Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/xFweYe_5emgjAdzlGe2JTFspnZA.roa
File: xFweYe_5emgjAdzlGe2JTFspnZA.roa (raw, json)
Hash identifier: niq2AtpmO+DRXAFvP/T5xIWy1gkL0IzTW38oytX8AEs=
Subject key identifier: C4:5C:1E:61:EF:F9:7A:68:23:01:DC:E5:19:ED:89:4C:5B:29:9D:90
Certificate issuer: /CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Certificate serial: 018CC2DAE189BCF2475D51B88F5C11FCA604
Authority key identifier: A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/xFweYe_5emgjAdzlGe2JTFspnZA.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48091
IP address blocks: 185.140.236.0/23 maxlen: 24
195.93.216.0/23 maxlen: 24
2001:67c:256c::/48 maxlen: 48
2a05:37c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 28 Mar 2024 12:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e1:89:bc:f2:47:5d:51:b8:8f:5c:11:fc:a6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c45c1e61eff97a682301dce519ed894c5b299d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d5:7e:76:49:ee:28:4a:a7:b5:3e:78:4b:bc:
42:56:bf:71:f8:a0:32:4d:9e:29:c2:ec:03:a4:fd:
a1:b0:ac:9d:87:27:76:4e:7f:d0:83:7b:12:39:e3:
2f:ae:3d:c6:e3:95:d2:11:94:41:e4:22:34:d1:a8:
df:1c:be:ab:5a:72:9a:fa:e1:77:a8:99:60:5b:b5:
63:38:0b:78:c3:1f:8e:44:f1:2d:34:65:c6:17:5f:
5e:40:cd:ca:f1:c8:3d:0f:93:c2:aa:bd:39:bd:28:
54:a4:4c:28:aa:91:16:c4:9d:3b:3a:9f:9c:fb:8d:
b5:34:ad:e4:dd:29:de:6d:6c:05:08:2d:09:52:26:
87:cd:b9:2f:3e:a0:8e:db:ff:05:4e:d7:31:ab:df:
7b:f1:db:1a:9b:3b:cf:03:7c:08:aa:0d:0c:ed:e9:
11:4b:97:fa:f3:de:03:03:a5:3d:5b:98:c3:e8:d5:
66:a0:69:cc:41:c6:f5:3e:4b:33:76:89:d7:c5:ba:
10:58:1d:b6:f2:40:b3:b5:e5:72:3d:30:6d:9c:3a:
29:3f:ac:63:b1:4f:85:57:71:ab:bc:d9:55:c4:a3:
e4:ed:8a:2a:d7:f3:a3:67:57:aa:28:4f:3b:2b:f4:
83:9b:1a:87:c6:9b:80:4c:a5:a4:b7:4a:3f:72:12:
e2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5C:1E:61:EF:F9:7A:68:23:01:DC:E5:19:ED:89:4C:5B:29:9D:90
X509v3 Authority Key Identifier:
keyid:A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/xFweYe_5emgjAdzlGe2JTFspnZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.236.0/23
195.93.216.0/23
IPv6:
2001:67c:256c::/48
2a05:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:61:00:cc:4e:2c:b5:1a:26:64:9f:7e:6e:6b:6a:df:b1:b9:
4f:2a:5a:ea:ef:fa:a6:95:30:47:15:6e:50:2b:3b:d1:06:ae:
ac:1f:58:c7:95:c3:f1:91:b6:f8:8a:1b:7b:52:46:39:be:98:
f6:94:ee:74:ea:f7:3b:49:a5:8e:82:49:89:b9:79:3c:dc:7c:
d2:07:70:19:00:95:3d:89:0d:4c:fe:b8:72:8b:38:c9:91:ee:
d5:b3:f3:24:9c:ac:33:1f:30:3e:fb:51:70:40:34:77:38:5f:
c8:da:ac:96:1c:8f:ac:c1:71:5d:1f:3a:dd:1b:8f:70:85:c0:
8d:5c:e9:c9:04:35:6f:96:9b:46:10:61:40:7f:68:29:3c:d4:
48:ea:49:d6:d7:39:36:d5:9f:95:b1:6f:0f:44:cd:2b:cc:2c:
b3:a4:b3:24:51:42:e1:94:cc:18:c8:7b:8b:e6:36:74:94:ed:
c6:e2:88:ac:b9:64:bf:20:c4:e9:aa:6f:0d:bb:3c:e4:dc:5e:
65:c6:b3:9f:df:1c:38:8f:58:9b:69:3c:0d:0d:d7:98:a6:99:
fd:14:af:65:16:77:9d:73:4b:38:08:bf:4a:95:47:1e:31:b1:
ad:99:10:fc:ef:80:1c:8d:bf:cd:23:bb:14:22:a2:18:72:4a:
da:80:d7:71
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzC2uGJvPJHXVG4j1wR/KYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OGNmYjliNWY0NDVmZDJmNmNjZmExNzljMzdjNTM0NDli
MmFmMDYwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVjMWU2MWVmZjk3YTY4MjMwMWRjZTUxOWVkODk0YzViMjk5ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldV+dknuKEqntT54S7xCVr9x+KAy
TZ4pwuwDpP2hsKydhyd2Tn/Qg3sSOeMvrj3G45XSEZRB5CI00ajfHL6rWnKa+uF3
qJlgW7VjOAt4wx+ORPEtNGXGF19eQM3K8cg9D5PCqr05vShUpEwoqpEWxJ07Op+c
+421NK3k3SnebWwFCC0JUiaHzbkvPqCO2/8FTtcxq9978dsamzvPA3wIqg0M7ekR
S5f6894DA6U9W5jD6NVmoGnMQcb1PkszdonXxboQWB228kCzteVyPTBtnDopP6xj
sU+FV3GrvNlVxKPk7Yoq1/OjZ1eqKE87K/SDmxqHxpuATKWkt0o/chLibwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMRcHmHv+XpoIwHc5RntiUxbKZ2QMB8GA1UdIwQY
MBaAFKmM+5tfRF/S9sz6F5w3xTRJsq8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVl6N20xOUVYOUwyelBvWG5EZkZORW15cndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kZjg1NTEtM2Y5Zi00NGIyLWI3ZTQt
ODg2NTkzZjdkY2UwLzEveEZ3ZVllXzVlbWdqQWR6bEdlMkpURnNwblpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kZjg1NTEtM2Y5Zi00NGIyLWI3ZTQtODg2NTkzZjdkY2Uw
LzEvcVl6N20xOUVYOUwyelBvWG5EZkZORW15cndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBuYzsAwQB
w13YMBYEAgACMBADBwAgAQZ8JWwDBQMqBTfAMA0GCSqGSIb3DQEBCwUAA4IBAQCp
YQDMTiy1GiZkn35ua2rfsblPKlrq7/qmlTBHFW5QKzvRBq6sH1jHlcPxkbb4iht7
UkY5vpj2lO506vc7SaWOgkmJuXk83HzSB3AZAJU9iQ1M/rhyizjJke7Vs/MknKwz
HzA++1FwQDR3OF/I2qyWHI+swXFdHzrdG49whcCNXOnJBDVvlptGEGFAf2gpPNRI
6knW1zk21Z+VsW8PRM0rzCyzpLMkUULhlMwYyHuL5jZ0lO3G4oisuWS/IMTpqm8N
uzzk3F5lxrOf3xw4j1ibaTwNDdeYppn9FK9lFnedc0s4CL9KlUceMbGtmRD874Ac
jb/NI7sUIqIYckragNdx
-----END CERTIFICATE-----
Generated at Thu Mar 28 15:23:24 2024 by rpki-client on console-ams.rpki-client.org