Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xqNHJG-8z2YlkMOK2EKMIVKZUlE.roa
File: xqNHJG-8z2YlkMOK2EKMIVKZUlE.roa (raw, json)
Hash identifier: 3hyeNcHRgXo9Zs3Tw/wJNHv731X24T1PVEdXhLhxWMQ=
Subject key identifier: C6:A3:47:24:6F:BC:CF:66:25:90:C3:8A:D8:42:8C:21:52:99:52:51
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019049C21551CB1562E317C42A3DDAA45DB1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xqNHJG-8z2YlkMOK2EKMIVKZUlE.roa
Signing time: Mon 24 Jun 2024 10:19:34 +0000
ROA not before: Mon 24 Jun 2024 10:19:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 45.87.121.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 04:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:c2:15:51:cb:15:62:e3:17:c4:2a:3d:da:a4:5d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 24 10:19:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6a347246fbccf662590c38ad8428c2152995251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6b:3b:6f:fb:a4:fe:16:b2:54:de:5c:c4:79:
2d:59:d5:41:e5:68:a5:1e:c9:7d:68:91:4c:1d:8e:
28:a0:1d:41:ee:64:59:85:83:b7:d9:53:d9:df:bf:
f3:36:71:5e:95:19:47:59:69:9b:29:ab:2c:3e:0a:
b9:4c:66:bf:61:71:a5:81:6d:6f:80:1c:26:48:f9:
d5:73:83:96:48:46:07:51:26:e4:67:47:89:24:9b:
d9:f6:bf:88:57:e4:40:5c:f5:59:29:aa:49:f1:88:
a6:c5:44:c1:08:3c:b8:1c:ec:45:80:85:5f:47:2e:
b3:e3:71:fb:e3:ac:89:56:4f:c4:e1:a3:cc:cc:5d:
1b:16:f0:5a:a7:c2:4c:ca:2b:cc:d7:22:15:73:55:
2e:30:9e:a4:a7:d9:0b:2b:20:82:1a:c7:14:71:ff:
17:33:83:18:4d:d7:25:98:3d:87:f1:b3:f3:92:ea:
bd:07:3e:91:65:c8:c2:70:17:c6:6e:42:cf:a6:b1:
12:0d:73:37:1f:95:a7:8a:b5:ab:ef:d1:a9:0d:04:
e5:07:a1:91:78:3b:80:cf:f0:5b:15:7d:a3:40:d4:
e6:ae:f3:7b:a7:0b:e4:2b:a9:79:12:e9:7b:1f:20:
3b:be:20:ee:28:13:cb:8d:fc:b0:80:4f:03:b9:7c:
38:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A3:47:24:6F:BC:CF:66:25:90:C3:8A:D8:42:8C:21:52:99:52:51
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/xqNHJG-8z2YlkMOK2EKMIVKZUlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.121.0/24
89.34.219.0/24
89.35.130.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a4:00:98:cc:7e:25:20:43:e1:38:43:44:d1:f5:15:4b:74:
96:ac:e3:c7:c5:86:bc:d2:51:e4:e3:68:81:8c:54:f4:cb:ac:
97:03:0d:b1:4b:68:d6:14:95:21:ff:0f:60:54:09:a0:c4:db:
35:57:42:e8:16:27:c4:d1:71:04:c1:1d:6c:9d:3d:9e:89:74:
64:c8:00:62:81:c2:83:b5:88:33:6e:77:8a:f5:72:52:b1:fc:
53:69:94:e2:59:75:a6:63:a3:03:dd:4a:f8:a9:c0:89:6e:39:
62:d2:1f:5a:dc:29:45:51:df:e5:6f:d2:4d:be:8c:68:a1:63:
26:8e:9e:79:37:3b:87:d7:99:52:c9:1e:36:c9:61:5f:1c:81:
ff:7f:18:6f:ff:5b:51:3f:4c:f6:a4:02:e8:ff:f9:e4:9e:44:
4d:bb:7b:a9:be:ad:c8:d4:ad:1f:83:03:b2:ec:1d:38:ce:d1:
68:5f:7d:37:2a:6b:90:62:f2:7b:93:78:c0:e6:ab:a8:4f:46:
e0:e6:6d:99:97:4f:03:19:84:7b:a2:6e:ea:c9:8a:2c:ad:0c:
23:1b:00:eb:77:90:0d:08:43:d5:ed:aa:97:9d:1c:b1:a4:c2:
f7:2e:ee:be:a7:e1:68:38:fa:29:60:62:6d:80:7d:a5:35:2b:
31:b0:35:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBJwhVRyxVi4xfEKj3apF2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjI0MTAxOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmEzNDcyNDZmYmNjZjY2MjU5MGMzOGFkODQyOGMyMTUyOTk1MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWs7b/uk/hayVN5cxHktWdVB5Wil
Hsl9aJFMHY4ooB1B7mRZhYO32VPZ37/zNnFelRlHWWmbKassPgq5TGa/YXGlgW1v
gBwmSPnVc4OWSEYHUSbkZ0eJJJvZ9r+IV+RAXPVZKapJ8YimxUTBCDy4HOxFgIVf
Ry6z43H746yJVk/E4aPMzF0bFvBap8JMyivM1yIVc1UuMJ6kp9kLKyCCGscUcf8X
M4MYTdclmD2H8bPzkuq9Bz6RZcjCcBfGbkLPprESDXM3H5WnirWr79GpDQTlB6GR
eDuAz/BbFX2jQNTmrvN7pwvkK6l5Eul7HyA7viDuKBPLjfywgE8DuXw4QwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMajRyRvvM9mJZDDithCjCFSmVJRMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEveHFOSEpHLTh6Mllsa01PSzJFS01JVktaVWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVd5AwQA
WSLbAwQAWSOCMA0GCSqGSIb3DQEBCwUAA4IBAQB/pACYzH4lIEPhOENE0fUVS3SW
rOPHxYa80lHk42iBjFT0y6yXAw2xS2jWFJUh/w9gVAmgxNs1V0LoFifE0XEEwR1s
nT2eiXRkyABigcKDtYgzbneK9XJSsfxTaZTiWXWmY6MD3Ur4qcCJbjli0h9a3ClF
Ud/lb9JNvoxooWMmjp55NzuH15lSyR42yWFfHIH/fxhv/1tRP0z2pALo//nknkRN
u3upvq3I1K0fgwOy7B04ztFoX303KmuQYvJ7k3jA5quoT0bg5m2Zl08DGYR7om7q
yYosrQwjGwDrd5ANCEPV7aqXnRyxpML3Lu6+p+FoOPopYGJtgH2lNSsxsDUm
-----END CERTIFICATE-----
Generated at Mon Nov 18 06:45:20 2024 by rpki-client on console-fra.rpki-client.org