Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/XTm7rB8PiFmBpuL3eSdK7n9i3dc.roa
File: XTm7rB8PiFmBpuL3eSdK7n9i3dc.roa (raw, json)
Hash identifier: fn3N/+EMcpPI3zm4ErnndQsAhCjzFXBg9B6M3b8tyBI=
Subject key identifier: 5D:39:BB:AC:1F:0F:88:59:81:A6:E2:F7:79:27:4A:EE:7F:62:DD:D7
Certificate issuer: /CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Certificate serial: 01856C4A4DF96315F74E02455CA196273BEE
Authority key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/XTm7rB8PiFmBpuL3eSdK7n9i3dc.roa
Signing time: Sun 01 Jan 2023 07:44:46 +0000
ROA not before: Sun 01 Jan 2023 07:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24703
IP address blocks: 193.111.9.0/24 maxlen: 24
193.111.8.0/23 maxlen: 23
193.111.8.0/24 maxlen: 24
176.111.49.0/24 maxlen: 24
176.111.48.0/23 maxlen: 23
176.111.48.0/24 maxlen: 24
176.111.58.0/24 maxlen: 24
195.128.17.0/24 maxlen: 24
176.111.58.0/23 maxlen: 23
176.111.57.0/24 maxlen: 24
195.128.16.0/24 maxlen: 24
195.128.16.0/22 maxlen: 22
176.111.60.0/24 maxlen: 24
195.128.19.0/24 maxlen: 24
176.111.59.0/24 maxlen: 24
195.128.18.0/24 maxlen: 24
176.111.63.0/24 maxlen: 24
176.111.62.0/24 maxlen: 24
176.111.61.0/24 maxlen: 24
176.111.60.0/22 maxlen: 22
195.234.213.0/24 maxlen: 24
195.234.212.0/22 maxlen: 22
195.234.212.0/24 maxlen: 24
195.234.215.0/24 maxlen: 24
195.234.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:4d:f9:63:15:f7:4e:02:45:5c:a1:96:27:3b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Validity
Not Before: Jan 1 07:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d39bbac1f0f885981a6e2f779274aee7f62ddd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f8:38:50:4e:d7:42:48:6a:ec:3e:c8:57:aa:
4d:f9:99:a4:e8:34:fc:6a:fb:04:2a:32:77:35:01:
e8:35:11:57:49:00:ae:80:90:a1:ba:a2:cf:03:1b:
dc:3d:e5:60:d2:08:eb:84:40:6e:2e:df:c9:b8:40:
53:c7:d6:85:0b:a5:5f:62:b7:33:cc:88:f9:3c:62:
62:31:43:8b:75:96:18:a0:2b:a3:e9:af:f4:c4:84:
1a:f5:b0:d9:32:be:cd:4f:04:46:9d:00:e6:2c:cd:
37:e3:cd:f9:58:c6:4f:01:cc:8d:92:8e:5b:b4:5c:
69:be:44:10:0f:4d:7c:45:aa:37:a6:03:ea:ef:77:
c5:b2:a0:fe:c0:17:66:0d:a1:23:20:f0:62:ec:27:
6c:46:7d:c3:23:63:53:66:79:18:99:6c:d5:81:ac:
65:8c:13:5e:c3:52:7b:b6:e6:21:92:d2:e7:4b:03:
7d:c4:93:cd:b7:f2:0b:6c:9c:42:ec:64:e2:bc:b1:
a8:25:f7:9d:c9:fb:9c:ba:8f:0d:d5:3f:03:22:53:
17:b2:d8:2f:50:51:15:d3:7e:a3:77:d9:8c:21:31:
4e:74:93:2a:cc:10:a4:11:c9:4e:37:03:15:8e:63:
db:24:c4:92:d0:1a:7b:cb:14:64:c9:81:36:c3:6b:
ef:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:39:BB:AC:1F:0F:88:59:81:A6:E2:F7:79:27:4A:EE:7F:62:DD:D7
X509v3 Authority Key Identifier:
keyid:A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/XTm7rB8PiFmBpuL3eSdK7n9i3dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.48.0/23
176.111.57.0-176.111.63.255
193.111.8.0/23
195.128.16.0/22
195.234.212.0/22
Signature Algorithm: sha256WithRSAEncryption
54:4c:ab:ee:8e:ab:0a:41:1d:68:ee:af:7c:f1:4e:24:fa:1a:
ff:60:c6:6d:99:84:b1:6a:06:ed:af:25:92:99:d4:ee:84:5a:
e6:59:16:64:c9:35:4f:ee:b4:bd:2c:db:ec:1e:f5:cd:09:51:
8a:c2:41:81:98:31:6a:6c:aa:a3:3f:d3:d8:f2:2c:a5:8f:e1:
59:7e:83:da:0c:de:6e:5c:97:a6:33:0a:d3:1e:a1:12:e2:c6:
07:5d:77:b5:db:74:35:80:81:64:18:71:55:97:91:e4:28:d8:
04:e2:28:9c:df:c1:3a:d3:99:25:e5:b9:a1:40:9d:67:e9:2d:
8d:e7:5f:d7:68:eb:3b:95:d1:1f:aa:a4:e8:b4:d0:1d:85:8d:
dc:93:8e:e9:81:21:fe:63:7b:74:7a:d4:61:7d:f9:db:40:c3:
72:74:97:af:1c:7f:4e:c5:91:b0:7c:1c:e3:e3:ed:2d:3d:ab:
d9:de:84:23:f6:d9:ef:84:55:bf:6a:1e:17:f9:87:ec:e2:f4:
99:9e:50:bb:60:2b:c6:fc:60:c6:74:46:37:fd:2e:e8:03:4a:
ba:7f:be:5c:f5:c3:89:3e:e0:c2:55:bb:d5:13:06:7d:3f:79:
1f:ea:d5:a7:f5:e5:a6:16:b4:c6:b3:6b:9e:cb:14:5b:13:68:
a2:b8:6c:ff
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVsSk35YxX3TgJFXKGWJzvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Yjc4OWIzMmUxNmU5ZGQyZjcwNTEzMTE5ZGM3N2VhNjFm
ZjFlMDkwHhcNMjMwMTAxMDc0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM5YmJhYzFmMGY4ODU5ODFhNmUyZjc3OTI3NGFlZTdmNjJkZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPg4UE7XQkhq7D7IV6pN+Zmk6DT8
avsEKjJ3NQHoNRFXSQCugJChuqLPAxvcPeVg0gjrhEBuLt/JuEBTx9aFC6VfYrcz
zIj5PGJiMUOLdZYYoCuj6a/0xIQa9bDZMr7NTwRGnQDmLM034835WMZPAcyNko5b
tFxpvkQQD018Rao3pgPq73fFsqD+wBdmDaEjIPBi7CdsRn3DI2NTZnkYmWzVgaxl
jBNew1J7tuYhktLnSwN9xJPNt/ILbJxC7GTivLGoJfedyfucuo8N1T8DIlMXstgv
UFEV036jd9mMITFOdJMqzBCkEclONwMVjmPbJMSS0Bp7yxRkyYE2w2vvFwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF05u6wfD4hZgabi93knSu5/Yt3XMB8GA1UdIwQY
MBaAFKa3ibMuFundL3BRMRncd+ph/x4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEt
MDZjOTI5NmYwOGEyLzEvWFRtN3JCOFBpRm1CcHVMM2VTZEs3bjlpM2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEtMDZjOTI5NmYwOGEy
LzEvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBsG8wMAwD
BACwbzkDBAawbwADBAHBbwgDBALDgBADBALD6tQwDQYJKoZIhvcNAQELBQADggEB
AFRMq+6OqwpBHWjur3zxTiT6Gv9gxm2ZhLFqBu2vJZKZ1O6EWuZZFmTJNU/utL0s
2+we9c0JUYrCQYGYMWpsqqM/09jyLKWP4Vl+g9oM3m5cl6YzCtMeoRLixgddd7Xb
dDWAgWQYcVWXkeQo2ATiKJzfwTrTmSXluaFAnWfpLY3nX9do6zuV0R+qpOi00B2F
jdyTjumBIf5je3R61GF9+dtAw3J0l68cf07FkbB8HOPj7S09q9nehCP22e+EVb9q
Hhf5h+zi9JmeULtgK8b8YMZ0Rjf9LugDSrp/vlz1w4k+4MJVu9UTBn0/eR/q1af1
5aYWtMaza57LFFsTaKK4bP8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:30 2024 by rpki-client on console-ams.rpki-client.org