Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/xeIEJ2exEIMHDOYrCR0bHdDRmv8.roa
File: xeIEJ2exEIMHDOYrCR0bHdDRmv8.roa (raw, json)
Hash identifier: LmlVHkoc7y/tTnlVW/iI09nCbMfa8hesRKllETfkAKc=
Subject key identifier: C5:E2:04:27:67:B1:10:83:07:0C:E6:2B:09:1D:1B:1D:D0:D1:9A:FF
Certificate issuer: /CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Certificate serial: 018C958F2FD76F29C1DA9418E3EB359B79C8
Authority key identifier: 10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/xeIEJ2exEIMHDOYrCR0bHdDRmv8.roa
Signing time: Sat 23 Dec 2023 07:23:58 +0000
ROA not before: Sat 23 Dec 2023 07:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48408
IP address blocks: 91.209.133.0/24 maxlen: 24
185.142.224.0/22 maxlen: 24
109.233.104.0/22 maxlen: 22
2a07:3140::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:8f:2f:d7:6f:29:c1:da:94:18:e3:eb:35:9b:79:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Validity
Not Before: Dec 23 07:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5e2042767b11083070ce62b091d1b1dd0d19aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3f:cb:47:1b:db:fb:c7:6f:da:80:cd:5b:9b:
63:5a:60:bd:c3:b6:4c:49:21:3a:34:fe:3f:6e:2e:
b6:8e:0b:98:5f:d7:e8:ce:f9:c5:ee:21:7c:c5:f6:
39:69:fa:6f:e3:e0:f8:9e:ef:ef:b9:bc:21:cf:e8:
f9:c4:59:ca:c3:c2:ec:26:9a:2f:52:87:00:81:d7:
61:05:9c:14:61:ca:35:ba:09:a1:bd:72:9e:2d:1e:
44:60:08:13:d4:0f:5b:87:99:1a:24:cb:af:82:79:
3d:a2:de:f7:87:8b:f8:73:b9:19:17:50:08:14:57:
8b:77:ae:3f:3c:78:32:91:6b:c1:74:86:33:4e:c9:
91:3f:38:5b:2b:74:75:83:fd:6b:74:d5:0f:b6:e7:
22:07:c1:b9:f7:e0:6b:79:a1:2a:cc:58:ba:d1:a1:
fd:51:d0:e8:87:b1:1e:93:c9:e7:ed:c4:77:d2:41:
7a:81:9f:dd:2d:70:8f:d3:85:20:77:8d:32:97:ec:
77:cd:9f:9b:05:02:ea:68:8e:9d:ae:55:4c:a8:33:
6d:0c:bf:c9:8b:ec:c2:6f:67:53:15:d2:ae:ec:bd:
a9:7e:48:8e:cc:1d:c5:6f:e3:1e:67:0c:ae:1b:c2:
01:36:14:65:dc:2b:e3:54:92:b4:30:2b:6b:eb:e0:
1d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E2:04:27:67:B1:10:83:07:0C:E6:2B:09:1D:1B:1D:D0:D1:9A:FF
X509v3 Authority Key Identifier:
keyid:10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/xeIEJ2exEIMHDOYrCR0bHdDRmv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/EAi6VCmnCbxY7NuuPxfhvJ06TVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.133.0/24
109.233.104.0/22
185.142.224.0/22
IPv6:
2a07:3140::/29
Signature Algorithm: sha256WithRSAEncryption
a4:17:f7:f4:05:ec:32:e0:ef:82:e4:66:6f:1c:af:6a:c6:90:
94:14:10:cc:6a:cb:e8:92:11:91:75:63:43:f5:a9:91:df:06:
b1:65:f7:5a:ed:9e:9f:1c:be:e4:5e:6a:4e:38:b2:90:21:ae:
7d:ed:2e:8d:c7:f7:0f:d1:8a:a5:3d:03:df:35:d7:23:97:22:
cd:90:c1:54:94:fe:de:78:c0:57:b6:4e:c7:67:4e:77:bd:08:
73:8a:20:3a:6c:fe:37:41:ab:e4:f5:ca:87:02:6a:c1:13:05:
03:0c:f4:44:ca:93:21:58:1a:f4:f5:bf:9e:60:b4:38:48:f6:
76:4b:78:6b:ee:68:dc:6d:be:ba:a3:d1:c4:56:3b:a6:57:c9:
37:e6:98:ad:bb:3e:7f:3d:66:8c:6e:87:e6:fe:db:74:04:9f:
f9:e9:d0:ab:40:b6:54:7d:34:41:53:67:f1:3c:49:43:10:43:
98:22:eb:fc:c6:90:3f:2d:cd:a0:cc:09:ca:48:13:64:c7:41:
f3:cf:7e:f9:a8:c8:79:fd:e9:7d:62:8b:8c:61:df:6f:b9:54:
92:89:08:f8:d8:4c:94:0c:73:a4:d1:6e:5c:ef:bc:dc:af:c6:
ac:6a:6d:5a:85:2c:20:52:33:bb:25:45:d9:2d:f2:6c:0f:e4:
75:53:0b:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyVjy/XbynB2pQY4+s1m3nIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDhiYTU0MjlhNzA5YmM1OGVjZGJhZTNmMTdlMWJjOWQz
YTRkNWMwHhcNMjMxMjIzMDcyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUyMDQyNzY3YjExMDgzMDcwY2U2MmIwOTFkMWIxZGQwZDE5YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz/LRxvb+8dv2oDNW5tjWmC9w7ZM
SSE6NP4/bi62jguYX9fozvnF7iF8xfY5afpv4+D4nu/vubwhz+j5xFnKw8LsJpov
UocAgddhBZwUYco1ugmhvXKeLR5EYAgT1A9bh5kaJMuvgnk9ot73h4v4c7kZF1AI
FFeLd64/PHgykWvBdIYzTsmRPzhbK3R1g/1rdNUPtuciB8G59+BreaEqzFi60aH9
UdDoh7Eek8nn7cR30kF6gZ/dLXCP04Ugd40yl+x3zZ+bBQLqaI6drlVMqDNtDL/J
i+zCb2dTFdKu7L2pfkiOzB3Fb+MeZwyuG8IBNhRl3CvjVJK0MCtr6+AdnQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMXiBCdnsRCDBwzmKwkdGx3Q0Zr/MB8GA1UdIwQY
MBaAFBAIulQppwm8WOzbrj8X4bydOk1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFpNlZDbW5DYnhZN051dVB4Zmh2SjA2VFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82MTIzYzQtMmJjNS00ZGY5LWFkMTMt
ZTFkOTliODcwNmU0LzEveGVJRUoyZXhFSU1IRE9ZckNSMGJIZERSbXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82MTIzYzQtMmJjNS00ZGY5LWFkMTMtZTFkOTliODcwNmU0
LzEvRUFpNlZDbW5DYnhZN051dVB4Zmh2SjA2VFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9GFAwQC
beloAwQCuY7gMA0EAgACMAcDBQMqBzFAMA0GCSqGSIb3DQEBCwUAA4IBAQCkF/f0
Bewy4O+C5GZvHK9qxpCUFBDMasvokhGRdWND9amR3waxZfda7Z6fHL7kXmpOOLKQ
Ia597S6Nx/cP0YqlPQPfNdcjlyLNkMFUlP7eeMBXtk7HZ053vQhziiA6bP43Qavk
9cqHAmrBEwUDDPREypMhWBr09b+eYLQ4SPZ2S3hr7mjcbb66o9HEVjumV8k35pit
uz5/PWaMbofm/tt0BJ/56dCrQLZUfTRBU2fxPElDEEOYIuv8xpA/Lc2gzAnKSBNk
x0Hzz375qMh5/el9YouMYd9vuVSSiQj42EyUDHOk0W5c77zcr8asam1ahSwgUjO7
JUXZLfJsD+R1Uwtq
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:28 2024 by rpki-client on console-fra.rpki-client.org