Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xFOWA48c_HqKyvRDxJ8CGj713mM.roa
File: xFOWA48c_HqKyvRDxJ8CGj713mM.roa (raw, json)
Hash identifier: zbEWE9iYUjjk5zkGLwrz33qOJHnt1RgigQzclOIdWMI=
Subject key identifier: C4:53:96:03:8F:1C:FC:7A:8A:CA:F4:43:C4:9F:02:1A:3E:F5:DE:63
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0188489241E11A6BB70AEF845A4555083698
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xFOWA48c_HqKyvRDxJ8CGj713mM.roa
Signing time: Tue 23 May 2023 12:25:24 +0000
ROA not before: Tue 23 May 2023 12:25:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13329
IP address blocks: 176.107.72.0/21 maxlen: 21
91.246.184.0/22 maxlen: 22
31.133.24.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
91.218.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 29 May 2023 17:40:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:92:41:e1:1a:6b:b7:0a:ef:84:5a:45:55:08:36:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 23 12:25:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45396038f1cfc7a8acaf443c49f021a3ef5de63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7d:06:02:d0:24:eb:1a:d0:56:c0:e5:a2:cd:
91:aa:b1:9c:27:63:bc:45:ca:f3:43:ad:60:e2:41:
49:e8:f4:bc:ae:38:88:67:eb:dc:36:ea:bd:27:78:
73:dd:76:bf:dc:45:fa:0f:fe:c6:2f:a9:39:bd:52:
cd:87:9f:da:84:62:ea:a8:d6:97:95:74:3a:03:f6:
a8:f9:f8:94:6d:50:0f:92:68:d5:67:2f:e6:5a:95:
99:12:1e:98:42:ae:10:f8:1c:c5:7d:19:6f:95:d1:
94:a3:b2:79:e9:8a:23:62:d2:8c:79:7c:a5:b7:a4:
fd:50:96:b0:93:65:57:c1:be:60:af:92:b3:72:85:
c3:ce:10:58:ad:93:3f:ab:a0:d6:2e:be:56:05:86:
dd:cf:b8:aa:79:be:1d:b7:2e:fb:f6:6b:2f:98:bf:
56:3d:82:55:74:e9:52:25:d3:e8:23:cb:ae:79:44:
d5:bf:93:b8:dd:8c:04:a8:06:b9:09:5f:68:ea:ac:
5b:b6:e4:68:bd:b0:35:10:4b:71:aa:88:e2:2d:c7:
70:c7:19:d5:5c:d4:66:49:5d:98:c2:43:95:08:a1:
15:b2:be:93:ea:6e:a3:01:af:5b:4f:3e:7d:c6:77:
9b:24:67:9f:8e:d4:10:de:7e:30:ff:23:32:37:3b:
61:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:53:96:03:8F:1C:FC:7A:8A:CA:F4:43:C4:9F:02:1A:3E:F5:DE:63
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xFOWA48c_HqKyvRDxJ8CGj713mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
91.218.252.0/22
91.246.184.0/22
176.107.72.0/21
Signature Algorithm: sha256WithRSAEncryption
98:60:ef:0d:fa:28:cf:0e:fe:fc:a5:a4:a0:93:1e:99:8d:c9:
d4:f0:05:c4:1b:bc:8b:97:b3:ad:8d:e5:55:b5:8b:31:1e:01:
45:be:a7:73:98:30:58:ed:d6:22:87:27:ff:23:26:2c:24:e7:
fe:57:ea:37:03:30:84:20:44:1d:46:81:62:5f:43:33:a0:33:
90:5b:9f:1e:00:cd:5d:70:a8:cc:0a:50:f3:41:2d:60:01:cc:
33:8d:c3:db:a8:5b:da:c4:8f:40:28:8a:5b:c1:e3:62:ea:c5:
9f:65:bd:17:a6:a1:b3:2b:21:ac:32:23:b3:78:3b:46:97:66:
73:81:05:6e:de:50:da:9e:f5:b9:a0:a7:a9:38:90:1f:ab:c5:
64:e9:04:7e:49:9b:5b:2b:a9:4f:8a:bd:08:19:22:52:b1:d3:
38:2c:6b:58:91:0b:92:ee:a8:80:88:20:b0:20:da:54:58:25:
fe:ad:24:d7:f7:95:6b:48:26:6f:ab:f7:cd:29:e3:cd:9c:43:
2b:cf:50:67:3e:80:e4:42:b4:31:57:4d:c0:3b:73:b0:1f:41:
11:76:75:38:de:f3:f2:5f:96:7a:95:51:82:63:00:d8:1e:65:
ff:f6:c3:89:a2:85:f0:e9:80:94:db:f8:ca:2d:33:97:51:07:
61:e9:da:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhIkkHhGmu3Cu+EWkVVCDaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNTIzMTIyNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDUzOTYwMzhmMWNmYzdhOGFjYWY0NDNjNDlmMDIxYTNlZjVkZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX0GAtAk6xrQVsDlos2RqrGcJ2O8
RcrzQ61g4kFJ6PS8rjiIZ+vcNuq9J3hz3Xa/3EX6D/7GL6k5vVLNh5/ahGLqqNaX
lXQ6A/ao+fiUbVAPkmjVZy/mWpWZEh6YQq4Q+BzFfRlvldGUo7J56YojYtKMeXyl
t6T9UJawk2VXwb5gr5KzcoXDzhBYrZM/q6DWLr5WBYbdz7iqeb4dty779msvmL9W
PYJVdOlSJdPoI8uueUTVv5O43YwEqAa5CV9o6qxbtuRovbA1EEtxqojiLcdwxxnV
XNRmSV2YwkOVCKEVsr6T6m6jAa9bTz59xnebJGefjtQQ3n4w/yMyNzthaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMRTlgOPHPx6isr0Q8SfAho+9d5jMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEveEZPV0E0OGNfSHFLeXZSRHhKOENHajcxM21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4UYAwQC
W9r8AwQCW/a4AwQDsGtIMA0GCSqGSIb3DQEBCwUAA4IBAQCYYO8N+ijPDv78paSg
kx6ZjcnU8AXEG7yLl7OtjeVVtYsxHgFFvqdzmDBY7dYihyf/IyYsJOf+V+o3AzCE
IEQdRoFiX0MzoDOQW58eAM1dcKjMClDzQS1gAcwzjcPbqFvaxI9AKIpbweNi6sWf
Zb0XpqGzKyGsMiOzeDtGl2ZzgQVu3lDanvW5oKepOJAfq8Vk6QR+SZtbK6lPir0I
GSJSsdM4LGtYkQuS7qiAiCCwINpUWCX+rSTX95VrSCZvq/fNKePNnEMrz1BnPoDk
QrQxV03AO3OwH0ERdnU43vPyX5Z6lVGCYwDYHmX/9sOJooXw6YCU2/jKLTOXUQdh
6dqb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org