Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Xnxgvfy_kqFka-o1SUgvzkKvlDE.roa
File: Xnxgvfy_kqFka-o1SUgvzkKvlDE.roa (raw, json)
Hash identifier: nUe5wk2boaHyE9lXT/ad1EASAxFWH2xIbvsw4LDOKJI=
Subject key identifier: 5E:7C:60:BD:FC:BF:92:A1:64:6B:EA:35:49:48:2F:CE:42:AF:94:31
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018B011DFB6EEEFB3323F1144D0F901EB60D
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Xnxgvfy_kqFka-o1SUgvzkKvlDE.roa
Signing time: Thu 05 Oct 2023 18:33:44 +0000
ROA not before: Thu 05 Oct 2023 18:33:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49223
IP address blocks: 185.145.232.0/24 maxlen: 24
89.248.64.0/24 maxlen: 24
193.228.228.0/24 maxlen: 24
193.104.183.0/24 maxlen: 24
185.201.253.0/24 maxlen: 24
46.18.106.0/24 maxlen: 24
95.130.228.0/24 maxlen: 24
194.32.105.0/24 maxlen: 24
194.156.78.0/24 maxlen: 24
83.138.49.0/24 maxlen: 24
193.163.124.0/24 maxlen: 24
5.181.54.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:01:1d:fb:6e:ee:fb:33:23:f1:14:4d:0f:90:1e:b6:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Oct 5 18:33:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7c60bdfcbf92a1646bea3549482fce42af9431
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:74:be:c1:cf:7a:08:7b:5e:02:4e:30:84:5d:
3d:84:60:7e:74:fd:1c:4a:1c:3c:42:9a:df:09:7e:
3d:42:f7:a8:c4:2f:97:27:c3:85:2e:75:2b:69:b8:
d8:b7:ba:98:f2:14:5d:40:26:60:5d:f4:2a:82:37:
df:17:b9:05:bb:2e:9f:e7:d2:0f:ff:29:5f:25:f7:
bd:62:a7:3f:7e:80:28:ea:c5:88:34:a8:ae:bb:16:
88:9b:e5:7c:92:6c:e6:2d:8e:63:a2:10:6a:3d:be:
49:65:8f:9a:d0:c2:ef:29:00:e8:c1:8b:e6:32:42:
36:fa:90:ca:77:37:f3:84:8d:66:75:a2:9c:db:16:
cd:29:5c:d2:dd:2a:bd:66:88:ac:99:f3:1e:54:a5:
ea:12:58:9f:63:e7:a1:79:49:60:b1:22:e0:90:f5:
96:e5:6c:8b:6f:61:c6:f3:fd:02:38:b4:a2:3d:24:
4d:7c:92:b7:da:00:e4:69:a9:86:f9:a7:af:d4:17:
10:26:e9:9a:d4:99:5c:b0:4d:32:02:25:f4:7a:40:
75:b7:0a:81:c0:3f:b8:2f:5a:ab:12:d8:fc:b8:c6:
c7:e4:02:f5:a3:d7:b8:65:94:05:a3:91:fe:bb:a3:
f8:d8:b1:45:b1:4c:8f:43:9c:11:d7:1e:f2:26:bd:
bb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7C:60:BD:FC:BF:92:A1:64:6B:EA:35:49:48:2F:CE:42:AF:94:31
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Xnxgvfy_kqFka-o1SUgvzkKvlDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.54.0/24
46.18.106.0/24
83.138.49.0/24
89.248.64.0/24
95.130.228.0/24
185.145.232.0/24
185.201.253.0/24
193.104.183.0/24
193.163.124.0/24
193.228.228.0/24
194.32.105.0/24
194.156.78.0/24
Signature Algorithm: sha256WithRSAEncryption
00:38:5e:e1:c8:c6:a4:0d:7f:5e:2b:7b:52:94:cf:a8:7d:cb:
bc:a0:88:5e:8c:4a:0e:69:a5:71:ea:8d:d2:eb:b5:7e:00:d1:
14:31:e7:a6:53:77:ce:03:a4:61:4f:c0:3f:d4:36:18:58:97:
f7:f8:2a:52:9e:4f:eb:97:3b:87:2d:74:22:75:35:c2:d3:a1:
4f:65:39:dd:10:cb:b7:e3:97:60:7e:7b:e7:83:12:68:dd:7f:
fc:03:31:ca:e6:7f:38:70:46:ff:14:4a:62:78:6a:8d:3e:e3:
da:ec:13:8d:67:c2:44:e1:95:b9:16:36:5d:e9:c8:37:43:fd:
22:fd:99:55:ef:ee:cf:bd:4e:ec:31:63:80:69:9c:6e:e8:aa:
9f:c7:59:7a:b5:84:f4:6a:99:97:29:15:c4:a7:ec:b4:8b:56:
97:64:e2:23:b1:38:7c:9a:e5:da:2b:c0:51:19:50:1a:94:f2:
8d:ce:48:c7:a9:ac:88:0a:e6:bf:49:0c:35:a4:e4:a8:cf:5d:
dc:ea:e7:57:b0:94:f1:2f:93:42:a0:98:62:2a:88:84:9a:37:
35:db:78:0b:f8:bd:16:7c:d2:a1:67:81:ec:9f:4b:f1:41:3c:
c5:b7:80:cd:99:d1:e9:66:25:a0:e8:a3:be:7e:53:98:88:09:
43:de:a8:68
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYsBHftu7vszI/EUTQ+QHrYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMDA1MTgzMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdjNjBiZGZjYmY5MmExNjQ2YmVhMzU0OTQ4MmZjZTQyYWY5NDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HS+wc96CHteAk4whF09hGB+dP0c
Shw8QprfCX49QveoxC+XJ8OFLnUrabjYt7qY8hRdQCZgXfQqgjffF7kFuy6f59IP
/ylfJfe9Yqc/foAo6sWINKiuuxaIm+V8kmzmLY5johBqPb5JZY+a0MLvKQDowYvm
MkI2+pDKdzfzhI1mdaKc2xbNKVzS3Sq9ZoismfMeVKXqElifY+eheUlgsSLgkPWW
5WyLb2HG8/0COLSiPSRNfJK32gDkaamG+aev1BcQJuma1JlcsE0yAiX0ekB1twqB
wD+4L1qrEtj8uMbH5AL1o9e4ZZQFo5H+u6P42LFFsUyPQ5wR1x7yJr27EwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFF58YL38v5KhZGvqNUlIL85Cr5QxMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvWG54Z3ZmeV9rcUZrYS1vMVNVZ3Z6a0t2bERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABbU2AwQA
LhJqAwQAU4oxAwQAWfhAAwQAX4LkAwQAuZHoAwQAucn9AwQAwWi3AwQAwaN8AwQA
weTkAwQAwiBpAwQAwpxOMA0GCSqGSIb3DQEBCwUAA4IBAQAAOF7hyMakDX9eK3tS
lM+ofcu8oIhejEoOaaVx6o3S67V+ANEUMeemU3fOA6RhT8A/1DYYWJf3+CpSnk/r
lzuHLXQidTXC06FPZTndEMu345dgfnvngxJo3X/8AzHK5n84cEb/FEpieGqNPuPa
7BONZ8JE4ZW5FjZd6cg3Q/0i/ZlV7+7PvU7sMWOAaZxu6Kqfx1l6tYT0apmXKRXE
p+y0i1aXZOIjsTh8muXaK8BRGVAalPKNzkjHqayICua/SQw1pOSoz13c6udXsJTx
L5NCoJhiKoiEmjc123gL+L0WfNKhZ4Hsn0vxQTzFt4DNmdHpZiWg6KO+flOYiAlD
3qho
-----END CERTIFICATE-----
Generated at Sat Nov 4 19:48:23 2023 by rpki-client on console-fra.rpki-client.org