Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a760a9-ab5e-4acf-a8e2-4bd58db10ed2/1/X28V9-S0QDy0r8cXaeZoyg2IpMc.roa
File: X28V9-S0QDy0r8cXaeZoyg2IpMc.roa (raw, json)
Hash identifier: MrRfELGLg83i9Ci5bKBg0Tu9ndhuDmt/zj/VinojRz0=
Subject key identifier: 5F:6F:15:F7:E4:B4:40:3C:B4:AF:C7:17:69:E6:68:CA:0D:88:A4:C7
Certificate issuer: /CN=54882b1413221e9b5d3bc8a7329b7649f9b1ec2c
Certificate serial: 018996E1CBCBA76F1D337B16F956B6D567AA
Authority key identifier: 54:88:2B:14:13:22:1E:9B:5D:3B:C8:A7:32:9B:76:49:F9:B1:EC:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VIgrFBMiHptdO8inMpt2Sfmx7Cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a760a9-ab5e-4acf-a8e2-4bd58db10ed2/1/X28V9-S0QDy0r8cXaeZoyg2IpMc.roa
Signing time: Thu 27 Jul 2023 10:25:27 +0000
ROA not before: Thu 27 Jul 2023 10:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201193
IP address blocks: 185.231.49.0/24 maxlen: 24
185.231.50.0/24 maxlen: 24
185.231.51.0/24 maxlen: 24
185.231.48.0/24 maxlen: 24
185.231.48.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:e1:cb:cb:a7:6f:1d:33:7b:16:f9:56:b6:d5:67:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54882b1413221e9b5d3bc8a7329b7649f9b1ec2c
Validity
Not Before: Jul 27 10:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f6f15f7e4b4403cb4afc71769e668ca0d88a4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ff:48:df:2a:35:bb:31:9e:a5:5d:ac:05:bc:
c5:58:bb:70:8f:33:11:01:7b:66:6b:0d:e6:67:31:
2a:57:58:93:87:94:03:1a:36:b2:58:23:c4:58:f7:
d0:01:bc:94:ba:7b:fa:23:ea:b3:65:11:bf:4b:5e:
38:24:3a:76:5f:3c:23:a4:a5:c7:88:18:7e:21:c0:
58:d6:57:ea:f7:a5:8b:08:7e:c4:fd:6e:05:99:4d:
79:e1:f5:ae:b6:d6:a5:be:2d:f4:32:39:9e:39:2e:
a2:7b:c1:8e:71:ff:8e:78:fc:6f:b1:f0:d4:5c:d6:
f3:f0:ea:aa:e3:39:00:b8:11:da:64:55:d3:dc:ee:
f1:60:30:35:3b:29:ba:73:8e:e1:27:f3:88:5b:20:
29:39:69:6c:d4:4c:e5:74:7a:19:75:76:04:6c:e7:
38:55:cb:5f:c7:fc:a6:94:35:5c:14:4a:59:49:f9:
88:bc:f7:c7:fc:7e:f5:b7:75:3c:9e:e4:76:38:84:
51:d5:10:4c:50:57:20:af:a6:e0:47:88:3a:12:bc:
c5:0f:29:2c:6a:49:b4:c3:b3:eb:54:81:8b:9a:af:
5a:04:fe:39:75:c8:d7:97:61:48:a9:41:8f:c7:b8:
69:54:6c:52:59:94:c7:1b:72:ba:56:e9:3c:aa:67:
a2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6F:15:F7:E4:B4:40:3C:B4:AF:C7:17:69:E6:68:CA:0D:88:A4:C7
X509v3 Authority Key Identifier:
keyid:54:88:2B:14:13:22:1E:9B:5D:3B:C8:A7:32:9B:76:49:F9:B1:EC:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VIgrFBMiHptdO8inMpt2Sfmx7Cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a760a9-ab5e-4acf-a8e2-4bd58db10ed2/1/X28V9-S0QDy0r8cXaeZoyg2IpMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a760a9-ab5e-4acf-a8e2-4bd58db10ed2/1/VIgrFBMiHptdO8inMpt2Sfmx7Cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.48.0/22
Signature Algorithm: sha256WithRSAEncryption
41:31:d1:f3:83:b9:97:5b:da:a5:88:d3:96:18:c5:16:b3:b9:
fc:65:00:18:7f:b6:67:d9:3d:ab:1c:4f:06:89:2c:b5:72:46:
69:e1:99:0c:25:bd:05:c4:d5:b1:9c:94:2c:55:70:25:3d:b7:
44:e8:4c:3d:d9:0b:78:b5:23:9a:ed:3c:cc:40:5f:57:b4:7f:
fe:72:00:79:07:20:dc:8c:ae:05:9d:3e:8a:d5:1e:43:a1:e2:
c1:7f:0b:a7:59:36:68:57:5b:49:47:bf:ac:b2:c8:8d:ce:81:
4b:00:e9:b6:f4:1d:17:f8:46:e2:1c:8b:9a:62:f8:80:d2:0b:
2f:b2:6e:e9:e0:b2:7f:21:5e:38:f8:14:c3:c9:4d:eb:3a:78:
7b:4e:2b:5a:bf:66:e1:6a:94:58:6c:59:92:ae:9b:46:ab:37:
9f:4b:e5:5a:b0:11:31:54:1f:52:37:5d:45:91:08:3f:b4:98:
91:44:6b:08:54:2c:97:43:85:f4:b5:b2:3f:e0:be:81:62:f5:
2c:23:ee:3d:89:14:86:41:64:b5:bd:73:6b:91:6a:f4:be:dd:
f2:68:e9:06:a2:8c:84:70:4f:93:b6:ee:bd:d4:cf:37:6d:d5:
94:7b:ed:0f:1f:6a:4a:0e:a4:ae:5d:df:f7:82:56:3c:3f:90:
e9:14:2c:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmW4cvLp28dM3sW+Va21WeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ODgyYjE0MTMyMjFlOWI1ZDNiYzhhNzMyOWI3NjQ5Zjli
MWVjMmMwHhcNMjMwNzI3MTAyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZmMTVmN2U0YjQ0MDNjYjRhZmM3MTc2OWU2NjhjYTBkODhhNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/9I3yo1uzGepV2sBbzFWLtwjzMR
AXtmaw3mZzEqV1iTh5QDGjayWCPEWPfQAbyUunv6I+qzZRG/S144JDp2XzwjpKXH
iBh+IcBY1lfq96WLCH7E/W4FmU154fWuttalvi30MjmeOS6ie8GOcf+OePxvsfDU
XNbz8Oqq4zkAuBHaZFXT3O7xYDA1Oym6c47hJ/OIWyApOWls1EzldHoZdXYEbOc4
Vctfx/ymlDVcFEpZSfmIvPfH/H71t3U8nuR2OIRR1RBMUFcgr6bgR4g6ErzFDyks
akm0w7PrVIGLmq9aBP45dcjXl2FIqUGPx7hpVGxSWZTHG3K6Vuk8qmei1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9vFffktEA8tK/HF2nmaMoNiKTHMB8GA1UdIwQY
MBaAFFSIKxQTIh6bXTvIpzKbdkn5sewsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVklnckZCTWlIcHRkTzhpbk1wdDJTZm14N0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNzYwYTktYWI1ZS00YWNmLWE4ZTIt
NGJkNThkYjEwZWQyLzEvWDI4VjktUzBRRHkwcjhjWGFlWm95ZzJJcE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNzYwYTktYWI1ZS00YWNmLWE4ZTItNGJkNThkYjEwZWQy
LzEvVklnckZCTWlIcHRkTzhpbk1wdDJTZm14N0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuecwMA0G
CSqGSIb3DQEBCwUAA4IBAQBBMdHzg7mXW9qliNOWGMUWs7n8ZQAYf7Zn2T2rHE8G
iSy1ckZp4ZkMJb0FxNWxnJQsVXAlPbdE6Ew92Qt4tSOa7TzMQF9XtH/+cgB5ByDc
jK4FnT6K1R5DoeLBfwunWTZoV1tJR7+sssiNzoFLAOm29B0X+EbiHIuaYviA0gsv
sm7p4LJ/IV44+BTDyU3rOnh7Titav2bhapRYbFmSrptGqzefS+VasBExVB9SN11F
kQg/tJiRRGsIVCyXQ4X0tbI/4L6BYvUsI+49iRSGQWS1vXNrkWr0vt3yaOkGooyE
cE+Ttu691M83bdWUe+0PH2pKDqSuXd/3glY8P5DpFCwK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org