Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/XISO-v9VgmHTtPyycTbXiQ0CNp8.roa
File: XISO-v9VgmHTtPyycTbXiQ0CNp8.roa (raw, json)
Hash identifier: gXO7G67vqz59Cm4Ir9/Lnb6Za+gebDlWuh3W2Ow+cx0=
Subject key identifier: 5C:84:8E:FA:FF:55:82:61:D3:B4:FC:B2:71:36:D7:89:0D:02:36:9F
Certificate issuer: /CN=efc34233ed96424a516e2bf9d39171b62e44b441
Certificate serial: 018FCE01C1AC02CF5868FFC97A61EC7F21E9
Authority key identifier: EF:C3:42:33:ED:96:42:4A:51:6E:2B:F9:D3:91:71:B6:2E:44:B4:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/78NCM-2WQkpRbiv505Fxti5EtEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/XISO-v9VgmHTtPyycTbXiQ0CNp8.roa
Signing time: Fri 31 May 2024 09:36:12 +0000
ROA not before: Fri 31 May 2024 09:36:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57928
IP address blocks: 37.157.8.0/21 maxlen: 24
193.41.95.0/24 maxlen: 24
2a00:bf40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Sep 2024 16:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:01:c1:ac:02:cf:58:68:ff:c9:7a:61:ec:7f:21:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efc34233ed96424a516e2bf9d39171b62e44b441
Validity
Not Before: May 31 09:36:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c848efaff558261d3b4fcb27136d7890d02369f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:31:72:a7:15:44:63:40:4c:47:22:a0:1b:56:
bd:63:85:c9:82:dd:f6:e0:7e:ca:ce:f3:8b:31:ea:
ce:0e:a2:11:87:ed:ff:8f:13:12:b6:56:ae:54:df:
c5:07:00:43:04:b6:7c:37:5b:54:70:92:60:70:d7:
3a:fb:05:b5:03:cc:e3:00:63:d5:93:3c:a6:92:40:
2d:99:64:48:5b:0e:50:5f:57:73:dd:10:08:c5:a7:
01:a7:11:75:82:6f:16:58:b6:b6:dc:c2:2e:3b:51:
10:9b:5c:83:c0:77:c5:02:4d:d3:fa:a7:5a:fb:10:
0e:fb:8d:95:e3:13:83:ce:ae:57:97:83:5d:c6:1c:
a6:88:f6:2c:35:f8:3d:4b:37:e7:85:ed:48:37:38:
dc:9a:a0:f1:95:68:ae:88:d5:fa:44:0d:7b:6a:b1:
81:66:d0:9f:b2:14:5a:89:b2:41:ce:61:c1:73:16:
f0:6f:4e:f7:0c:be:5a:37:c6:ca:99:dd:7b:45:17:
ba:fe:b9:4c:8c:65:c2:3a:78:6b:fd:1e:61:7a:8b:
c1:10:3c:64:bd:5e:90:63:f0:f9:9a:2b:8f:64:26:
30:db:4a:8f:e6:a5:d8:c0:ff:b9:8d:ef:41:9f:cd:
30:ef:15:c3:24:b6:c4:4f:af:ab:99:7d:a2:84:75:
df:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:84:8E:FA:FF:55:82:61:D3:B4:FC:B2:71:36:D7:89:0D:02:36:9F
X509v3 Authority Key Identifier:
keyid:EF:C3:42:33:ED:96:42:4A:51:6E:2B:F9:D3:91:71:B6:2E:44:B4:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/78NCM-2WQkpRbiv505Fxti5EtEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/XISO-v9VgmHTtPyycTbXiQ0CNp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/964411-d327-4136-ab43-306905fafe0e/1/78NCM-2WQkpRbiv505Fxti5EtEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.8.0/21
193.41.95.0/24
IPv6:
2a00:bf40::/32
Signature Algorithm: sha256WithRSAEncryption
c0:7b:75:81:89:01:8f:8b:6e:cc:bc:5d:2c:31:1f:8b:aa:f8:
31:66:2c:a2:e4:19:78:fc:b9:24:f4:4b:94:65:e4:cb:c5:dd:
c7:a0:42:63:10:60:69:1c:cc:16:5d:2b:0b:9f:df:b1:b0:c6:
17:a9:b5:3b:3e:27:9d:fd:e1:a7:6e:18:35:cf:4a:0a:a7:4f:
b1:48:6f:86:4d:2d:16:de:e0:4a:3c:73:18:9b:96:29:3e:96:
8a:77:cd:80:d4:f3:2d:28:d5:a7:ff:c2:74:20:10:da:e0:bd:
ce:f5:87:fd:a5:83:c0:14:80:51:f8:9f:22:7f:f8:47:9c:59:
c8:df:e7:bb:20:92:98:59:a5:ad:44:f2:d3:56:5b:bf:f7:63:
81:c4:88:c2:3a:e8:ad:8c:f7:d2:c6:99:8d:13:04:0e:d2:e6:
71:3d:87:34:25:ae:96:73:5a:82:30:31:9c:e7:fa:dc:60:e8:
6e:a7:22:39:8c:5c:71:a0:df:bc:a9:ca:a3:74:87:35:10:c1:
e6:be:82:4b:08:ed:2a:c2:dc:7b:f9:cd:ed:76:87:e1:f1:58:
70:ba:98:de:08:e9:18:2f:f7:99:da:74:c9:89:04:07:65:47:
93:3b:83:65:52:26:13:28:8c:47:06:39:29:c2:78:af:bb:a0:
2f:f6:d3:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY/OAcGsAs9YaP/JemHsfyHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYzM0MjMzZWQ5NjQyNGE1MTZlMmJmOWQzOTE3MWI2MmU0
NGI0NDEwHhcNMjQwNTMxMDkzNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg0OGVmYWZmNTU4MjYxZDNiNGZjYjI3MTM2ZDc4OTBkMDIzNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTFypxVEY0BMRyKgG1a9Y4XJgt32
4H7KzvOLMerODqIRh+3/jxMStlauVN/FBwBDBLZ8N1tUcJJgcNc6+wW1A8zjAGPV
kzymkkAtmWRIWw5QX1dz3RAIxacBpxF1gm8WWLa23MIuO1EQm1yDwHfFAk3T+qda
+xAO+42V4xODzq5Xl4NdxhymiPYsNfg9Szfnhe1INzjcmqDxlWiuiNX6RA17arGB
ZtCfshRaibJBzmHBcxbwb073DL5aN8bKmd17RRe6/rlMjGXCOnhr/R5heovBEDxk
vV6QY/D5miuPZCYw20qP5qXYwP+5je9Bn80w7xXDJLbET6+rmX2ihHXfqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFyEjvr/VYJh07T8snE214kNAjafMB8GA1UdIwQY
MBaAFO/DQjPtlkJKUW4r+dORcbYuRLRBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzhOQ00tMldRa3BSYml2NTA1Rnh0aTVFdEVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS85NjQ0MTEtZDMyNy00MTM2LWFiNDMt
MzA2OTA1ZmFmZTBlLzEvWElTTy12OVZnbUhUdFB5eWNUYlhpUTBDTnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS85NjQ0MTEtZDMyNy00MTM2LWFiNDMtMzA2OTA1ZmFmZTBl
LzEvNzhOQ00tMldRa3BSYml2NTA1Rnh0aTVFdEVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJZ0IAwQA
wSlfMA0EAgACMAcDBQAqAL9AMA0GCSqGSIb3DQEBCwUAA4IBAQDAe3WBiQGPi27M
vF0sMR+LqvgxZiyi5Bl4/Lkk9EuUZeTLxd3HoEJjEGBpHMwWXSsLn9+xsMYXqbU7
Pied/eGnbhg1z0oKp0+xSG+GTS0W3uBKPHMYm5YpPpaKd82A1PMtKNWn/8J0IBDa
4L3O9Yf9pYPAFIBR+J8if/hHnFnI3+e7IJKYWaWtRPLTVlu/92OBxIjCOuitjPfS
xpmNEwQO0uZxPYc0Ja6Wc1qCMDGc5/rcYOhupyI5jFxxoN+8qcqjdIc1EMHmvoJL
CO0qwtx7+c3tdofh8VhwupjeCOkYL/eZ2nTJiQQHZUeTO4NlUiYTKIxHBjkpwniv
u6Av9tOs
-----END CERTIFICATE-----
Generated at Mon Sep 2 18:31:11 2024 by rpki-client on console-ams.rpki-client.org