Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XJ3BuawqrzJ0Os7qhZeogf-X6tg.roa
File: XJ3BuawqrzJ0Os7qhZeogf-X6tg.roa (raw, json)
Hash identifier: cXzLZ539p5+gWGWMENWaI5T/lwn4nu2dIlC3+JjCAYg=
Subject key identifier: 5C:9D:C1:B9:AC:2A:AF:32:74:3A:CE:EA:85:97:A8:81:FF:97:EA:D8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CAC8F5D16F0E6F5FCEBFE8F3E6FDCC6CA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XJ3BuawqrzJ0Os7qhZeogf-X6tg.roa
Signing time: Wed 27 Dec 2023 18:35:25 +0000
ROA not before: Wed 27 Dec 2023 18:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206654
IP address blocks: 185.212.11.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
45.88.124.0/22 maxlen: 22
2a0f:fa00::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ac:8f:5d:16:f0:e6:f5:fc:eb:fe:8f:3e:6f:dc:c6:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 27 18:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c9dc1b9ac2aaf32743aceea8597a881ff97ead8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f6:bd:38:1c:c7:cc:6b:8a:8d:7f:1a:13:97:
cf:44:dd:06:58:04:8b:85:c5:18:60:8f:8b:c5:f7:
9b:03:44:80:0f:67:40:36:7d:9f:bd:ad:6e:aa:d3:
cb:1a:af:38:51:6f:d8:51:ef:55:11:23:bd:fc:ee:
12:9f:7a:f4:44:9c:8f:9e:e9:03:6d:e1:ab:75:ea:
f9:37:0a:f9:be:cd:b4:44:01:ab:91:ee:bc:61:80:
8e:e8:43:96:72:a8:8b:56:04:06:5e:5f:f3:a9:ed:
05:26:c3:3b:17:d3:bf:24:c3:52:f8:4f:11:15:ec:
ab:6f:09:52:fb:e6:9a:24:ec:7c:13:1b:05:96:59:
fa:5d:60:c4:e3:9f:81:15:75:f1:29:13:34:3b:68:
67:6b:08:17:3a:2a:b9:42:2c:eb:0f:f8:d1:33:35:
c8:e0:e2:5f:49:e1:df:ec:95:fc:75:48:e7:70:73:
09:d8:04:5a:0b:6a:e7:71:b7:46:9e:a4:d3:2c:ed:
59:96:5c:80:04:c7:d4:58:52:41:e0:66:3e:47:92:
80:1b:4e:69:14:31:0e:4c:01:23:1e:b4:ca:f7:b9:
da:52:43:7b:76:dd:58:37:7a:a2:b5:05:bf:2b:6d:
e0:28:ea:04:96:55:a8:b3:5e:fc:50:40:7a:6e:49:
a1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9D:C1:B9:AC:2A:AF:32:74:3A:CE:EA:85:97:A8:81:FF:97:EA:D8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XJ3BuawqrzJ0Os7qhZeogf-X6tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.124.0/22
185.212.11.0/24
194.213.10.0/24
IPv6:
2a0f:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
20:06:ba:4e:c7:1b:0b:08:ac:76:fa:f9:c8:d1:f3:a6:a6:37:
1d:52:4f:c7:af:15:9b:fc:47:b8:3e:d9:6e:9b:30:1e:5d:57:
da:a8:59:a1:fd:19:dc:2e:08:49:b3:1c:eb:98:a1:ce:e0:60:
cc:ff:a7:71:4b:84:a0:ca:59:84:e6:16:7f:a5:e6:a2:e3:7e:
b0:4a:df:99:b2:ed:f1:d9:a6:a5:07:99:0d:32:7b:70:2b:8a:
16:85:b0:08:a0:4d:7b:8d:03:b4:c9:c4:2e:6f:b8:c7:94:13:
05:46:65:3a:ef:e9:71:ce:cd:9e:e9:d8:51:30:54:99:5a:65:
5b:c4:92:b2:70:e6:4e:fc:50:3d:b9:2b:f2:83:e0:47:ca:bf:
b5:86:bf:95:f2:d0:cd:ac:75:e6:8d:59:34:9f:7d:60:70:6c:
b2:34:14:44:97:81:32:55:8f:a6:55:b5:c5:9e:fb:90:2a:e4:
02:8b:24:e8:b7:f2:69:ef:52:c5:6a:aa:87:f8:b3:eb:9f:1d:
03:9c:a9:0f:48:bc:65:e8:12:97:fc:c7:75:7f:a6:df:c9:f4:
c3:cd:e0:da:6e:44:a2:c8:69:cb:9e:28:80:ff:ff:32:7b:cc:
a3:3f:37:b9:20:78:12:45:05:3a:02:56:2b:e6:77:57:63:cc:
d2:e8:b9:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYysj10W8Ob1/Ov+jz5v3MbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMjI3MTgzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzlkYzFiOWFjMmFhZjMyNzQzYWNlZWE4NTk3YTg4MWZmOTdlYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfa9OBzHzGuKjX8aE5fPRN0GWASL
hcUYYI+LxfebA0SAD2dANn2fva1uqtPLGq84UW/YUe9VESO9/O4Sn3r0RJyPnukD
beGrder5Nwr5vs20RAGrke68YYCO6EOWcqiLVgQGXl/zqe0FJsM7F9O/JMNS+E8R
FeyrbwlS++aaJOx8ExsFlln6XWDE45+BFXXxKRM0O2hnawgXOiq5QizrD/jRMzXI
4OJfSeHf7JX8dUjncHMJ2ARaC2rncbdGnqTTLO1ZllyABMfUWFJB4GY+R5KAG05p
FDEOTAEjHrTK97naUkN7dt1YN3qitQW/K23gKOoEllWos178UEB6bkmhewIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFydwbmsKq8ydDrO6oWXqIH/l+rYMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWEozQnVhd3FyekowT3M3cWhaZW9nZi1YNnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVh8AwQA
udQLAwQAwtUKMA0EAgACMAcDBQMqD/oAMA0GCSqGSIb3DQEBCwUAA4IBAQAgBrpO
xxsLCKx2+vnI0fOmpjcdUk/HrxWb/Ee4PtlumzAeXVfaqFmh/RncLghJsxzrmKHO
4GDM/6dxS4SgylmE5hZ/peai436wSt+Zsu3x2aalB5kNMntwK4oWhbAIoE17jQO0
ycQub7jHlBMFRmU67+lxzs2e6dhRMFSZWmVbxJKycOZO/FA9uSvyg+BHyr+1hr+V
8tDNrHXmjVk0n31gcGyyNBREl4EyVY+mVbXFnvuQKuQCiyTot/Jp71LFaqqH+LPr
nx0DnKkPSLxl6BKX/Md1f6bfyfTDzeDabkSiyGnLniiA//8ye8yjPze5IHgSRQU6
AlYr5ndXY8zS6Llt
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:06 2024 by rpki-client on console-ams.rpki-client.org