Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cxwUVZpTs4TJD_yj0tHA0D-5STU.roa
File: cxwUVZpTs4TJD_yj0tHA0D-5STU.roa (raw, json)
Hash identifier: FUS6ii7VNZkhZK7QXhXMYbwibqSiSLnvb2eKvJLEYJs=
Subject key identifier: 73:1C:14:55:9A:53:B3:84:C9:0F:FC:A3:D2:D1:C0:D0:3F:B9:49:35
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018D83E406BD78E79B588F1C3ECF3E936B66
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cxwUVZpTs4TJD_yj0tHA0D-5STU.roa
Signing time: Wed 07 Feb 2024 14:06:15 +0000
ROA not before: Wed 07 Feb 2024 14:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 95.182.108.0/24 maxlen: 24
95.182.110.0/24 maxlen: 24
109.248.6.0/23 maxlen: 24
109.248.33.0/24 maxlen: 24
109.248.45.0/24 maxlen: 24
109.248.169.0/24 maxlen: 24
188.130.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Aug 2024 09:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:e4:06:bd:78:e7:9b:58:8f:1c:3e:cf:3e:93:6b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 7 14:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=731c14559a53b384c90ffca3d2d1c0d03fb94935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:47:78:75:a3:c1:63:05:c3:f7:94:f0:67:31:
d4:a3:87:18:16:b2:8f:61:c0:71:89:bd:f0:3c:3c:
69:6c:7f:28:0f:e1:af:21:6a:6a:49:bd:76:04:fb:
60:69:cf:0d:1e:c0:0b:39:a0:1e:c2:05:b8:3f:bb:
18:a8:29:d1:a3:6f:91:62:5e:2a:48:d5:e3:4e:3e:
8f:31:ea:31:3d:7a:ef:5a:36:57:62:73:7e:b2:a3:
6c:33:66:e8:c0:81:51:84:4c:fd:87:ce:a7:20:1e:
72:5a:99:d9:32:41:74:6a:0e:55:d1:90:a9:20:0b:
bd:03:c0:49:0d:19:a2:45:48:bc:87:f6:ef:d8:c3:
75:e1:fe:b5:57:f3:6f:7c:ae:5a:3a:ec:60:82:96:
3a:8a:5e:fa:f7:96:cb:9e:2e:28:e3:e6:13:4c:90:
e8:ef:4b:85:26:41:54:3a:b8:81:c7:86:b9:7c:b6:
a9:27:89:66:2c:19:1c:d2:c1:46:32:c6:79:da:81:
92:20:9c:73:df:a6:f9:ff:93:7e:2f:86:23:f8:a8:
14:cc:06:de:de:af:8e:de:24:41:1f:b6:78:e2:56:
71:b4:a0:34:da:f9:42:b7:28:e9:2c:29:14:b7:43:
8a:64:89:21:b2:31:81:d5:64:58:de:07:47:dc:7a:
d9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1C:14:55:9A:53:B3:84:C9:0F:FC:A3:D2:D1:C0:D0:3F:B9:49:35
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/cxwUVZpTs4TJD_yj0tHA0D-5STU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.108.0/24
95.182.110.0/24
109.248.6.0/23
109.248.33.0/24
109.248.45.0/24
109.248.169.0/24
188.130.209.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:c0:7a:bf:5d:ec:7f:b4:93:39:bd:9b:68:8f:5d:c4:6e:65:
a2:c3:41:c4:22:45:01:7e:37:d7:44:8c:61:31:58:60:9b:c4:
d1:ba:50:cc:cd:f6:45:a9:96:0e:c9:c2:da:e0:82:62:b1:0d:
cd:59:e4:c8:b7:55:b0:a7:82:5b:f5:d8:6c:c6:a7:7d:19:f9:
25:1b:8e:6d:40:11:cf:69:bb:92:9c:60:8e:fe:bc:44:c8:4f:
63:cb:fa:f7:6f:73:16:5f:13:76:bf:65:e6:52:7d:b2:89:93:
77:de:54:55:34:f7:e3:de:a1:0a:45:e3:78:b1:03:2e:4d:61:
c0:53:64:22:03:54:28:ec:8a:58:6f:60:fe:0a:30:f6:57:f4:
50:29:2d:11:11:fe:25:43:56:ad:42:70:fe:e5:95:1e:4b:81:
46:d4:e3:e2:22:8e:c8:14:9e:35:3d:a9:09:6e:cf:b5:fa:f5:
91:65:f9:99:79:36:ad:a5:03:74:cb:e9:66:77:4e:4c:99:fc:
6a:da:fb:41:23:95:36:3f:9f:62:a6:78:d9:a1:7c:32:a3:e6:
32:25:d8:f2:1c:8f:ad:f7:68:7e:08:7e:fb:7c:7d:45:a0:be:
c1:f0:e8:25:af:12:34:e4:2b:c3:53:47:0a:ae:07:d9:61:fe:
b5:cd:ff:5f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2D5Aa9eOebWI8cPs8+k2tmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMjA3MTQwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFjMTQ1NTlhNTNiMzg0YzkwZmZjYTNkMmQxYzBkMDNmYjk0OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUd4daPBYwXD95TwZzHUo4cYFrKP
YcBxib3wPDxpbH8oD+GvIWpqSb12BPtgac8NHsALOaAewgW4P7sYqCnRo2+RYl4q
SNXjTj6PMeoxPXrvWjZXYnN+sqNsM2bowIFRhEz9h86nIB5yWpnZMkF0ag5V0ZCp
IAu9A8BJDRmiRUi8h/bv2MN14f61V/NvfK5aOuxggpY6il7695bLni4o4+YTTJDo
70uFJkFUOriBx4a5fLapJ4lmLBkc0sFGMsZ52oGSIJxz36b5/5N+L4Yj+KgUzAbe
3q+O3iRBH7Z44lZxtKA02vlCtyjpLCkUt0OKZIkhsjGB1WRY3gdH3HrZAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHMcFFWaU7OEyQ/8o9LRwNA/uUk1MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvY3h3VVZacFRzNFRKRF95ajB0SEEwRC01U1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAX7ZsAwQA
X7ZuAwQBbfgGAwQAbfghAwQAbfgtAwQAbfipAwQAvILRMA0GCSqGSIb3DQEBCwUA
A4IBAQAawHq/Xex/tJM5vZtoj13EbmWiw0HEIkUBfjfXRIxhMVhgm8TRulDMzfZF
qZYOycLa4IJisQ3NWeTIt1Wwp4Jb9dhsxqd9GfklG45tQBHPabuSnGCO/rxEyE9j
y/r3b3MWXxN2v2XmUn2yiZN33lRVNPfj3qEKReN4sQMuTWHAU2QiA1Qo7IpYb2D+
CjD2V/RQKS0REf4lQ1atQnD+5ZUeS4FG1OPiIo7IFJ41PakJbs+1+vWRZfmZeTat
pQN0y+lmd05Mmfxq2vtBI5U2P59ipnjZoXwyo+YyJdjyHI+t92h+CH77fH1FoL7B
8OglrxI05CvDU0cKrgfZYf61zf9f
-----END CERTIFICATE-----
Generated at Fri Aug 16 13:13:21 2024 by rpki-client on console-ams.rpki-client.org