Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/xBKWtO9nHKZBS6oGjk0oXiSvDDs.roa
File: xBKWtO9nHKZBS6oGjk0oXiSvDDs.roa (raw, json)
Hash identifier: XnAW2+xH8QL5cVFPdpIMFJ7Tdt9oh18XPnxO41PoEzs=
Subject key identifier: C4:12:96:B4:EF:67:1C:A6:41:4B:AA:06:8E:4D:28:5E:24:AF:0C:3B
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01862CA35EDF688F85747E322840D59BF4BF
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/xBKWtO9nHKZBS6oGjk0oXiSvDDs.roa
Signing time: Tue 07 Feb 2023 16:09:09 +0000
ROA not before: Tue 07 Feb 2023 16:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
188.119.122.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
5.182.36.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Feb 2023 21:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:a3:5e:df:68:8f:85:74:7e:32:28:40:d5:9b:f4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Feb 7 16:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c41296b4ef671ca6414baa068e4d285e24af0c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:62:6c:c3:4b:56:1a:6c:f2:37:ae:42:0e:d2:
37:bd:30:d7:a6:2e:55:8a:3e:db:25:83:b0:0f:0c:
ed:c7:9f:bb:5b:81:ad:a5:ee:24:c0:1b:aa:61:28:
8e:c7:84:3f:9d:fc:76:1b:17:4d:b8:10:35:ae:bd:
bf:55:9c:50:eb:03:5c:9b:bb:3d:23:47:e7:c8:31:
0a:24:65:6b:36:21:e5:6e:6e:40:62:d9:b8:bd:b8:
bc:cd:00:16:b5:b4:12:28:0f:b2:31:eb:34:f5:dc:
b3:a2:43:4e:db:9b:f7:b9:c5:af:52:47:aa:6b:b6:
c9:57:fa:2c:02:42:d4:68:64:38:61:41:c8:8d:0a:
09:c0:1c:f2:7f:aa:9f:a9:e4:51:66:34:c5:69:34:
a1:46:9e:63:c7:16:9d:9f:b8:91:43:9c:43:0c:4c:
2e:a0:d5:ae:07:51:00:5a:6f:51:8e:12:93:82:9f:
8e:f5:04:8f:bc:cc:37:1d:68:b1:13:05:16:ce:14:
af:cc:27:7c:90:a5:be:25:d2:48:3c:8f:c5:4a:b9:
7d:d0:d1:86:48:cd:2f:e1:fb:c2:45:0e:e0:6a:77:
e8:3d:f6:73:ab:6f:99:3d:47:17:5e:47:25:c9:c7:
7b:fc:47:27:29:4a:53:dc:c6:3e:29:1a:f8:c6:a1:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:12:96:B4:EF:67:1C:A6:41:4B:AA:06:8E:4D:28:5E:24:AF:0C:3B
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/xBKWtO9nHKZBS6oGjk0oXiSvDDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/24
5.182.39.0/24
45.8.144.0/23
45.67.35.0/24
45.84.0.0/23
45.87.153.0-45.87.154.255
45.89.52.0/24
45.159.248.0/22
93.185.166.0/24
141.98.169.0/24
185.231.204.0/22
188.119.122.0/23
193.46.56.0/23
193.57.136.0-193.57.138.255
194.4.48.0/22
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
04:7b:ae:9b:3c:53:ae:cb:87:5d:1c:8a:82:c3:90:b1:84:2e:
dd:a4:7b:7c:8e:3d:27:0d:75:13:cf:b0:d7:db:5e:f2:9a:87:
29:82:db:a9:10:2e:41:33:65:b2:9d:a2:69:85:e1:1d:87:44:
56:cf:a8:df:2e:29:5c:52:7a:1f:29:eb:88:50:39:91:75:6b:
79:fc:7f:66:e4:01:87:5f:81:30:65:6b:15:4c:18:8b:54:7c:
b8:4e:35:fe:39:b0:ad:58:84:7e:2b:4a:60:17:a6:de:ed:7c:
6a:b8:c8:97:be:74:15:23:a2:f9:b3:f4:87:b8:37:5e:dd:27:
48:cb:33:f2:48:6c:85:e0:ce:95:4b:1e:47:de:f6:fe:46:31:
86:fe:d0:ab:4b:29:0d:89:f8:b3:05:fb:1b:9c:67:3f:09:27:
3e:9e:2f:43:f1:2b:6c:79:04:4b:9b:51:57:34:6e:e1:f6:dd:
20:bb:ae:48:53:72:b9:f3:79:2a:0c:a7:e6:e1:b6:f9:0a:67:
a9:78:60:17:71:2e:fe:cc:72:dc:af:91:cc:19:18:b3:2d:43:
62:89:1a:57:77:07:51:bc:56:0f:0f:ea:ce:fa:12:b6:2a:cb:
d0:56:dd:fe:18:1f:93:1c:1a:0d:3e:1c:80:60:9a:d3:46:39:
43:0a:a7:00
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYYso17faI+FdH4yKEDVm/S/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMjA3MTYwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDEyOTZiNGVmNjcxY2E2NDE0YmFhMDY4ZTRkMjg1ZTI0YWYwYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWJsw0tWGmzyN65CDtI3vTDXpi5V
ij7bJYOwDwztx5+7W4Gtpe4kwBuqYSiOx4Q/nfx2GxdNuBA1rr2/VZxQ6wNcm7s9
I0fnyDEKJGVrNiHlbm5AYtm4vbi8zQAWtbQSKA+yMes09dyzokNO25v3ucWvUkeq
a7bJV/osAkLUaGQ4YUHIjQoJwBzyf6qfqeRRZjTFaTShRp5jxxadn7iRQ5xDDEwu
oNWuB1EAWm9RjhKTgp+O9QSPvMw3HWixEwUWzhSvzCd8kKW+JdJIPI/FSrl90NGG
SM0v4fvCRQ7ganfoPfZzq2+ZPUcXXkclycd7/EcnKUpT3MY+KRr4xqHzoQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFMQSlrTvZxymQUuqBo5NKF4krww7MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEveEJLV3RPOW5IS1pCUzZvR2prMG9YaVN2RERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAAW2JAME
AAW2JwMEAS0IkAMEAC1DIwMEAS1UADAMAwQALVeZAwQALVeaAwQALVk0AwQCLZ/4
AwQAXbmmAwQAjWKpAwQCuefMAwQBvHd6AwQBwS44MAwDBAPBOYgDBADBOYoDBALC
BDADBAHCdL4wDQYJKoZIhvcNAQELBQADggEBAAR7rps8U67Lh10cioLDkLGELt2k
e3yOPScNdRPPsNfbXvKahymC26kQLkEzZbKdommF4R2HRFbPqN8uKVxSeh8p64hQ
OZF1a3n8f2bkAYdfgTBlaxVMGItUfLhONf45sK1YhH4rSmAXpt7tfGq4yJe+dBUj
ovmz9Ie4N17dJ0jLM/JIbIXgzpVLHkfe9v5GMYb+0KtLKQ2J+LMF+xucZz8JJz6e
L0PxK2x5BEubUVc0buH23SC7rkhTcrnzeSoMp+bhtvkKZ6l4YBdxLv7MctyvkcwZ
GLMtQ2KJGld3B1G8Vg8P6s76ErYqy9BW3f4YH5McGg0+HIBgmtNGOUMKpwA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org