Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/xINyi5la4L-QUuZma5Jj4s6D_cQ.roa
File: xINyi5la4L-QUuZma5Jj4s6D_cQ.roa (raw, json)
Hash identifier: SXcZQ/X+wEapL08tpPYWSVnGTVYgk2XAd42H0AX7Dag=
Subject key identifier: C4:83:72:8B:99:5A:E0:BF:90:52:E6:66:6B:92:63:E2:CE:83:FD:C4
Certificate issuer: /CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Certificate serial: 01856F79A494FAF23EE9E18AC6F60AE8D138
Authority key identifier: 23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/xINyi5la4L-QUuZma5Jj4s6D_cQ.roa
Signing time: Sun 01 Jan 2023 22:35:20 +0000
ROA not before: Sun 01 Jan 2023 22:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 194.146.135.0/24 maxlen: 24
194.146.133.0/24 maxlen: 24
93.157.24.0/22 maxlen: 22
93.157.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:a4:94:fa:f2:3e:e9:e1:8a:c6:f6:0a:e8:d1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Validity
Not Before: Jan 1 22:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c483728b995ae0bf9052e6666b9263e2ce83fdc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d0:67:ab:c8:34:b3:4d:df:79:32:dd:bc:33:
6e:96:c5:58:ae:52:0b:e5:14:a4:e7:9b:19:0a:96:
ee:51:66:1f:e2:34:5c:8c:77:46:fa:2c:84:f3:31:
8f:e3:04:e6:6a:6e:36:4d:5c:ab:6e:46:75:fc:a1:
9c:b2:fa:d4:76:1d:68:a9:92:73:37:76:4d:6d:71:
c2:40:e8:3d:c4:92:86:1f:ed:2f:88:6e:6c:f2:3c:
eb:28:b3:09:de:35:82:3c:16:e6:a6:24:66:02:a4:
e9:c0:ca:fc:97:5e:6a:60:3b:c6:8e:cb:f2:a9:d6:
0e:8a:2c:cf:55:23:1f:ef:1c:f4:7c:2c:60:77:b7:
c2:9f:eb:14:2a:e8:a8:be:e6:53:d9:ff:12:22:32:
95:d6:e8:cf:69:85:6f:19:1b:82:83:e0:8a:9f:49:
ce:e1:ef:03:ac:6b:f7:e6:e4:3c:6f:f2:a5:70:70:
bf:7d:fd:40:68:95:dc:c5:12:86:92:45:d8:e5:a9:
6e:75:bf:04:ab:91:17:61:11:cd:b6:31:48:12:30:
07:25:31:a4:72:b1:ea:13:2e:ea:4a:02:50:ee:0d:
b5:a5:89:d8:ee:0a:df:87:73:43:44:7f:a7:ce:3d:
9b:07:0f:92:79:12:ef:d3:30:97:0d:4e:18:18:47:
a1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:83:72:8B:99:5A:E0:BF:90:52:E6:66:6B:92:63:E2:CE:83:FD:C4
X509v3 Authority Key Identifier:
keyid:23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/xINyi5la4L-QUuZma5Jj4s6D_cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.24.0/21
194.146.133.0/24
194.146.135.0/24
Signature Algorithm: sha256WithRSAEncryption
77:d9:b8:a6:c1:49:0b:c1:90:33:ca:06:49:ba:f6:5c:17:7d:
17:77:40:7c:dc:27:1f:77:f7:5e:76:ad:64:fa:0e:4f:7f:1b:
ea:c4:a9:0b:61:e1:85:ef:9e:40:58:9e:9e:0f:64:cb:10:28:
ee:a3:4d:63:8d:19:c3:04:47:18:67:2f:f3:a7:1e:65:b5:c0:
18:34:38:5f:d0:68:fa:0d:d4:cb:fa:65:bf:36:a9:bc:fa:e4:
09:52:52:42:5b:95:eb:88:34:66:e4:77:6e:d0:e6:4c:c2:f7:
24:ea:d8:30:76:d7:bb:cb:42:58:29:b9:ed:5c:d2:f8:d2:34:
be:d5:52:1a:da:f7:48:d2:34:06:69:ae:1b:71:64:f3:55:50:
01:21:ff:ba:e4:a1:ad:6f:75:fc:03:cf:a2:4f:6a:52:e2:aa:
f4:73:db:57:a9:9d:52:2b:bc:59:f3:a0:2a:bd:47:b9:7a:49:
ed:6f:5b:1f:f7:c9:c0:8b:da:e7:52:72:9e:2d:37:af:ca:66:
1b:1e:13:c9:5c:b2:74:81:6b:3c:72:b8:41:92:38:27:91:f0:
ce:de:84:74:00:7c:55:1c:3a:ad:85:05:b0:80:59:6f:c0:15:
d1:65:14:0a:67:d1:e2:9c:92:74:a4:13:95:c9:3a:f3:75:c6:
b3:90:1c:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVveaSU+vI+6eGKxvYK6NE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYmExZWM0ZjAzNWE3MmRmYTM5ZTkzMGFkOGVjNTQzNjhl
YjdhZjQwHhcNMjMwMTAxMjIzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgzNzI4Yjk5NWFlMGJmOTA1MmU2NjY2YjkyNjNlMmNlODNmZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9Bnq8g0s03feTLdvDNulsVYrlIL
5RSk55sZCpbuUWYf4jRcjHdG+iyE8zGP4wTmam42TVyrbkZ1/KGcsvrUdh1oqZJz
N3ZNbXHCQOg9xJKGH+0viG5s8jzrKLMJ3jWCPBbmpiRmAqTpwMr8l15qYDvGjsvy
qdYOiizPVSMf7xz0fCxgd7fCn+sUKuiovuZT2f8SIjKV1ujPaYVvGRuCg+CKn0nO
4e8DrGv35uQ8b/KlcHC/ff1AaJXcxRKGkkXY5aludb8Eq5EXYRHNtjFIEjAHJTGk
crHqEy7qSgJQ7g21pYnY7grfh3NDRH+nzj2bBw+SeRLv0zCXDU4YGEehUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMSDcouZWuC/kFLmZmuSY+LOg/3EMB8GA1UdIwQY
MBaAFCO6HsTwNact+jnpMK2OxUNo63r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDct
YmRlNjQ0OGI3ODZjLzEveElOeWk1bGE0TC1RVXVabWE1Smo0czZEX2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDctYmRlNjQ0OGI3ODZj
LzEvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXZ0YAwQA
wpKFAwQAwpKHMA0GCSqGSIb3DQEBCwUAA4IBAQB32bimwUkLwZAzygZJuvZcF30X
d0B83Ccfd/dedq1k+g5PfxvqxKkLYeGF755AWJ6eD2TLECjuo01jjRnDBEcYZy/z
px5ltcAYNDhf0Gj6DdTL+mW/Nqm8+uQJUlJCW5XriDRm5Hdu0OZMwvck6tgwdte7
y0JYKbntXNL40jS+1VIa2vdI0jQGaa4bcWTzVVABIf+65KGtb3X8A8+iT2pS4qr0
c9tXqZ1SK7xZ86AqvUe5ekntb1sf98nAi9rnUnKeLTevymYbHhPJXLJ0gWs8crhB
kjgnkfDO3oR0AHxVHDqthQWwgFlvwBXRZRQKZ9HinJJ0pBOVyTrzdcazkBwn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:54 2024 by rpki-client on console-fra.rpki-client.org