Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/xkLpTFnUMG1CALXNvSYrsEWR798.roa
File: xkLpTFnUMG1CALXNvSYrsEWR798.roa (raw, json)
Hash identifier: J0+kVNzCz93076lfxPdB5yObxJuwDndjAGCHsMmpleQ=
Subject key identifier: C6:42:E9:4C:59:D4:30:6D:42:00:B5:CD:BD:26:2B:B0:45:91:EF:DF
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01892609005C1163420C36E314037615AB9A
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/xkLpTFnUMG1CALXNvSYrsEWR798.roa
Signing time: Wed 05 Jul 2023 12:31:11 +0000
ROA not before: Wed 05 Jul 2023 12:31:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50670
IP address blocks: 109.237.192.0/20 maxlen: 24
176.241.64.0/21 maxlen: 24
185.193.179.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.176.0/24 maxlen: 24
185.51.212.0/22 maxlen: 24
178.20.184.0/21 maxlen: 24
2a01:1d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Oct 2023 18:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:09:00:5c:11:63:42:0c:36:e3:14:03:76:15:ab:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jul 5 12:31:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c642e94c59d4306d4200b5cdbd262bb04591efdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1c:14:25:9f:54:e1:d1:2a:a2:0d:e7:df:a7:
83:6e:d1:ad:71:93:c8:cf:0c:18:1b:35:e6:87:a1:
37:e3:db:8d:db:c3:e8:4b:f2:8a:04:88:76:f6:c1:
bd:9a:f9:67:19:0b:d5:23:6f:af:13:34:b0:3e:7b:
50:a4:87:07:86:27:0a:d1:69:81:03:01:3e:0e:36:
79:a8:f7:a4:04:96:28:59:17:89:2a:51:9c:b6:2c:
bf:5d:8d:92:69:46:6c:54:ea:59:38:c8:9d:07:aa:
8b:6f:82:54:e0:bb:77:6a:76:0b:62:7f:68:06:17:
43:9f:1f:25:90:56:3b:a0:eb:52:cf:ce:5f:23:bd:
b9:ce:13:29:02:35:f3:d6:80:02:02:34:a6:52:1d:
52:62:5c:f2:db:6e:04:53:0b:04:97:9f:6f:c9:73:
4b:cf:61:49:5a:5b:ec:19:94:c2:31:ae:e6:65:65:
e3:ca:ac:0d:85:15:78:d3:9f:bb:27:99:6a:39:49:
6f:be:6a:c5:4a:93:b2:5b:c9:d2:ef:2a:a9:0a:ca:
29:b1:23:09:cd:fd:b1:c2:19:8b:61:c8:4a:06:b3:
10:3e:ce:bf:5a:8e:0d:87:f2:22:17:62:8b:a9:d0:
15:86:5f:87:72:1e:79:b7:31:8e:7c:62:67:97:81:
3f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:42:E9:4C:59:D4:30:6D:42:00:B5:CD:BD:26:2B:B0:45:91:EF:DF
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/xkLpTFnUMG1CALXNvSYrsEWR798.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
b5:23:cd:6f:ea:51:71:20:7b:be:0a:27:28:fc:21:d7:02:2b:
5f:fc:47:ec:30:dd:d5:b9:1f:99:48:cd:95:28:4a:31:21:87:
0c:d2:59:d8:cf:30:e7:6d:62:f2:bb:eb:02:7b:4a:69:1f:13:
8f:5e:6b:d4:c8:8b:9b:97:fc:1e:d6:d9:e1:97:3d:b1:a6:da:
0d:92:30:81:6b:c8:f3:9a:8f:cd:63:7a:31:8b:24:e9:49:90:
37:9a:24:85:9e:cf:4f:e3:e6:07:03:43:9f:0f:a1:0b:43:42:
6a:76:08:f1:1c:39:04:8d:47:b5:1f:fb:66:48:88:10:fd:c0:
75:a7:13:5d:da:f8:fd:74:49:17:eb:fe:03:b7:2c:46:cd:09:
c5:65:45:18:3e:aa:5b:99:0c:2c:7a:77:72:96:4d:42:81:a5:
c1:60:11:ef:33:24:68:07:97:d9:cb:fb:23:2c:db:51:76:3d:
4a:94:69:81:c7:94:6f:50:8d:3e:2a:b0:d2:5e:67:ac:95:57:
87:5d:60:03:98:f9:a5:c3:ab:4a:fe:9d:c1:6d:43:29:8e:03:
e3:dc:d3:8f:5e:1a:5a:b7:ab:80:43:56:5e:ea:c5:57:25:1f:
e2:41:31:77:89:c4:3b:6f:75:d6:22:64:72:40:4d:5c:d6:49:
9e:b9:54:80
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYkmCQBcEWNCDDbjFAN2FauaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMwNzA1MTIzMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQyZTk0YzU5ZDQzMDZkNDIwMGI1Y2RiZDI2MmJiMDQ1OTFlZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhwUJZ9U4dEqog3n36eDbtGtcZPI
zwwYGzXmh6E349uN28PoS/KKBIh29sG9mvlnGQvVI2+vEzSwPntQpIcHhicK0WmB
AwE+DjZ5qPekBJYoWReJKlGctiy/XY2SaUZsVOpZOMidB6qLb4JU4Lt3anYLYn9o
BhdDnx8lkFY7oOtSz85fI725zhMpAjXz1oACAjSmUh1SYlzy224EUwsEl59vyXNL
z2FJWlvsGZTCMa7mZWXjyqwNhRV405+7J5lqOUlvvmrFSpOyW8nS7yqpCsopsSMJ
zf2xwhmLYchKBrMQPs6/Wo4Nh/IiF2KLqdAVhl+Hch55tzGOfGJnl4E/OQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMZC6UxZ1DBtQgC1zb0mK7BFke/fMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEveGtMcFRGblVNRzFDQUxYTnZTWXJzRVdSNzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEbe3AAwQD
sPFAAwQDshS4AwQCuTPUAwQCucGwMA0EAgACMAcDBQAqAQHQMA0GCSqGSIb3DQEB
CwUAA4IBAQC1I81v6lFxIHu+Cico/CHXAitf/EfsMN3VuR+ZSM2VKEoxIYcM0lnY
zzDnbWLyu+sCe0ppHxOPXmvUyIubl/we1tnhlz2xptoNkjCBa8jzmo/NY3oxiyTp
SZA3miSFns9P4+YHA0OfD6ELQ0JqdgjxHDkEjUe1H/tmSIgQ/cB1pxNd2vj9dEkX
6/4DtyxGzQnFZUUYPqpbmQwsendylk1CgaXBYBHvMyRoB5fZy/sjLNtRdj1KlGmB
x5RvUI0+KrDSXmeslVeHXWADmPmlw6tK/p3BbUMpjgPj3NOPXhpat6uAQ1Ze6sVX
JR/iQTF3icQ7b3XWImRyQE1c1kmeuVSA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:56 2024 by rpki-client on console-ams.rpki-client.org