6:50:09:fd:d9:1c:
a6:4a:6f:b0:04:16:25:9e:c4:dd:06:70:f5:68:5d:
27:dd:a2:3b:10:bb:14:4a:68:76:5a:fc:d4:97:ca:
7f:19:f0:04:db:a1:10:09:1b:7b:b7:dc:e4:82:58:
98:9e:53:6f:84:55:80:66:dd:af:46:d7:e0:3e:d1:
b2:73:b8:df:a9:77:94:5b:e2:ca:1d:91:a6:be:a2:
c1:a0:3b:d6:7a:96:00:97:7e:15:70:3b:26:79:6b:
e0:ff:ea:aa:97:7f:4e:5e:ce:01:24:51:7c:9a:9d:
8e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A2:E6:2E:D8:01:04:76:5B:51:F3:63:2F:1A:12:A3:4F:89:D9:C2
X509v3 Authority Key Identifier:
keyid:0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/xqLmLtgBBHZbUfNjLxoSo0-J2cI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.12.0/22
185.14.212.0/22
185.137.64.0/22
Signature Algorithm: sha256WithRSAEncryption
23:12:30:4e:05:86:22:59:c7:ad:62:bc:8f:7b:fc:94:e4:71:
e3:c5:25:2f:0d:3b:bb:90:a6:90:8d:ec:21:f7:66:da:8e:f5:
a4:74:30:ec:20:74:7f:17:22:12:4f:0b:2e:55:72:93:3a:12:
47:a0:cb:95:0c:e1:a7:d4:71:dc:37:9c:10:6f:e2:3f:3c:32:
56:be:d2:2d:9f:81:50:e5:12:d2:e8:2c:58:86:23:08:2f:69:
93:28:aa:6c:dd:8b:57:2d:09:b5:d6:7e:86:de:36:13:51:d9:
4c:a6:05:70:f2:a8:6c:38:9b:46:14:08:93:2b:f0:1f:70:fc:
52:f0:19:7e:e5:61:29:8a:5b:f9:b7:48:05:3c:e6:bc:f0:7b:
8f:ae:ca:a6:f9:9f:d2:d9:17:1a:74:54:ec:f2:db:45:80:7d:
c2:c1:a0:b6:7d:02:a1:71:ad:02:e8:55:14:19:13:b7:8b:a6:
dd:5a:88:4c:5a:b0:bc:f7:d9:f6:b5:54:9e:65:73:fa:a4:36:
03:28:b5:e1:5f:1a:aa:69:94:fd:9e:d7:83:fa:f2:c6:b0:9c:
2a:1a:cf:01:a8:b3:b3:4f:48:50:cc:22:ac:f3:67:60:9a:88:
2f:e8:19:47:d2:41:22:52:5e:d2:93:e7:14:52:1a:71:a8:01:
ab:d8:db:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY35vBDM0ly66+NvSy/Vg/m/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDM3ZGQyMmI3YWFiZTI4MjIyNWFmYjI1NmI4ZDlkY2Jl
YmEzNTMwHhcNMjQwMzAxMTExNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmEyZTYyZWQ4MDEwNDc2NWI1MWYzNjMyZjFhMTJhMzRmODlkOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbXNcufzyRAX09QavOKcyQp3yEc/
K2D1FGMnKiXbV0DEaQYTV/22g/iY7OmnCqorLvl+EG1FQ20LfFPUagDj1zfRO7Pi
Y60UqccJh7H+rX6BhZMfLVVRosFYSMG8ztBFw23ajzkfhMCiTXJ9YKUOfaH8yDJT
/uXu6MiYDSXHikKZkk91hbI8CPE5EYILVbT2UAn92RymSm+wBBYlnsTdBnD1aF0n
3aI7ELsUSmh2WvzUl8p/GfAE26EQCRt7t9zkgliYnlNvhFWAZt2vRtfgPtGyc7jf
qXeUW+LKHZGmvqLBoDvWepYAl34VcDsmeWvg/+qql39OXs4BJFF8mp2OmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMai5i7YAQR2W1HzYy8aEqNPidnCMB8GA1UdIwQY
MBaAFAwDfdIreqvigiJa+yVrjZ3L66NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWIt
ZThmM2E2NmVmNTU4LzEveHFMbUx0Z0JCSFpiVWZOakx4b1NvMC1KMmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWItZThmM2E2NmVmNTU4
LzEvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCbUQMAwQC
uQ7UAwQCuYlAMA0GCSqGSIb3DQEBCwUAA4IBAQAjEjBOBYYiWcetYryPe/yU5HHj
xSUvDTu7kKaQjewh92bajvWkdDDsIHR/FyISTwsuVXKTOhJHoMuVDOGn1HHcN5wQ
b+I/PDJWvtItn4FQ5RLS6CxYhiMIL2mTKKps3YtXLQm11n6G3jYTUdlMpgVw8qhs
OJtGFAiTK/AfcPxS8Bl+5WEpilv5t0gFPOa88HuPrsqm+Z/S2RcadFTs8ttFgH3C
waC2fQKhca0C6FUUGRO3i6bdWohMWrC899n2tVSeZXP6pDYDKLXhXxqqaZT9nteD
+vLGsJwqGs8BqLOzT0hQzCKs82dgmogv6BlH0kEiUl7Sk+cUUhpxqAGr2Nuj
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:07:43 2024 by rpki-client on console-ams.rpki-client.org