Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/XLE8iqZ3U8ZX2plu8AOpl0J8wzs.roa
File: XLE8iqZ3U8ZX2plu8AOpl0J8wzs.roa (raw, json)
Hash identifier: GDad+aH3yEzFcJZy7+JtFSzvsRlhBe212b0waTyA+m8=
Subject key identifier: 5C:B1:3C:8A:A6:77:53:C6:57:DA:99:6E:F0:03:A9:97:42:7C:C3:3B
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 01856DC1D8A0A082557E5DDD1BB60593FEDE
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/XLE8iqZ3U8ZX2plu8AOpl0J8wzs.roa
Signing time: Sun 01 Jan 2023 14:34:58 +0000
ROA not before: Sun 01 Jan 2023 14:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208397
IP address blocks: 212.22.68.0/24 maxlen: 24
212.22.76.0/24 maxlen: 24
212.22.82.0/24 maxlen: 24
212.22.80.0/24 maxlen: 24
212.22.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:d8:a0:a0:82:55:7e:5d:dd:1b:b6:05:93:fe:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jan 1 14:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cb13c8aa67753c657da996ef003a997427cc33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:69:91:82:d2:57:b5:df:fb:66:ac:94:b2:53:
b0:be:83:f2:e4:a2:ba:eb:63:fb:9d:12:4c:3d:22:
d6:34:9c:27:42:00:27:8b:97:e2:d2:06:22:c4:91:
38:0a:cc:7b:6e:17:43:d6:cd:2f:98:97:29:94:9f:
ab:10:46:20:ea:96:a0:64:cc:a1:86:5a:23:1e:d5:
9e:5e:9d:00:e5:0e:9c:bd:19:45:ca:0d:6b:28:70:
47:ad:98:93:22:c9:0a:e0:6b:e9:52:c2:6c:ba:2f:
8e:c9:de:74:a3:d6:6d:6a:f9:55:79:cd:b1:bd:e0:
da:b1:94:f1:60:a8:d1:5d:37:21:8f:0a:f6:d8:6c:
f5:d4:70:62:d3:42:d0:62:98:36:64:13:f7:57:0d:
d9:4b:4e:f9:69:d3:c3:82:66:3e:18:a3:96:3a:1f:
c5:fe:81:03:89:0c:fa:b8:09:c0:0f:08:a8:29:9b:
dc:2c:3b:c5:d3:3a:11:68:9c:57:19:e9:4a:be:91:
0b:51:63:ec:e6:77:7a:1a:f0:75:23:e5:67:89:27:
ac:b3:1b:25:81:ae:aa:fd:b4:09:73:22:24:3b:4e:
67:44:83:d7:1c:0b:72:86:c7:92:0e:e6:d2:a0:77:
b9:a3:4e:0e:74:cf:2f:1a:fa:e8:bc:25:c6:d9:45:
5b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B1:3C:8A:A6:77:53:C6:57:DA:99:6E:F0:03:A9:97:42:7C:C3:3B
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/XLE8iqZ3U8ZX2plu8AOpl0J8wzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.68.0/24
212.22.76.0/24
212.22.80.0/24
212.22.82.0/24
212.22.86.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:b5:c3:df:51:e2:57:86:6e:46:8f:c6:1d:eb:d9:e2:d0:7c:
5d:98:0e:72:0e:71:e8:0b:00:00:36:c8:cc:dc:94:a1:ea:9c:
84:c0:f7:b9:cb:e8:2d:fc:26:b8:c0:32:70:7a:49:0a:d0:72:
e4:f7:bc:fe:48:b2:db:b4:7d:ec:a3:7a:da:ac:c3:de:69:07:
45:2a:19:f0:71:b5:93:ae:12:95:30:0b:cf:19:77:84:ab:77:
8d:20:76:d0:62:30:38:68:6e:9d:74:1b:ff:bc:64:3c:dc:17:
28:08:5e:f4:f3:f9:0d:b0:ef:3d:41:84:1e:33:fe:e0:08:2b:
05:fb:c3:34:18:24:96:19:ce:69:cf:22:75:78:72:57:07:96:
ba:74:13:0d:fb:af:aa:36:5c:62:28:03:dc:a2:ee:49:a7:7f:
6a:b3:ad:21:d7:a2:74:44:8c:48:9e:ae:a8:5f:4b:ac:cb:41:
d7:e9:fd:3a:92:77:f0:d3:cf:c9:ad:09:96:60:af:a5:b8:73:
c2:ce:c4:89:2a:7b:e7:2f:9c:21:56:2b:87:86:5c:96:4f:2e:
2d:a4:12:3f:ba:6b:b7:22:30:30:aa:33:21:45:13:85:0e:12:
cf:55:6a:74:af:4c:93:34:8e:78:78:8d:a1:7d:bb:30:de:b2:
88:ec:d5:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtwdigoIJVfl3dG7YFk/7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjMwMTAxMTQzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2IxM2M4YWE2Nzc1M2M2NTdkYTk5NmVmMDAzYTk5NzQyN2NjMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2mRgtJXtd/7ZqyUslOwvoPy5KK6
62P7nRJMPSLWNJwnQgAni5fi0gYixJE4Csx7bhdD1s0vmJcplJ+rEEYg6pagZMyh
hlojHtWeXp0A5Q6cvRlFyg1rKHBHrZiTIskK4GvpUsJsui+Oyd50o9ZtavlVec2x
veDasZTxYKjRXTchjwr22Gz11HBi00LQYpg2ZBP3Vw3ZS075adPDgmY+GKOWOh/F
/oEDiQz6uAnADwioKZvcLDvF0zoRaJxXGelKvpELUWPs5nd6GvB1I+VniSessxsl
ga6q/bQJcyIkO05nRIPXHAtyhseSDubSoHe5o04OdM8vGvrovCXG2UVbJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFyxPIqmd1PGV9qZbvADqZdCfMM7MB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvWExFOGlxWjNVOFpYMnBsdThBT3BsMEo4d3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQA1BZEAwQA
1BZMAwQA1BZQAwQA1BZSAwQA1BZWMA0GCSqGSIb3DQEBCwUAA4IBAQCwtcPfUeJX
hm5Gj8Yd69ni0HxdmA5yDnHoCwAANsjM3JSh6pyEwPe5y+gt/Ca4wDJwekkK0HLk
97z+SLLbtH3so3rarMPeaQdFKhnwcbWTrhKVMAvPGXeEq3eNIHbQYjA4aG6ddBv/
vGQ83BcoCF708/kNsO89QYQeM/7gCCsF+8M0GCSWGc5pzyJ1eHJXB5a6dBMN+6+q
NlxiKAPcou5Jp39qs60h16J0RIxInq6oX0usy0HX6f06knfw08/JrQmWYK+luHPC
zsSJKnvnL5whViuHhlyWTy4tpBI/umu3IjAwqjMhRROFDhLPVWp0r0yTNI54eI2h
fbsw3rKI7NV9
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:04 2024 by rpki-client on console-fra.rpki-client.org