Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xpave60Vr4o3PjcEftuFVN-gHjU.roa
File: xpave60Vr4o3PjcEftuFVN-gHjU.roa (raw, json)
Hash identifier: Ubb39bSNtPFv4HR4a1w9ztKD6OYRRKEKE+ad20wKEMs=
Subject key identifier: C6:96:AF:7B:AD:15:AF:8A:37:3E:37:04:7E:DB:85:54:DF:A0:1E:35
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0186DA4AB158E66FCE9278B85A42EF0A8025
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xpave60Vr4o3PjcEftuFVN-gHjU.roa
Signing time: Mon 13 Mar 2023 09:26:13 +0000
ROA not before: Mon 13 Mar 2023 09:26:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 188.212.136.0/21 maxlen: 32
93.113.52.0/23 maxlen: 32
110.238.192.0/19 maxlen: 32
185.66.136.0/22 maxlen: 32
94.139.224.0/20 maxlen: 32
119.12.192.0/21 maxlen: 32
77.81.92.0/22 maxlen: 32
176.223.182.0/23 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Mar 2023 08:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:4a:b1:58:e6:6f:ce:92:78:b8:5a:42:ef:0a:80:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Mar 13 09:26:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c696af7bad15af8a373e37047edb8554dfa01e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5f:07:fd:26:73:e8:d0:9e:bb:f2:68:be:b9:
56:96:20:08:90:a2:13:1c:87:ae:73:ed:a9:86:02:
30:5d:24:de:22:d6:4d:b1:60:74:32:f3:f4:1f:bf:
00:0b:b4:ec:f5:a3:f0:fd:85:d8:87:0f:fc:20:e5:
3d:44:af:6a:8a:4a:fa:4f:ab:98:0a:9c:9a:1b:d9:
ef:77:12:2c:15:47:b4:a4:00:d5:45:07:12:67:49:
e8:49:0b:76:d8:be:35:08:25:9a:c1:a1:08:7c:ef:
eb:e1:ca:34:05:9d:96:84:2c:1d:55:de:df:98:9b:
62:86:d3:a1:c4:1f:c1:36:df:fa:34:6f:08:2a:44:
b9:ac:5e:47:36:57:f8:07:fa:87:40:fc:4b:c6:c8:
b0:78:8d:4a:15:3b:47:af:a7:11:dd:02:68:0d:24:
ae:52:ff:f2:2e:0e:f7:39:67:97:3e:34:75:b7:35:
cf:31:e4:a9:e7:6e:e9:50:4a:6f:85:0b:97:4c:fb:
05:46:5c:ec:fb:18:bc:7f:4f:5d:6e:06:73:03:4b:
b2:ee:6d:56:d8:57:8c:2d:6a:a6:1c:06:ee:4d:47:
30:3f:b5:de:4c:00:4f:c2:1e:6c:68:f7:6b:ac:5f:
ee:be:54:f4:77:b1:bf:ea:0f:79:41:e5:2c:b2:2c:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:96:AF:7B:AD:15:AF:8A:37:3E:37:04:7E:DB:85:54:DF:A0:1E:35
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xpave60Vr4o3PjcEftuFVN-gHjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.92.0/22
93.113.52.0/23
94.139.224.0/20
110.238.192.0/19
119.12.192.0/21
176.223.182.0/23
185.66.136.0/22
188.212.136.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:4a:53:3b:ed:40:51:8e:32:13:d1:79:fa:20:c3:e1:22:ee:
a2:13:1a:04:d2:d7:1b:50:60:85:1a:23:fc:25:52:1e:bb:e5:
39:eb:46:d3:e0:e3:da:20:a5:3e:bc:9b:66:b1:aa:aa:a3:16:
b0:2f:92:b1:91:dc:e8:18:a1:4c:c5:21:2c:86:48:e0:48:df:
5f:11:8a:ee:ae:a8:93:5b:06:81:b7:29:05:08:d0:88:bd:1f:
82:a4:13:b3:28:d3:72:90:6b:8d:3d:77:ed:bd:8f:e8:5e:ec:
38:fc:bf:b6:c0:cf:7c:c1:04:4d:3e:a3:e8:68:17:78:99:b3:
7f:a2:5c:ae:0e:d7:7e:2f:7c:9a:76:82:5a:5e:e3:8f:20:66:
64:61:8b:07:67:d0:36:fc:a0:bd:07:b7:a7:9f:60:63:76:31:
c6:11:4f:5d:2b:d3:25:83:ff:f8:bd:ee:c8:30:ea:15:62:42:
4e:a5:a8:fc:12:66:bc:c6:0b:8d:8c:92:38:4a:b9:f4:3d:c1:
62:64:14:26:d7:ec:77:17:f5:1c:f6:19:d9:f7:c3:e3:65:f1:
dd:a0:60:e3:1d:4e:e7:8f:7a:56:5f:f3:dd:57:68:64:6d:0d:
c4:b2:0a:56:e7:cf:7e:1a:b4:78:5f:bb:ce:15:b5:9c:f7:d0:
19:61:a3:90
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYbaSrFY5m/Okni4WkLvCoAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwMzEzMDkyNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk2YWY3YmFkMTVhZjhhMzczZTM3MDQ3ZWRiODU1NGRmYTAxZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl8H/SZz6NCeu/JovrlWliAIkKIT
HIeuc+2phgIwXSTeItZNsWB0MvP0H78AC7Ts9aPw/YXYhw/8IOU9RK9qikr6T6uY
CpyaG9nvdxIsFUe0pADVRQcSZ0noSQt22L41CCWawaEIfO/r4co0BZ2WhCwdVd7f
mJtihtOhxB/BNt/6NG8IKkS5rF5HNlf4B/qHQPxLxsiweI1KFTtHr6cR3QJoDSSu
Uv/yLg73OWeXPjR1tzXPMeSp527pUEpvhQuXTPsFRlzs+xi8f09dbgZzA0uy7m1W
2FeMLWqmHAbuTUcwP7XeTABPwh5saPdrrF/uvlT0d7G/6g95QeUssizcNwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMaWr3utFa+KNz43BH7bhVTfoB41MB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEveHBhdmU2MFZyNG8zUGpjRWZ0dUZWTi1nSGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCTVFcAwQB
XXE0AwQEXovgAwQFbu7AAwQDdwzAAwQBsN+2AwQCuUKIAwQDvNSIMA0GCSqGSIb3
DQEBCwUAA4IBAQCmSlM77UBRjjIT0Xn6IMPhIu6iExoE0tcbUGCFGiP8JVIeu+U5
60bT4OPaIKU+vJtmsaqqoxawL5KxkdzoGKFMxSEshkjgSN9fEYrurqiTWwaBtykF
CNCIvR+CpBOzKNNykGuNPXftvY/oXuw4/L+2wM98wQRNPqPoaBd4mbN/olyuDtd+
L3yadoJaXuOPIGZkYYsHZ9A2/KC9B7enn2BjdjHGEU9dK9Mlg//4ve7IMOoVYkJO
paj8Ema8xguNjJI4Srn0PcFiZBQm1+x3F/Uc9hnZ98PjZfHdoGDjHU7nj3pWX/Pd
V2hkbQ3EsgpW589+GrR4X7vOFbWc99AZYaOQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:45 2024 by rpki-client on console-ams.rpki-client.org