Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/XcSrpoy6UkqgXggcJgQTcp4xt3Q.roa
File: XcSrpoy6UkqgXggcJgQTcp4xt3Q.roa (raw, json)
Hash identifier: TcKFNVfUmadoCH19avZaAtTQfDjhWtkdgqEFvLamFAw=
Subject key identifier: 5D:C4:AB:A6:8C:BA:52:4A:A0:5E:08:1C:26:04:13:72:9E:31:B7:74
Certificate issuer: /CN=9303622b3c54e45f4166f301798f86dbba47180c
Certificate serial: 0189B06C7D79EA0D54C174D64B5622901E37
Authority key identifier: 93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/XcSrpoy6UkqgXggcJgQTcp4xt3Q.roa
Signing time: Tue 01 Aug 2023 09:27:27 +0000
ROA not before: Tue 01 Aug 2023 09:27:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47377
IP address blocks: 195.66.115.0/24 maxlen: 24
194.107.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:6c:7d:79:ea:0d:54:c1:74:d6:4b:56:22:90:1e:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9303622b3c54e45f4166f301798f86dbba47180c
Validity
Not Before: Aug 1 09:27:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dc4aba68cba524aa05e081c260413729e31b774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c1:ef:bf:57:c9:2e:58:0f:81:fb:cd:58:08:
c4:cd:37:00:4e:cf:39:ad:a5:5e:9c:4f:f0:97:1b:
e5:4e:ea:01:0b:f1:55:0b:2e:cb:c7:9f:77:0a:ef:
0f:de:37:30:7a:66:7f:03:6a:e9:f8:ce:22:f4:f5:
7e:2f:09:2f:6d:77:4e:33:9f:40:7f:23:19:2f:86:
ce:8b:29:2a:71:f6:a4:1d:11:ae:e4:01:3f:f2:26:
86:03:b3:05:c4:31:e4:74:b7:d9:95:cb:a4:d9:69:
dc:d3:d8:89:fa:c7:9d:ad:6b:70:7b:9c:96:09:6b:
95:5b:6b:a3:0a:bf:84:19:67:ec:89:9a:34:ab:0e:
92:b5:74:17:42:83:ba:cd:37:de:70:cc:45:13:3f:
21:3b:4e:0e:a8:5b:5b:b1:8d:9e:df:7b:f1:91:80:
a2:19:fa:a5:44:da:ae:01:e7:4f:90:1a:69:6a:cb:
84:a8:85:9f:2a:34:fb:4f:82:33:8a:75:a9:b2:0d:
db:56:96:55:5e:db:6c:3c:23:3f:91:ca:f9:85:dd:
31:9a:47:a1:a7:a9:f7:e2:34:0e:8f:b7:73:f1:a7:
79:18:b1:5d:af:7d:d5:a5:84:05:b7:2d:6b:bc:d7:
9b:b5:2f:d2:25:a2:df:da:ce:92:f8:98:f1:dd:86:
86:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C4:AB:A6:8C:BA:52:4A:A0:5E:08:1C:26:04:13:72:9E:31:B7:74
X509v3 Authority Key Identifier:
keyid:93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/XcSrpoy6UkqgXggcJgQTcp4xt3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.123.0/24
195.66.115.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:d5:06:af:f1:8b:ea:69:4c:48:65:4a:69:58:76:4e:db:2c:
dc:84:05:ae:57:65:55:37:99:44:62:12:8b:24:b4:f1:43:c9:
26:90:71:88:0a:50:a7:be:4c:ff:dd:60:49:1d:d3:fc:0d:87:
31:0b:34:a5:ca:97:ab:60:11:58:19:c6:83:39:61:54:ce:d6:
0a:17:00:dc:60:1e:da:e2:4e:61:b0:82:80:fc:f3:29:2a:3a:
23:d5:5e:28:e9:26:66:ac:6a:25:44:34:d0:f1:ca:e4:bf:e1:
e2:1f:f0:8e:e0:19:e2:80:6c:7a:ac:dc:a1:cd:f5:99:7d:b6:
eb:99:64:ae:50:0f:af:5b:4e:a0:40:d4:51:43:96:16:4d:e9:
27:9d:ca:37:2b:1c:dd:e9:1c:10:f8:1a:0b:9d:56:e8:d1:01:
96:99:d0:9e:9e:e0:e5:f4:85:2c:90:80:1c:55:9e:c8:8b:06:
49:c7:34:1a:bb:ca:82:54:60:9a:e3:9b:d6:b7:57:10:75:2b:
70:44:8d:ca:86:6d:2a:bc:0e:a4:48:6d:c1:50:ff:12:ba:10:
6f:08:17:2a:8c:bf:68:a4:47:23:71:49:62:8b:28:cb:3e:ff:
cb:39:81:fd:5a:97:33:24:ae:4a:07:97:54:05:0d:42:92:5e:
58:9d:23:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmwbH156g1UwXTWS1YikB43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDM2MjJiM2M1NGU0NWY0MTY2ZjMwMTc5OGY4NmRiYmE0
NzE4MGMwHhcNMjMwODAxMDkyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGM0YWJhNjhjYmE1MjRhYTA1ZTA4MWMyNjA0MTM3MjllMzFiNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMHvv1fJLlgPgfvNWAjEzTcATs85
raVenE/wlxvlTuoBC/FVCy7Lx593Cu8P3jcwemZ/A2rp+M4i9PV+LwkvbXdOM59A
fyMZL4bOiykqcfakHRGu5AE/8iaGA7MFxDHkdLfZlcuk2Wnc09iJ+sedrWtwe5yW
CWuVW2ujCr+EGWfsiZo0qw6StXQXQoO6zTfecMxFEz8hO04OqFtbsY2e33vxkYCi
GfqlRNquAedPkBppasuEqIWfKjT7T4IzinWpsg3bVpZVXttsPCM/kcr5hd0xmkeh
p6n34jQOj7dz8ad5GLFdr33VpYQFty1rvNebtS/SJaLf2s6S+Jjx3YaGeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3Eq6aMulJKoF4IHCYEE3KeMbd0MB8GA1UdIwQY
MBaAFJMDYis8VORfQWbzAXmPhtu6RxgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjkt
OTUwYzdlNzMyNDVjLzEvWGNTcnBveTZVa3FnWGdnY0pnUVRjcDR4dDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjktOTUwYzdlNzMyNDVj
LzEva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmt7AwQA
w0JzMA0GCSqGSIb3DQEBCwUAA4IBAQCz1Qav8YvqaUxIZUppWHZO2yzchAWuV2VV
N5lEYhKLJLTxQ8kmkHGIClCnvkz/3WBJHdP8DYcxCzSlyperYBFYGcaDOWFUztYK
FwDcYB7a4k5hsIKA/PMpKjoj1V4o6SZmrGolRDTQ8crkv+HiH/CO4BnigGx6rNyh
zfWZfbbrmWSuUA+vW06gQNRRQ5YWTeknnco3Kxzd6RwQ+BoLnVbo0QGWmdCenuDl
9IUskIAcVZ7IiwZJxzQau8qCVGCa45vWt1cQdStwRI3Khm0qvA6kSG3BUP8SuhBv
CBcqjL9opEcjcUliiyjLPv/LOYH9WpczJK5KB5dUBQ1Ckl5YnSNH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:20 2024 by rpki-client on console-fra.rpki-client.org