Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XBk8liOdmGIF5GIje29yoGrlG10.roa
File: XBk8liOdmGIF5GIje29yoGrlG10.roa (raw, json)
Hash identifier: 6zCZUhP9oynxtTApOxk86kCqCkwm9PJGgYH4MpmgBaw=
Subject key identifier: 5C:19:3C:96:23:9D:98:62:05:E4:62:23:7B:6F:72:A0:6A:E5:1B:5D
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CB618A7A979A469EC341563E80FCC545A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XBk8liOdmGIF5GIje29yoGrlG10.roa
Signing time: Fri 29 Dec 2023 15:01:58 +0000
ROA not before: Fri 29 Dec 2023 15:01:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 46.173.240.0/21 maxlen: 21
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:18:a7:a9:79:a4:69:ec:34:15:63:e8:0f:cc:54:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 29 15:01:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c193c96239d986205e462237b6f72a06ae51b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c4:f3:ab:9a:83:10:e8:65:75:6a:aa:f9:7a:
f7:d2:5d:fc:14:65:95:4a:e4:0b:b0:ab:49:54:0f:
f6:0c:99:53:60:78:75:68:b9:9e:72:d6:bd:8d:44:
23:90:48:67:7c:f8:7d:0b:2e:48:67:df:50:14:f9:
ff:50:b2:3c:31:6b:ad:6a:60:3e:60:94:a1:20:1b:
98:87:61:4c:25:6b:80:b0:37:1e:53:ac:74:db:b4:
b8:ff:24:e0:d7:b4:d0:4e:5d:29:2c:de:77:a0:83:
0f:7d:ec:4c:4b:2c:98:6e:12:6a:97:1f:b2:22:99:
b0:e2:69:ac:33:db:d1:e3:3e:a1:8b:95:59:10:32:
b6:45:63:85:dd:d4:ab:84:06:c4:8b:b2:ac:e2:04:
97:77:d8:c1:a3:da:6f:31:6b:13:e9:55:b4:1f:1e:
9a:e5:6c:eb:ef:b6:8e:fd:09:1a:5b:a7:90:32:de:
ef:4d:6f:c0:4b:7f:96:9e:bf:06:61:41:c1:2f:71:
b0:5b:40:1a:6e:67:7e:33:3f:0e:b2:29:97:68:3e:
06:25:a5:6f:12:81:32:18:cc:e2:98:77:7f:66:87:
d8:3e:6c:fe:76:ba:6e:f4:0d:c2:7d:00:9f:27:09:
0a:28:a0:3c:af:58:ee:2f:de:c0:a8:6a:93:17:b2:
bb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:19:3C:96:23:9D:98:62:05:E4:62:23:7B:6F:72:A0:6A:E5:1B:5D
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XBk8liOdmGIF5GIje29yoGrlG10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.173.240.0/21
91.233.0.0/23
Signature Algorithm: sha256WithRSAEncryption
55:a4:b8:2f:fe:21:ed:5c:fd:31:d8:2f:7c:58:91:01:59:65:
06:e1:8e:4a:d3:a4:ed:88:12:55:b4:14:10:1c:3e:80:e1:0e:
ca:2b:d7:71:de:55:e1:42:17:26:5f:07:02:97:f0:de:52:e5:
39:2d:99:cb:81:58:a8:89:45:ff:24:c6:0a:30:80:a1:f8:80:
dc:c4:76:45:88:18:93:8f:c7:ce:fd:80:f1:6a:f7:5c:5b:04:
b5:f9:b1:d8:5a:90:6f:59:75:d6:33:a3:fd:70:ae:c5:df:89:
76:e9:31:0b:df:78:4f:2c:15:7c:b4:88:bf:79:e3:56:39:cc:
da:ad:14:93:a6:83:22:2d:36:85:82:89:ff:62:fc:46:23:7b:
90:8f:92:1f:c9:a4:f2:5f:f5:ee:e3:a7:09:36:1e:dc:20:ac:
6a:67:67:67:2d:f5:7f:a3:8d:03:df:d5:36:3a:2b:c7:54:6a:
0f:c9:6a:b8:bd:14:f0:d8:37:26:b8:ca:57:8b:cb:c0:63:47:
b5:8f:dc:f1:13:f1:4f:c6:9c:07:7e:73:83:96:18:32:4d:d8:
6d:93:7d:ea:a0:2c:a7:93:da:fa:99:c1:6c:3a:e3:65:fc:de:
5f:7a:10:08:b4:ed:a9:9b:97:de:17:3a:56:27:c6:d5:05:33:
55:d3:1d:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYy2GKepeaRp7DQVY+gPzFRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMjI5MTUwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzE5M2M5NjIzOWQ5ODYyMDVlNDYyMjM3YjZmNzJhMDZhZTUxYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8Tzq5qDEOhldWqq+Xr30l38FGWV
SuQLsKtJVA/2DJlTYHh1aLmecta9jUQjkEhnfPh9Cy5IZ99QFPn/ULI8MWutamA+
YJShIBuYh2FMJWuAsDceU6x027S4/yTg17TQTl0pLN53oIMPfexMSyyYbhJqlx+y
Ipmw4mmsM9vR4z6hi5VZEDK2RWOF3dSrhAbEi7Ks4gSXd9jBo9pvMWsT6VW0Hx6a
5Wzr77aO/QkaW6eQMt7vTW/AS3+Wnr8GYUHBL3GwW0Aabmd+Mz8OsimXaD4GJaVv
EoEyGMzimHd/ZofYPmz+drpu9A3CfQCfJwkKKKA8r1juL97AqGqTF7K7wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFwZPJYjnZhiBeRiI3tvcqBq5RtdMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWEJrOGxpT2RtR0lGNUdJamUyOXlvR3JsRzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq3wAwQB
W+kAMA0GCSqGSIb3DQEBCwUAA4IBAQBVpLgv/iHtXP0x2C98WJEBWWUG4Y5K06Tt
iBJVtBQQHD6A4Q7KK9dx3lXhQhcmXwcCl/DeUuU5LZnLgVioiUX/JMYKMICh+IDc
xHZFiBiTj8fO/YDxavdcWwS1+bHYWpBvWXXWM6P9cK7F34l26TEL33hPLBV8tIi/
eeNWOczarRSTpoMiLTaFgon/YvxGI3uQj5IfyaTyX/Xu46cJNh7cIKxqZ2dnLfV/
o40D39U2OivHVGoPyWq4vRTw2DcmuMpXi8vAY0e1j9zxE/FPxpwHfnODlhgyTdht
k33qoCynk9r6mcFsOuNl/N5fehAItO2pm5feFzpWJ8bVBTNV0x3P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org