Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xf3n5MCBYZlVk_QckZlkiUSazFs.roa
File: xf3n5MCBYZlVk_QckZlkiUSazFs.roa (raw, json)
Hash identifier: b06JX2yi/4gzKTDWea7kyXTxAl+Pe+n9DFHiRggAE/g=
Subject key identifier: C5:FD:E7:E4:C0:81:61:99:55:93:F4:1C:91:99:64:89:44:9A:CC:5B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018ACBBAE33348E442F0735319D674930FFD
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xf3n5MCBYZlVk_QckZlkiUSazFs.roa
Signing time: Mon 25 Sep 2023 09:45:37 +0000
ROA not before: Mon 25 Sep 2023 09:45:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 2.57.240.0/24 maxlen: 24
2.57.241.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Sep 2023 14:40:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:ba:e3:33:48:e4:42:f0:73:53:19:d6:74:93:0f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 25 09:45:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5fde7e4c08161995593f41c91996489449acc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:98:8d:60:94:d8:e5:cd:2f:ed:9c:76:25:19:
3f:17:a1:e1:c7:88:e3:cb:fb:a2:68:92:6b:29:9d:
39:f8:b9:e4:29:e5:20:9a:9a:f6:b8:f5:ee:1a:ed:
2e:43:38:4d:0d:52:f4:e6:af:24:a9:5a:af:df:b6:
be:fe:d7:b3:1d:22:46:7a:fe:ec:0f:d9:47:e2:c4:
eb:9a:9f:ea:5b:2b:df:55:d6:90:8b:b0:c4:f2:77:
00:6e:4f:ef:57:da:ef:29:4e:7e:03:94:67:9b:d8:
20:aa:99:48:7a:c1:45:9a:2d:58:f6:d9:b4:76:bf:
83:d8:f8:57:dc:60:4b:93:46:9e:af:9a:6a:14:92:
80:dd:f2:5e:39:10:cf:d7:91:4c:6d:db:0a:00:76:
87:05:c4:ea:bb:8c:54:ab:43:b1:e1:84:75:fa:0b:
83:31:a2:ee:2d:d6:9a:a2:e0:d6:c3:f9:cc:51:47:
d0:af:ec:8e:cd:a4:68:85:f5:6c:aa:47:13:76:24:
3f:f7:9b:c2:21:dd:fb:bd:85:a8:c8:4b:f7:e4:83:
93:4a:7f:2e:8a:9a:46:2a:7b:fa:05:76:94:04:22:
73:ba:94:a2:80:b9:58:97:c1:b4:5d:98:18:a0:7d:
f2:57:11:b5:c7:09:8a:a8:76:4c:1e:a7:e7:55:c3:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FD:E7:E4:C0:81:61:99:55:93:F4:1C:91:99:64:89:44:9A:CC:5B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xf3n5MCBYZlVk_QckZlkiUSazFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/23
62.192.152.0/24
89.34.106.0/24
89.37.192.0/24
89.47.55.0/24
Signature Algorithm: sha256WithRSAEncryption
72:32:ad:f9:a3:53:be:2a:75:53:08:38:27:42:f3:72:1a:3b:
8d:6e:7a:2a:84:cd:7a:50:bf:0e:0d:97:69:8e:92:82:c1:c0:
e9:75:a6:5b:61:fb:82:18:33:e1:65:5b:2e:19:61:61:be:ec:
6e:b9:84:0d:00:46:23:b9:51:13:63:cb:e1:1f:98:7b:87:64:
56:c0:68:5e:7d:c3:7c:cb:97:ea:51:08:bd:b4:35:98:14:29:
1e:32:54:5d:83:c3:a0:b8:b2:11:78:fc:b4:92:39:16:16:43:
3e:b9:d8:5f:59:bb:8f:f3:77:08:af:ad:21:7d:44:d9:fd:89:
bf:0c:4e:30:4b:9b:77:e4:b6:7f:a8:58:3a:83:08:09:16:de:
bd:fa:13:2d:90:d0:16:6b:5d:53:86:c2:c2:c7:4f:e8:be:a2:
a9:a8:cd:62:6d:2a:47:aa:4e:e1:7b:c2:1c:e8:4c:de:0c:82:
c2:83:dd:91:6f:d2:cc:cb:f8:14:6c:6e:94:97:64:90:e0:81:
5d:aa:c3:e4:8e:79:da:5e:de:b6:97:b8:81:47:bd:52:5a:71:
4d:19:97:fd:45:a4:73:d8:91:cf:08:42:5a:f6:0f:b9:79:84:
13:f3:a0:4e:f2:fc:9f:3a:1a:8e:49:09:37:4e:61:9a:b2:64:
89:58:f0:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrLuuMzSORC8HNTGdZ0kw/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTI1MDk0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWZkZTdlNGMwODE2MTk5NTU5M2Y0MWM5MTk5NjQ4OTQ0OWFjYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypiNYJTY5c0v7Zx2JRk/F6Hhx4jj
y/uiaJJrKZ05+LnkKeUgmpr2uPXuGu0uQzhNDVL05q8kqVqv37a+/tezHSJGev7s
D9lH4sTrmp/qWyvfVdaQi7DE8ncAbk/vV9rvKU5+A5Rnm9ggqplIesFFmi1Y9tm0
dr+D2PhX3GBLk0aer5pqFJKA3fJeORDP15FMbdsKAHaHBcTqu4xUq0Ox4YR1+guD
MaLuLdaaouDWw/nMUUfQr+yOzaRohfVsqkcTdiQ/95vCId37vYWoyEv35IOTSn8u
ippGKnv6BXaUBCJzupSigLlYl8G0XZgYoH3yVxG1xwmKqHZMHqfnVcMctQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMX95+TAgWGZVZP0HJGZZIlEmsxbMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveGYzbjVNQ0JZWmxWa19RY2tabGtpVVNhekZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBAjnwAwQA
PsCYAwQAWSJqAwQAWSXAAwQAWS83MA0GCSqGSIb3DQEBCwUAA4IBAQByMq35o1O+
KnVTCDgnQvNyGjuNbnoqhM16UL8ODZdpjpKCwcDpdaZbYfuCGDPhZVsuGWFhvuxu
uYQNAEYjuVETY8vhH5h7h2RWwGhefcN8y5fqUQi9tDWYFCkeMlRdg8OguLIRePy0
kjkWFkM+udhfWbuP83cIr60hfUTZ/Ym/DE4wS5t35LZ/qFg6gwgJFt69+hMtkNAW
a11ThsLCx0/ovqKpqM1ibSpHqk7he8Ic6EzeDILCg92Rb9LMy/gUbG6Ul2SQ4IFd
qsPkjnnaXt62l7iBR71SWnFNGZf9RaRz2JHPCEJa9g+5eYQT86BO8vyfOhqOSQk3
TmGasmSJWPBH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org