Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/xygKqlr8qtElx5Cr9xKgrFGSWDs.roa
File: xygKqlr8qtElx5Cr9xKgrFGSWDs.roa (raw, json)
Hash identifier: FKm33W3ldsrlWRgNYU+kha6oTk5q1jwJaRRIuqPad2E=
Subject key identifier: C7:28:0A:AA:5A:FC:AA:D1:25:C7:90:AB:F7:12:A0:AC:51:92:58:3B
Certificate issuer: /CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Certificate serial: 01856C8A60BFD142CC38AF5E574A7996B18D
Authority key identifier: 25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/xygKqlr8qtElx5Cr9xKgrFGSWDs.roa
Signing time: Sun 01 Jan 2023 08:54:46 +0000
ROA not before: Sun 01 Jan 2023 08:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43160
IP address blocks: 149.62.176.0/21 maxlen: 21
149.62.181.0/24 maxlen: 24
5.158.81.0/24 maxlen: 24
5.158.80.0/24 maxlen: 24
5.158.83.0/24 maxlen: 24
37.235.37.0/24 maxlen: 24
37.235.32.0/21 maxlen: 21
37.235.33.0/24 maxlen: 24
2a01:b5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:60:bf:d1:42:cc:38:af:5e:57:4a:79:96:b1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Validity
Not Before: Jan 1 08:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7280aaa5afcaad125c790abf712a0ac5192583b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:c5:10:e6:77:d5:1a:05:27:85:66:96:1e:
33:89:ee:37:38:3a:08:47:fc:13:70:16:c1:fa:34:
3e:04:47:99:9f:dc:4f:03:90:c1:fe:3a:a8:32:2e:
09:a0:2d:a7:72:ec:21:d8:ab:d2:f0:78:e4:ce:04:
c2:f1:ac:27:3b:19:76:96:69:ca:66:e9:bd:08:84:
94:4d:a4:c6:3b:fe:74:26:bd:35:36:fc:94:82:cd:
55:e6:fd:36:94:32:4c:f8:96:b7:c2:ae:54:64:45:
86:3f:5b:3d:54:45:56:f9:b7:c2:f8:03:f6:a0:f4:
e7:ec:73:b0:55:b8:5e:28:4f:72:54:ba:c1:92:28:
22:68:4b:97:dd:43:84:0d:26:0f:05:d2:50:ab:6b:
fc:6a:12:15:06:a3:a0:9b:f1:7b:99:42:f1:8e:d6:
0d:1b:7e:d0:34:c5:d6:2b:18:ad:43:29:ac:44:3f:
07:1d:02:01:87:21:17:4f:07:76:9c:25:57:d2:66:
71:c5:d4:aa:c9:b2:8c:0d:90:b7:ac:0c:9b:a1:0e:
09:e5:a3:c0:8b:3e:0e:72:c0:90:ba:ed:71:ec:a9:
01:17:88:6a:ff:2f:f8:00:9e:b5:e1:6e:93:05:b1:
9e:50:5d:40:8e:f3:e1:82:37:3c:df:11:f0:1a:82:
78:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:28:0A:AA:5A:FC:AA:D1:25:C7:90:AB:F7:12:A0:AC:51:92:58:3B
X509v3 Authority Key Identifier:
keyid:25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/xygKqlr8qtElx5Cr9xKgrFGSWDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.80.0/23
5.158.83.0/24
37.235.32.0/21
149.62.176.0/21
IPv6:
2a01:b5c0::/32
Signature Algorithm: sha256WithRSAEncryption
80:9c:e7:74:81:69:e4:b3:7f:06:8e:fc:58:a7:62:62:7a:c3:
e6:f3:a8:c3:3e:be:55:98:c8:6b:dc:49:9b:6c:74:d2:b0:da:
7c:3e:45:87:b8:12:38:25:45:f3:e6:42:b3:cb:9f:ed:2e:2c:
dd:b3:93:f3:ed:42:39:be:8a:86:5e:6c:15:8d:ac:cb:f6:14:
21:a8:3c:cb:bd:b1:34:b9:2f:0a:30:55:31:97:f3:e1:71:39:
89:80:67:f4:6a:e4:80:52:ea:2d:0e:ed:7d:41:13:f0:ec:2f:
4e:ed:88:f3:ae:fc:9a:b2:71:69:49:f2:01:a3:ce:f4:55:bc:
69:50:bb:d7:93:9f:90:51:7f:84:12:bd:28:e1:8f:38:eb:4f:
04:c6:bc:23:06:a5:54:61:af:b1:84:de:3f:ec:76:2d:4e:ce:
fc:c3:84:61:62:3e:cc:60:4e:e9:f6:b4:72:43:bb:3a:4c:e3:
96:74:04:0e:11:62:27:16:4c:a0:39:9b:ed:f9:b9:1c:68:93:
b1:8d:b7:c4:3a:7b:19:dc:d8:03:e7:19:53:fa:b2:c4:db:ef:
b6:dc:0c:2f:8d:fd:af:9c:d7:f5:18:1b:4b:38:b0:c4:41:e2:
e0:ac:a9:40:82:75:8b:03:b8:1e:cf:63:86:16:04:8b:51:97:
95:33:d0:f8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsimC/0ULMOK9eV0p5lrGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YWU1NTFhZjBiYjVkNzk3N2VhNzNmNjg5NmYyNWYxZWNh
MjhmOWQwHhcNMjMwMTAxMDg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI4MGFhYTVhZmNhYWQxMjVjNzkwYWJmNzEyYTBhYzUxOTI1ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLTFEOZ31RoFJ4Vmlh4zie43ODoI
R/wTcBbB+jQ+BEeZn9xPA5DB/jqoMi4JoC2ncuwh2KvS8HjkzgTC8awnOxl2lmnK
Zum9CISUTaTGO/50Jr01NvyUgs1V5v02lDJM+Ja3wq5UZEWGP1s9VEVW+bfC+AP2
oPTn7HOwVbheKE9yVLrBkigiaEuX3UOEDSYPBdJQq2v8ahIVBqOgm/F7mULxjtYN
G37QNMXWKxitQymsRD8HHQIBhyEXTwd2nCVX0mZxxdSqybKMDZC3rAyboQ4J5aPA
iz4OcsCQuu1x7KkBF4hq/y/4AJ614W6TBbGeUF1AjvPhgjc83xHwGoJ4hQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMcoCqpa/KrRJceQq/cSoKxRklg7MB8GA1UdIwQY
MBaAFCWuVRrwu115d+pz9olvJfHsoo+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmE1Vkd2QzdYWGwzNm5QMmlXOGw4ZXlpajUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80MmY4MWItYzQyYy00MjU0LWFiYjkt
MjE0MmY4ZmI2NzZlLzEveHlnS3FscjhxdEVseDVDcjl4S2dyRkdTV0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80MmY4MWItYzQyYy00MjU0LWFiYjktMjE0MmY4ZmI2NzZl
LzEvSmE1Vkd2QzdYWGwzNm5QMmlXOGw4ZXlpajUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBBZ5QAwQA
BZ5TAwQDJesgAwQDlT6wMA0EAgACMAcDBQAqAbXAMA0GCSqGSIb3DQEBCwUAA4IB
AQCAnOd0gWnks38GjvxYp2JiesPm86jDPr5VmMhr3EmbbHTSsNp8PkWHuBI4JUXz
5kKzy5/tLizds5Pz7UI5voqGXmwVjazL9hQhqDzLvbE0uS8KMFUxl/PhcTmJgGf0
auSAUuotDu19QRPw7C9O7YjzrvyasnFpSfIBo870VbxpULvXk5+QUX+EEr0o4Y84
608ExrwjBqVUYa+xhN4/7HYtTs78w4RhYj7MYE7p9rRyQ7s6TOOWdAQOEWInFkyg
OZvt+bkcaJOxjbfEOnsZ3NgD5xlT+rLE2++23Awvjf2vnNf1GBtLOLDEQeLgrKlA
gnWLA7gez2OGFgSLUZeVM9D4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:29 2024 by rpki-client on console-fra.rpki-client.org