Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xLQwGIWigWC-n7zpwZM2S7WyI5s.roa
File: xLQwGIWigWC-n7zpwZM2S7WyI5s.roa (raw, json)
Hash identifier: xcFu39DY+sn75jHv35jkixKtdPBuIx9uxrJDp/FHUMY=
Subject key identifier: C4:B4:30:18:85:A2:81:60:BE:9F:BC:E9:C1:93:36:4B:B5:B2:23:9B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0189BA7A80D207047B09541734B7E2C825F7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xLQwGIWigWC-n7zpwZM2S7WyI5s.roa
Signing time: Thu 03 Aug 2023 08:18:57 +0000
ROA not before: Thu 03 Aug 2023 08:18:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.34.106.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
77.81.65.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
45.88.14.0/23 maxlen: 23
89.47.55.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
89.45.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Aug 2023 12:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:7a:80:d2:07:04:7b:09:54:17:34:b7:e2:c8:25:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 3 08:18:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4b4301885a28160be9fbce9c193364bb5b2239b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fb:da:08:3d:b7:08:19:4c:8d:82:6e:1d:2f:
16:75:04:c1:5e:14:2a:99:74:3d:c4:b8:16:0a:91:
c1:b7:a5:9f:25:93:c2:d2:e3:64:52:60:fb:c6:7e:
54:1b:fb:f5:26:cd:84:6d:a1:07:bb:95:fa:6f:43:
f3:bd:6b:cf:4d:0e:44:6d:23:7f:b8:c8:f3:b3:cb:
4d:84:19:b7:fb:94:95:f5:61:5f:59:f4:67:cb:fa:
d1:42:0b:08:77:64:53:a9:01:2c:c9:8b:d0:72:91:
4c:14:b8:10:fc:b8:e1:05:9d:8a:de:9a:88:ce:e9:
2c:b1:01:eb:99:39:eb:70:9a:4c:22:af:44:3a:dc:
fb:55:e6:b9:b7:5f:24:41:73:c8:5a:eb:99:1f:a1:
79:64:44:89:ef:dc:5d:31:1e:a4:80:1f:89:af:fe:
ee:b9:a9:ec:e4:c0:39:2c:8c:dd:00:cc:bf:e1:8d:
44:97:7c:d8:d1:c5:68:59:e3:ea:4b:27:02:b3:ce:
8d:23:4f:ba:ee:26:68:6c:1a:0b:d1:01:2d:19:0a:
2e:6a:06:2f:6b:1e:c4:1e:f3:30:a2:89:0f:8a:27:
ad:98:01:df:7c:1d:3e:b2:2b:8c:86:e3:d6:bb:d5:
94:6e:88:ed:67:61:f7:a0:da:83:94:19:2d:45:a1:
c4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B4:30:18:85:A2:81:60:BE:9F:BC:E9:C1:93:36:4B:B5:B2:23:9B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xLQwGIWigWC-n7zpwZM2S7WyI5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0-45.88.15.255
77.81.65.0/24
86.107.100.0/24
89.34.106.0/24
89.35.130.0/23
89.45.162.0/24
89.47.36.0/24
89.47.55.0/24
92.114.32.0/24
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
50:e1:6a:8d:08:f3:e2:d8:b7:6d:e6:ea:0e:f0:b5:3d:9d:36:
af:89:4e:01:a5:4a:65:50:74:52:8a:38:95:e9:51:8c:a1:b6:
b4:9f:f7:c1:97:cf:ad:25:d0:bd:43:47:8f:cc:ec:66:b7:7a:
83:c1:f0:a2:7d:ef:4d:bf:2e:b7:8e:da:b4:b3:6b:57:a8:45:
b2:26:09:5c:87:0c:2f:a8:f1:48:9b:22:dd:56:98:35:ff:a0:
ac:e5:6b:c1:96:55:07:29:1a:15:be:77:d8:1e:1e:da:ca:ca:
1f:a8:3b:9d:f6:82:78:0b:ac:ef:db:c5:ed:6a:6c:43:0e:33:
3e:27:a5:14:19:6e:58:7b:2b:e3:9d:49:2c:d2:6c:d6:4c:aa:
6a:91:bf:51:51:34:72:57:3a:5e:61:e5:8e:5e:67:6c:57:a2:
51:b4:05:dd:78:65:19:28:22:ba:87:b7:95:13:0a:8f:7f:8d:
e9:21:0c:e5:e0:14:41:17:66:fd:53:21:04:fc:a9:19:29:af:
55:f9:91:fa:20:d8:22:cf:d7:bf:f2:ae:45:fe:5a:5c:8f:2e:
17:63:0f:61:2c:3c:f3:4d:3f:cd:bb:a6:b8:cb:7e:46:d5:9b:
65:d0:4a:5b:f7:8b:96:b5:8c:c3:88:9d:d6:56:02:e8:cf:42:
52:6e:80:da
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYm6eoDSBwR7CVQXNLfiyCX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwODAzMDgxODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGI0MzAxODg1YTI4MTYwYmU5ZmJjZTljMTkzMzY0YmI1YjIyMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/vaCD23CBlMjYJuHS8WdQTBXhQq
mXQ9xLgWCpHBt6WfJZPC0uNkUmD7xn5UG/v1Js2EbaEHu5X6b0PzvWvPTQ5EbSN/
uMjzs8tNhBm3+5SV9WFfWfRny/rRQgsId2RTqQEsyYvQcpFMFLgQ/LjhBZ2K3pqI
zukssQHrmTnrcJpMIq9EOtz7Vea5t18kQXPIWuuZH6F5ZESJ79xdMR6kgB+Jr/7u
uans5MA5LIzdAMy/4Y1El3zY0cVoWePqSycCs86NI0+67iZobBoL0QEtGQouagYv
ax7EHvMwookPiietmAHffB0+siuMhuPWu9WUbojtZ2H3oNqDlBktRaHEGQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMS0MBiFooFgvp+86cGTNku1siObMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveExRd0dJV2lnV0Mtbjd6cHdaTTJTN1d5STVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBAAtWA0D
BAQtWAADBABNUUEDBABWa2QDBABZImoDBAFZI4IDBABZLaIDBABZLyQDBABZLzcD
BABcciADBAC81mswDQYJKoZIhvcNAQELBQADggEBAFDhao0I8+LYt23m6g7wtT2d
Nq+JTgGlSmVQdFKKOJXpUYyhtrSf98GXz60l0L1DR4/M7Ga3eoPB8KJ9702/LreO
2rSza1eoRbImCVyHDC+o8UibIt1WmDX/oKzla8GWVQcpGhW+d9geHtrKyh+oO532
gngLrO/bxe1qbEMOMz4npRQZblh7K+OdSSzSbNZMqmqRv1FRNHJXOl5h5Y5eZ2xX
olG0Bd14ZRkoIrqHt5UTCo9/jekhDOXgFEEXZv1TIQT8qRkpr1X5kfog2CLP17/y
rkX+WlyPLhdjD2EsPPNNP827prjLfkbVm2XQSlv3i5a1jMOIndZWAujPQlJugNo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org