Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/XRZvEqPpCsMIZMd513DfLxzkTh4.roa
File: XRZvEqPpCsMIZMd513DfLxzkTh4.roa (raw, json)
Hash identifier: 5HYAvNiTBTcRNtX1jPswMqhUurWQt2hCbVLJBSy6Zsc=
Subject key identifier: 5D:16:6F:12:A3:E9:0A:C3:08:64:C7:79:D7:70:DF:2F:1C:E4:4E:1E
Certificate issuer: /CN=4151d6b441d3f57762c032f8fad217608a22f7a1
Certificate serial: 018570DE281318DFD767341AF5939B6813FF
Authority key identifier: 41:51:D6:B4:41:D3:F5:77:62:C0:32:F8:FA:D2:17:60:8A:22:F7:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QVHWtEHT9XdiwDL4-tIXYIoi96E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/XRZvEqPpCsMIZMd513DfLxzkTh4.roa
Signing time: Mon 02 Jan 2023 05:04:45 +0000
ROA not before: Mon 02 Jan 2023 05:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49560
IP address blocks: 92.51.56.0/21 maxlen: 21
94.103.0.0/22 maxlen: 22
185.50.4.0/22 maxlen: 22
213.5.20.0/22 maxlen: 22
84.234.48.0/20 maxlen: 20
91.238.12.0/22 maxlen: 22
2a01:a320::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:28:13:18:df:d7:67:34:1a:f5:93:9b:68:13:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4151d6b441d3f57762c032f8fad217608a22f7a1
Validity
Not Before: Jan 2 05:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d166f12a3e90ac30864c779d770df2f1ce44e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b5:c0:d1:0c:1f:a8:fa:18:39:60:cd:a1:d9:
28:c2:70:3e:a3:81:36:37:b8:fa:64:26:b4:be:b5:
f3:eb:1e:98:e9:24:f9:22:95:0f:42:e4:68:51:58:
66:fe:2c:85:15:b0:5e:99:64:a5:14:ff:77:c2:2e:
42:72:22:c4:f9:34:2d:02:77:f0:60:9b:aa:37:fa:
5e:e4:ae:e1:98:af:d8:33:49:26:ad:4b:dc:9b:ca:
bb:bf:85:a5:a0:7e:c9:b3:32:d8:e8:55:70:65:62:
f7:c9:e2:65:98:88:26:4a:e8:0b:d5:34:c8:cb:82:
50:12:5e:18:53:59:60:cc:f2:08:09:f1:5e:42:6d:
49:c4:33:b3:0e:0c:2d:50:59:a2:a9:5f:fd:5d:fd:
b6:e7:a9:9e:c2:4e:14:54:8c:9c:2c:bc:32:43:8c:
47:52:3c:a2:77:f0:6a:cd:9d:87:42:0d:5e:a0:f3:
75:d2:3b:90:b8:36:12:07:23:33:24:e5:8d:28:00:
fd:57:0e:be:fa:58:33:b2:65:59:e9:08:ee:7b:f0:
7f:90:b5:ff:58:fd:23:c0:9a:ff:21:d7:85:1d:13:
29:a5:93:55:7a:bb:4e:b6:e7:ab:29:6c:7a:b6:e1:
9c:f2:ac:36:22:bf:7e:bc:d6:28:cb:93:b0:1c:84:
db:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:16:6F:12:A3:E9:0A:C3:08:64:C7:79:D7:70:DF:2F:1C:E4:4E:1E
X509v3 Authority Key Identifier:
keyid:41:51:D6:B4:41:D3:F5:77:62:C0:32:F8:FA:D2:17:60:8A:22:F7:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVHWtEHT9XdiwDL4-tIXYIoi96E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/XRZvEqPpCsMIZMd513DfLxzkTh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/cddb63-9308-43c9-9473-eae418158a52/1/QVHWtEHT9XdiwDL4-tIXYIoi96E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.234.48.0/20
91.238.12.0/22
92.51.56.0/21
94.103.0.0/22
185.50.4.0/22
213.5.20.0/22
IPv6:
2a01:a320::/32
Signature Algorithm: sha256WithRSAEncryption
44:ce:d5:8d:63:36:b0:5c:3d:88:26:e3:c4:f5:cb:14:00:1d:
35:e7:15:11:9f:b6:39:f4:5d:03:9e:8b:4e:c6:3b:f7:b9:93:
8f:11:2b:7c:40:f7:c8:91:44:75:6f:88:61:be:b0:f3:08:db:
96:f6:4b:17:0a:33:23:bc:8a:9c:c3:86:60:6e:33:18:0d:fc:
a5:75:dd:ea:f6:48:ec:99:2a:a5:45:3f:3e:39:f9:da:83:06:
95:fb:8c:95:44:ca:a6:05:74:c0:17:4c:73:6c:60:66:ad:ad:
92:91:d8:9c:06:5b:e8:b6:a4:65:13:4c:87:ad:37:e2:4a:5b:
9c:d6:3a:6a:89:62:0e:73:b2:bb:cc:3d:7c:11:f3:c5:c1:bd:
2b:4d:02:a3:69:bd:29:40:9e:98:c5:56:4a:d4:f2:37:9f:8c:
91:61:69:8d:b6:79:63:fc:e2:5a:73:69:53:77:95:78:bc:17:
b4:57:e0:13:d3:bb:21:8c:e6:77:19:ad:71:27:84:f4:4a:32:
2f:97:20:ad:94:68:a3:68:01:12:db:22:e9:7a:12:5e:c2:8a:
60:4c:08:47:06:54:b7:55:a2:29:66:85:88:a8:8a:f4:ce:01:
ec:34:14:59:6e:1d:fb:d1:08:64:2b:d3:0a:93:d0:8b:23:25:
fe:52:29:18
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVw3igTGN/XZzQa9ZObaBP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNTFkNmI0NDFkM2Y1Nzc2MmMwMzJmOGZhZDIxNzYwOGEy
MmY3YTEwHhcNMjMwMTAyMDUwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE2NmYxMmEzZTkwYWMzMDg2NGM3NzlkNzcwZGYyZjFjZTQ0ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbXA0QwfqPoYOWDNodkownA+o4E2
N7j6ZCa0vrXz6x6Y6ST5IpUPQuRoUVhm/iyFFbBemWSlFP93wi5CciLE+TQtAnfw
YJuqN/pe5K7hmK/YM0kmrUvcm8q7v4WloH7JszLY6FVwZWL3yeJlmIgmSugL1TTI
y4JQEl4YU1lgzPIICfFeQm1JxDOzDgwtUFmiqV/9Xf2256mewk4UVIycLLwyQ4xH
Ujyid/BqzZ2HQg1eoPN10juQuDYSByMzJOWNKAD9Vw6++lgzsmVZ6Qjue/B/kLX/
WP0jwJr/IdeFHRMppZNVertOtuerKWx6tuGc8qw2Ir9+vNYoy5OwHITb+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF0WbxKj6QrDCGTHeddw3y8c5E4eMB8GA1UdIwQY
MBaAFEFR1rRB0/V3YsAy+PrSF2CKIvehMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVZIV3RFSFQ5WGRpd0RMNC10SVhZSW9pOTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9jZGRiNjMtOTMwOC00M2M5LTk0NzMt
ZWFlNDE4MTU4YTUyLzEvWFJadkVxUHBDc01JWk1kNTEzRGZMeHprVGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9jZGRiNjMtOTMwOC00M2M5LTk0NzMtZWFlNDE4MTU4YTUy
LzEvUVZIV3RFSFQ5WGRpd0RMNC10SVhZSW9pOTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEVOowAwQC
W+4MAwQDXDM4AwQCXmcAAwQCuTIEAwQC1QUUMA0EAgACMAcDBQAqAaMgMA0GCSqG
SIb3DQEBCwUAA4IBAQBEztWNYzawXD2IJuPE9csUAB015xURn7Y59F0DnotOxjv3
uZOPESt8QPfIkUR1b4hhvrDzCNuW9ksXCjMjvIqcw4ZgbjMYDfyldd3q9kjsmSql
RT8+OfnagwaV+4yVRMqmBXTAF0xzbGBmra2SkdicBlvotqRlE0yHrTfiSluc1jpq
iWIOc7K7zD18EfPFwb0rTQKjab0pQJ6YxVZK1PI3n4yRYWmNtnlj/OJac2lTd5V4
vBe0V+AT07shjOZ3Ga1xJ4T0SjIvlyCtlGijaAES2yLpehJewopgTAhHBlS3VaIp
ZoWIqIr0zgHsNBRZbh370QhkK9MKk9CLIyX+UikY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:14 2024 by rpki-client on console-fra.rpki-client.org