Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/XyZcZ4LF6eCFJYYRtLRc82ccPIg.roa
File: XyZcZ4LF6eCFJYYRtLRc82ccPIg.roa (raw, json)
Hash identifier: ZdkfY2mgKg4cVPGAxbheFBnJLSC0dVd6VTI9wZU/n1U=
Subject key identifier: 5F:26:5C:67:82:C5:E9:E0:85:25:86:11:B4:B4:5C:F3:67:1C:3C:88
Certificate issuer: /CN=657ed6f5bba633d55269fdd056bcf60c68c7b2b8
Certificate serial: 01898CF61FE0E57A74C9D20E6CD6279C6DE3
Authority key identifier: 65:7E:D6:F5:BB:A6:33:D5:52:69:FD:D0:56:BC:F6:0C:68:C7:B2:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZX7W9bumM9VSaf3QVrz2DGjHsrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/XyZcZ4LF6eCFJYYRtLRc82ccPIg.roa
Signing time: Tue 25 Jul 2023 12:11:27 +0000
ROA not before: Tue 25 Jul 2023 12:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12861
IP address blocks: 212.29.70.0/24 maxlen: 24
212.29.67.0/24 maxlen: 24
212.29.66.0/24 maxlen: 24
212.29.69.0/24 maxlen: 24
212.29.68.0/24 maxlen: 24
212.29.90.0/24 maxlen: 24
91.237.216.0/23 maxlen: 24
212.29.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:f6:1f:e0:e5:7a:74:c9:d2:0e:6c:d6:27:9c:6d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=657ed6f5bba633d55269fdd056bcf60c68c7b2b8
Validity
Not Before: Jul 25 12:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f265c6782c5e9e085258611b4b45cf3671c3c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b1:33:2c:72:34:d3:56:ab:49:5d:8d:fe:d8:
ea:21:8b:66:bb:9d:08:57:8c:04:a4:4b:d3:bc:c2:
5b:fa:1d:b7:e7:b3:6a:69:57:70:ce:b5:7d:64:3d:
26:2c:45:a7:d2:bf:0c:6d:f2:97:43:f0:1d:a3:5a:
b2:21:eb:aa:76:90:35:e6:27:6f:9a:53:e1:3b:90:
82:43:62:d3:9a:c1:a1:f8:38:09:40:a5:ce:6b:09:
49:31:1b:3f:0c:78:a5:14:a1:50:23:49:52:c5:c1:
f3:4f:39:99:52:14:38:1d:98:a6:83:3f:6c:de:32:
40:2d:8c:66:9d:2f:b2:66:aa:3d:e3:06:6b:e4:db:
41:45:99:f2:db:4c:94:ce:ca:2c:f4:ac:11:ef:21:
32:3a:f0:16:8d:b2:9f:4b:3f:a4:3e:c4:34:fc:a8:
6b:9a:0f:ef:2d:d5:0d:41:3a:e5:a6:10:c1:e4:d6:
f1:4b:2f:5c:ec:d4:24:dc:fd:af:d6:3a:f5:6b:99:
13:d2:34:ee:6c:96:33:01:18:77:f6:6b:82:22:6e:
9d:be:27:95:22:ad:86:d5:e2:49:5d:ee:38:1c:58:
f8:f9:32:f1:a2:5b:27:b0:0a:23:25:63:ba:86:2b:
21:70:57:6c:d5:2c:73:9f:f7:c4:63:ed:2c:6f:86:
fc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:26:5C:67:82:C5:E9:E0:85:25:86:11:B4:B4:5C:F3:67:1C:3C:88
X509v3 Authority Key Identifier:
keyid:65:7E:D6:F5:BB:A6:33:D5:52:69:FD:D0:56:BC:F6:0C:68:C7:B2:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZX7W9bumM9VSaf3QVrz2DGjHsrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/XyZcZ4LF6eCFJYYRtLRc82ccPIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/064fac-eddd-4903-a13d-0b9c76c0d91c/1/ZX7W9bumM9VSaf3QVrz2DGjHsrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.216.0/23
212.29.64.0/24
212.29.66.0-212.29.70.255
212.29.90.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a0:d8:1e:a8:a0:fa:cb:e2:86:5a:a6:9d:8a:16:ec:ce:88:
bd:c8:2a:88:2a:2a:84:ef:4e:4f:6b:3d:d0:41:27:40:e9:9f:
c7:bf:9c:b1:13:33:ba:86:81:39:de:ee:85:82:50:fd:64:f8:
9c:7f:86:e5:91:f4:0e:1a:fe:08:a0:ab:f0:e7:49:d6:73:7b:
c5:a1:65:b1:d9:a9:2f:d4:ee:1d:91:f6:7e:f2:6a:f8:89:19:
b0:a0:ee:7c:f6:d0:0e:c6:66:c0:d6:ce:df:7d:12:6c:fa:f0:
05:d5:3e:fa:c9:02:b8:f9:22:f2:6c:d0:64:31:9d:10:8a:b5:
0b:4e:22:98:aa:63:3e:1e:2f:e9:94:3f:4e:7c:38:aa:2c:df:
4b:8c:bf:5b:7e:3c:5f:1f:be:89:b3:53:72:6f:e4:54:90:f2:
6d:fb:5e:ff:06:79:96:44:39:95:35:fa:b2:f6:d7:29:68:62:
ba:ed:62:c8:73:b1:41:f9:44:5f:45:52:c4:59:bf:40:74:49:
94:3d:3d:37:72:44:f8:a6:87:11:1c:9c:d6:78:bd:07:bd:46:
8b:24:ce:82:f6:0e:35:ed:c0:e8:7f:d0:b3:e8:e1:93:3c:4b:
16:ab:48:04:b0:7c:a4:56:41:32:3a:9b:74:3c:cf:fc:55:06:
c0:21:b8:6f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYmM9h/g5Xp0ydIObNYnnG3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1N2VkNmY1YmJhNjMzZDU1MjY5ZmRkMDU2YmNmNjBjNjhj
N2IyYjgwHhcNMjMwNzI1MTIxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI2NWM2NzgyYzVlOWUwODUyNTg2MTFiNGI0NWNmMzY3MWMzYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbEzLHI001arSV2N/tjqIYtmu50I
V4wEpEvTvMJb+h2357NqaVdwzrV9ZD0mLEWn0r8MbfKXQ/Ado1qyIeuqdpA15idv
mlPhO5CCQ2LTmsGh+DgJQKXOawlJMRs/DHilFKFQI0lSxcHzTzmZUhQ4HZimgz9s
3jJALYxmnS+yZqo94wZr5NtBRZny20yUzsos9KwR7yEyOvAWjbKfSz+kPsQ0/Khr
mg/vLdUNQTrlphDB5NbxSy9c7NQk3P2v1jr1a5kT0jTubJYzARh39muCIm6dvieV
Iq2G1eJJXe44HFj4+TLxolsnsAojJWO6hishcFds1Sxzn/fEY+0sb4b8TwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF8mXGeCxenghSWGEbS0XPNnHDyIMB8GA1UdIwQY
MBaAFGV+1vW7pjPVUmn90Fa89gxox7K4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlg3VzlidW1NOVZTYWYzUVZyejJER2pIc3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8wNjRmYWMtZWRkZC00OTAzLWExM2Qt
MGI5Yzc2YzBkOTFjLzEvWHlaY1o0TEY2ZUNGSllZUnRMUmM4MmNjUElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8wNjRmYWMtZWRkZC00OTAzLWExM2QtMGI5Yzc2YzBkOTFj
LzEvWlg3VzlidW1NOVZTYWYzUVZyejJER2pIc3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBW+3YAwQA
1B1AMAwDBAHUHUIDBADUHUYDBADUHVowDQYJKoZIhvcNAQELBQADggEBAHeg2B6o
oPrL4oZapp2KFuzOiL3IKogqKoTvTk9rPdBBJ0Dpn8e/nLETM7qGgTne7oWCUP1k
+Jx/huWR9A4a/gigq/DnSdZze8WhZbHZqS/U7h2R9n7yaviJGbCg7nz20A7GZsDW
zt99Emz68AXVPvrJArj5IvJs0GQxnRCKtQtOIpiqYz4eL+mUP058OKos30uMv1t+
PF8fvomzU3Jv5FSQ8m37Xv8GeZZEOZU1+rL21yloYrrtYshzsUH5RF9FUsRZv0B0
SZQ9PTdyRPimhxEcnNZ4vQe9RoskzoL2DjXtwOh/0LPo4ZM8SxarSASwfKRWQTI6
m3Q8z/xVBsAhuG8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:39 2024 by rpki-client on console-fra.rpki-client.org