Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/xTKCFKWpdVWxMpy78m8lO9ik6yc.roa
File: xTKCFKWpdVWxMpy78m8lO9ik6yc.roa (raw, json)
Hash identifier: 8UoDaKcL0XVynFVHtSI1mhbttFSZhCH7dBZPbxSqfxM=
Subject key identifier: C5:32:82:14:A5:A9:75:55:B1:32:9C:BB:F2:6F:25:3B:D8:A4:EB:27
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018BDB32808AC3EFE72090B7D45133749843
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/xTKCFKWpdVWxMpy78m8lO9ik6yc.roa
Signing time: Fri 17 Nov 2023 02:53:21 +0000
ROA not before: Fri 17 Nov 2023 02:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.238.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Thu 23 Nov 2023 16:16:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:db:32:80:8a:c3:ef:e7:20:90:b7:d4:51:33:74:98:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Nov 17 02:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5328214a5a97555b1329cbbf26f253bd8a4eb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a9:bb:03:6b:bb:ce:9b:9f:2f:35:75:bb:8a:
1f:e2:01:8f:5b:ea:38:0e:bf:f5:0b:26:5e:22:b5:
24:04:05:e4:ff:43:8f:35:59:29:49:97:2d:f0:01:
2c:73:ad:0d:f4:dd:f8:b5:79:7c:fe:64:fb:a9:50:
12:8a:d9:8b:8c:d7:61:58:56:dd:cf:7b:ae:fa:ca:
f7:ac:54:7e:75:15:f8:69:a2:0e:8a:ac:0c:d5:3d:
fb:46:3f:5c:ae:7e:ae:78:99:62:40:bf:6a:a2:32:
0c:bf:e5:4b:45:f0:95:07:43:5e:5e:29:83:94:ba:
fd:c0:30:7e:47:70:d1:6e:44:dc:09:b3:c0:f9:2c:
51:e9:25:c4:69:92:79:b7:c1:31:13:a8:ab:ed:be:
c8:b9:d3:a6:9c:93:ec:90:02:6a:d5:b4:5d:84:1d:
23:f4:b6:de:ee:5d:cc:97:fb:7d:db:35:09:49:71:
27:e1:69:17:4b:28:d5:6a:1f:5b:d3:5a:2c:6c:aa:
43:6b:1f:18:c9:b9:f2:bf:be:28:0e:e7:b3:1b:39:
2b:d9:c5:e9:9a:c8:96:74:c5:b4:2b:65:1c:59:e0:
e9:75:3b:6e:4f:33:86:da:b3:91:9f:fc:95:0a:4e:
5c:ca:10:d8:d0:42:85:e0:22:c2:99:a3:d4:1a:44:
8f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:32:82:14:A5:A9:75:55:B1:32:9C:BB:F2:6F:25:3B:D8:A4:EB:27
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/xTKCFKWpdVWxMpy78m8lO9ik6yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
188.130.238.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
ad:17:ff:f2:78:62:1b:15:b8:a0:2e:b1:89:74:7d:63:a2:e5:
9c:ed:d4:14:76:cf:fb:f5:5c:f4:59:ad:9e:66:49:d9:9b:3e:
d1:f0:fb:80:52:bd:3f:04:9f:bf:47:d5:80:aa:55:ca:23:58:
c2:56:3d:bc:bd:67:ff:c8:50:9d:a0:4d:ad:69:a3:34:f8:90:
ba:41:1d:fb:66:cf:f3:ee:f8:e3:70:d0:97:01:5f:b5:d4:af:
3d:88:f7:18:55:24:ad:3c:c3:e2:85:3f:6b:10:cd:d4:82:48:
cb:8d:64:51:b4:00:b6:e0:8c:74:8f:5a:bd:a7:a8:b7:ff:3d:
92:60:c9:d6:cd:35:32:05:67:ae:d7:29:d9:07:2d:b8:f5:db:
ed:00:36:0c:73:10:db:f1:24:22:8a:0e:93:b1:db:8c:45:b0:
40:66:fe:46:38:24:50:a0:71:7d:8e:d2:27:47:fa:e9:be:cc:
be:0c:79:03:69:ec:26:3f:1f:a7:5d:88:01:9d:54:dc:45:96:
61:81:df:51:8c:22:fe:68:fc:0a:36:0c:ec:39:02:0d:2f:86:
7e:c0:83:2b:71:37:1e:2c:40:3b:82:bb:92:3f:cc:27:6c:c7:
54:5b:21:ef:c4:c9:f9:b6:dd:5d:96:a9:42:74:2d:87:95:77:
1e:fd:97:86
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvbMoCKw+/nIJC31FEzdJhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMxMTE3MDI1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMyODIxNGE1YTk3NTU1YjEzMjljYmJmMjZmMjUzYmQ4YTRlYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26m7A2u7zpufLzV1u4of4gGPW+o4
Dr/1CyZeIrUkBAXk/0OPNVkpSZct8AEsc60N9N34tXl8/mT7qVASitmLjNdhWFbd
z3uu+sr3rFR+dRX4aaIOiqwM1T37Rj9crn6ueJliQL9qojIMv+VLRfCVB0NeXimD
lLr9wDB+R3DRbkTcCbPA+SxR6SXEaZJ5t8ExE6ir7b7IudOmnJPskAJq1bRdhB0j
9Lbe7l3Ml/t92zUJSXEn4WkXSyjVah9b01osbKpDax8Yybnyv74oDuezGzkr2cXp
msiWdMW0K2UcWeDpdTtuTzOG2rORn/yVCk5cyhDY0EKF4CLCmaPUGkSP9QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMUyghSlqXVVsTKcu/JvJTvYpOsnMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEveFRLQ0ZLV3BkVld4TXB5NzhtOGxPOWlrNnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAvIK2AwQA
vILuAwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCtF//y
eGIbFbigLrGJdH1jouWc7dQUds/79Vz0Wa2eZknZmz7R8PuAUr0/BJ+/R9WAqlXK
I1jCVj28vWf/yFCdoE2taaM0+JC6QR37Zs/z7vjjcNCXAV+11K89iPcYVSStPMPi
hT9rEM3UgkjLjWRRtAC24Ix0j1q9p6i3/z2SYMnWzTUyBWeu1ynZBy249dvtADYM
cxDb8SQiig6TsduMRbBAZv5GOCRQoHF9jtInR/rpvsy+DHkDaewmPx+nXYgBnVTc
RZZhgd9RjCL+aPwKNgzsOQINL4Z+wIMrcTceLEA7gruSP8wnbMdUWyHvxMn5tt1d
lqlCdC2HlXce/ZeG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org