Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/XIn5MZaKwGb9PVXwTP8nWFDEd3g.roa
File: XIn5MZaKwGb9PVXwTP8nWFDEd3g.roa (raw, json)
Hash identifier: Tpy/VkumWoeBI0UEXha/VCyxiycEc7OyqSaU9fpt/hM=
Subject key identifier: 5C:89:F9:31:96:8A:C0:66:FD:3D:55:F0:4C:FF:27:58:50:C4:77:78
Certificate issuer: /CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Certificate serial: 018CC72735B9D3CEABA1E2855916F5487202
Authority key identifier: 05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/XIn5MZaKwGb9PVXwTP8nWFDEd3g.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34534
IP address blocks: 37.44.239.0/24 maxlen: 24
185.142.53.0/24 maxlen: 24
213.5.130.0/24 maxlen: 24
193.177.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 11:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:35:b9:d3:ce:ab:a1:e2:85:59:16:f5:48:72:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0563cb263df50d2d4d073c0f7db6cd2776302c9d
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c89f931968ac066fd3d55f04cff275850c47778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:44:8a:04:08:35:fd:fc:9b:11:70:f6:7d:f1:
f9:e1:66:8a:54:4a:18:25:16:b9:5b:0e:fe:15:01:
ca:32:7d:dc:dd:bc:1a:cf:e7:82:b7:c1:91:f4:69:
64:53:a8:c0:b3:e1:aa:62:ca:d3:b2:c7:8e:8f:71:
66:30:1b:aa:53:2d:7f:12:7f:b7:3e:8b:cd:d0:eb:
13:ea:b9:c0:0d:f5:38:a0:9a:95:19:40:b5:45:62:
f5:ce:dc:db:1b:11:89:37:75:f3:ed:d1:c2:ff:d5:
96:44:e9:da:2a:56:3a:ec:69:9d:fc:88:02:f8:a2:
a7:fc:4c:ce:02:f6:1c:78:31:31:b5:2c:5e:74:6c:
b0:72:90:5e:40:fb:e0:43:5b:7f:50:0c:05:d0:f5:
3a:47:49:27:5b:43:e2:46:b4:c2:d1:62:6b:bf:3f:
ca:48:90:57:b9:b8:3c:63:0c:6c:70:d9:02:07:64:
49:34:23:1c:15:f7:a7:48:de:cc:30:33:ff:d8:6e:
86:1e:1b:6d:53:01:d3:70:1b:d6:4e:ab:c6:20:b4:
f1:cb:b2:46:a2:61:c4:55:cd:bd:08:bd:45:4f:62:
f6:37:f3:74:08:5b:06:02:7a:42:91:1a:f5:f9:fb:
fc:9e:c4:6c:52:48:39:4d:bb:8c:f0:e1:28:f2:75:
28:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:89:F9:31:96:8A:C0:66:FD:3D:55:F0:4C:FF:27:58:50:C4:77:78
X509v3 Authority Key Identifier:
keyid:05:63:CB:26:3D:F5:0D:2D:4D:07:3C:0F:7D:B6:CD:27:76:30:2C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/XIn5MZaKwGb9PVXwTP8nWFDEd3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/62e5f2-25b3-4557-aa94-150354b00e55/1/BWPLJj31DS1NBzwPfbbNJ3YwLJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.239.0/24
185.142.53.0/24
193.177.182.0/24
213.5.130.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e6:4d:ff:20:47:56:c5:e0:9f:34:2b:63:68:ed:61:fd:d3:
b8:4d:e5:e5:ed:de:df:96:5d:e8:b0:66:2c:cd:61:66:ba:3c:
82:9d:7c:db:c8:db:9a:22:eb:38:5f:89:ed:03:11:56:87:2c:
b0:82:0f:e8:d3:09:0f:12:a7:5a:76:c1:17:47:3e:e9:f5:25:
95:95:75:c0:ff:08:51:e1:91:a0:b1:91:f2:7e:70:6d:d0:4d:
5d:4b:15:70:2e:6f:cc:fc:42:7f:3e:41:96:b6:a6:45:23:53:
52:fc:1a:b9:37:72:bd:6c:97:7e:7f:61:71:e7:e6:00:92:9a:
7b:6a:5c:92:54:ae:f7:16:25:d3:bf:f3:f0:90:f7:3c:54:62:
7d:21:63:c0:d4:7e:2e:00:d7:d5:2b:44:94:5f:64:62:51:08:
68:c4:3e:48:1f:64:2d:7a:60:a3:70:a9:ca:6e:ec:a2:1b:97:
bc:b1:d3:62:ba:d7:44:42:8c:e3:45:92:7a:33:6b:2b:72:4a:
fc:78:a8:7b:3f:a0:28:2b:6e:d3:d4:92:2e:3f:2c:b0:70:5c:
94:9b:84:3f:21:87:45:3d:a8:5a:22:31:29:fe:d0:e4:33:4e:
ac:85:41:57:4a:2a:31:81:ea:ce:79:fc:cf:8f:b3:d2:d6:2c:
9a:d5:58:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJzW5086roeKFWRb1SHICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjNjYjI2M2RmNTBkMmQ0ZDA3M2MwZjdkYjZjZDI3NzYz
MDJjOWQwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg5ZjkzMTk2OGFjMDY2ZmQzZDU1ZjA0Y2ZmMjc1ODUwYzQ3Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqESKBAg1/fybEXD2ffH54WaKVEoY
JRa5Ww7+FQHKMn3c3bwaz+eCt8GR9GlkU6jAs+GqYsrTsseOj3FmMBuqUy1/En+3
PovN0OsT6rnADfU4oJqVGUC1RWL1ztzbGxGJN3Xz7dHC/9WWROnaKlY67Gmd/IgC
+KKn/EzOAvYceDExtSxedGywcpBeQPvgQ1t/UAwF0PU6R0knW0PiRrTC0WJrvz/K
SJBXubg8YwxscNkCB2RJNCMcFfenSN7MMDP/2G6GHhttUwHTcBvWTqvGILTxy7JG
omHEVc29CL1FT2L2N/N0CFsGAnpCkRr1+fv8nsRsUkg5TbuM8OEo8nUoHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFyJ+TGWisBm/T1V8Ez/J1hQxHd4MB8GA1UdIwQY
MBaAFAVjyyY99Q0tTQc8D322zSd2MCydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQt
MTUwMzU0YjAwZTU1LzEvWEluNU1aYUt3R2I5UFZYd1RQOG5XRkRFZDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi82MmU1ZjItMjViMy00NTU3LWFhOTQtMTUwMzU0YjAwZTU1
LzEvQldQTEpqMzFEUzFOQnp3UGZiYk5KM1l3TEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJSzvAwQA
uY41AwQAwbG2AwQA1QWCMA0GCSqGSIb3DQEBCwUAA4IBAQA35k3/IEdWxeCfNCtj
aO1h/dO4TeXl7d7fll3osGYszWFmujyCnXzbyNuaIus4X4ntAxFWhyywgg/o0wkP
EqdadsEXRz7p9SWVlXXA/whR4ZGgsZHyfnBt0E1dSxVwLm/M/EJ/PkGWtqZFI1NS
/Bq5N3K9bJd+f2Fx5+YAkpp7alySVK73FiXTv/PwkPc8VGJ9IWPA1H4uANfVK0SU
X2RiUQhoxD5IH2QtemCjcKnKbuyiG5e8sdNiutdEQozjRZJ6M2srckr8eKh7P6Ao
K27T1JIuPyywcFyUm4Q/IYdFPahaIjEp/tDkM06shUFXSioxgerOefzPj7PS1iya
1VgV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:49 2024 by rpki-client on console-fra.rpki-client.org