Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/xgWPpWlhxMWNn4Usyvv3CGs3aDM.roa
File: xgWPpWlhxMWNn4Usyvv3CGs3aDM.roa (raw, json)
Hash identifier: KulnaxOIDgFS2EG4ppgXJhRRdttaUvVoSeHXONAC9CA=
Subject key identifier: C6:05:8F:A5:69:61:C4:C5:8D:9F:85:2C:CA:FB:F7:08:6B:37:68:33
Certificate issuer: /CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Certificate serial: 018A87DA2F05B62BF9FCB5E800098AD18058
Authority key identifier: 02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/xgWPpWlhxMWNn4Usyvv3CGs3aDM.roa
Signing time: Tue 12 Sep 2023 05:25:37 +0000
ROA not before: Tue 12 Sep 2023 05:25:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 212.34.0.0/19 maxlen: 24
185.98.224.0/22 maxlen: 24
213.139.32.0/19 maxlen: 24
2a00:18d8::/29 maxlen: 48
2a00:18d8:2::/48 maxlen: 48
2a00:18d8::/32 maxlen: 64
Validation: Failed, certificate revoked on Thu 14 Sep 2023 10:13:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:87:da:2f:05:b6:2b:f9:fc:b5:e8:00:09:8a:d1:80:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Validity
Not Before: Sep 12 05:25:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6058fa56961c4c58d9f852ccafbf7086b376833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:77:fa:13:87:32:a4:5a:8d:7a:12:dc:56:
90:58:11:e2:f3:29:74:9f:19:a6:7e:5d:9e:11:1a:
22:a8:70:eb:4a:a4:42:fc:a5:3b:68:82:14:e9:de:
a6:56:f7:27:f8:d4:1e:ea:57:d5:4c:8c:00:f4:7b:
29:2e:a7:94:6a:a2:e3:2c:21:97:a4:b6:77:0f:43:
43:e0:77:f6:9e:ff:11:a3:fc:ab:48:ef:34:79:48:
c1:8c:7a:63:e0:f2:55:ae:20:80:bd:e7:6d:a3:5f:
7c:02:50:1a:c9:6c:18:47:f7:97:01:35:72:1e:72:
a4:37:c0:71:1a:11:90:48:af:26:73:d4:ff:1d:48:
49:d4:de:e7:d8:f1:b2:c2:f5:18:91:39:42:28:22:
0e:ef:a4:60:d0:94:83:16:d8:38:cf:41:02:d7:bb:
21:9a:ac:9b:aa:15:96:48:13:01:40:b8:0c:8e:49:
a6:18:3e:b3:cb:86:db:cf:13:11:95:c1:6a:55:59:
c0:3c:47:04:4c:1d:c7:b1:61:09:c5:77:bb:9f:3a:
b4:f6:06:de:75:f3:35:83:e0:b0:f3:61:e1:b0:15:
29:6f:3e:0b:e1:1f:06:68:1f:aa:df:f4:28:93:9e:
6a:e1:3d:db:a5:86:33:67:73:51:26:a3:34:ba:02:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:05:8F:A5:69:61:C4:C5:8D:9F:85:2C:CA:FB:F7:08:6B:37:68:33
X509v3 Authority Key Identifier:
keyid:02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/xgWPpWlhxMWNn4Usyvv3CGs3aDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.224.0/22
212.34.0.0/19
213.139.32.0/19
IPv6:
2a00:18d8::/29
Signature Algorithm: sha256WithRSAEncryption
24:ce:cb:fb:1c:fd:62:c5:91:9c:61:9f:e5:e8:13:65:39:39:
77:5f:c6:e6:cd:4e:1f:d7:f5:38:6c:0e:5c:bb:32:a9:fc:af:
f0:69:c5:61:fd:a3:cd:46:53:e1:bf:23:e5:d5:0d:ac:ef:99:
dc:f4:a8:be:91:4b:c5:f0:fa:bb:bd:7c:a6:30:fb:b0:f3:12:
14:64:09:89:77:fa:74:ca:c4:36:8f:78:4d:57:3c:9f:c0:5c:
b0:ea:b6:a5:aa:1e:9e:c3:98:77:9e:ea:95:0d:22:61:42:78:
80:dc:be:b1:67:f2:b9:a0:0a:c7:d1:c9:86:86:bc:00:3e:61:
6b:21:49:f1:5d:83:2f:6e:33:87:dc:11:25:ba:5a:cc:78:20:
3a:99:32:f3:d6:cf:ab:08:1c:fb:71:a4:f3:27:f2:64:89:9c:
80:cc:3e:7d:bf:e2:4b:b8:e1:19:b0:e7:01:1c:78:4b:78:6c:
c1:7f:bd:5c:29:f1:a5:9a:6b:81:55:fa:a3:41:28:c4:c1:9a:
c1:22:09:c7:f9:93:ef:40:51:1b:2c:00:eb:b5:6b:47:90:bb:
e7:9d:bf:45:fe:04:ab:54:d4:30:fe:81:16:c9:52:34:7f:6e:
cb:bf:1c:b2:bc:44:1c:f1:10:fd:43:80:56:ca:5c:2d:18:52:
6c:14:f9:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqH2i8Ftiv5/LXoAAmK0YBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOWU5ODMzNmY2YTZjYzlkYmNmMWVjYjQ4OTU1ODBmMDk0
ZTNlMmIwHhcNMjMwOTEyMDUyNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA1OGZhNTY5NjFjNGM1OGQ5Zjg1MmNjYWZiZjcwODZiMzc2ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw153+hOHMqRajXoS3FaQWBHi8yl0
nxmmfl2eERoiqHDrSqRC/KU7aIIU6d6mVvcn+NQe6lfVTIwA9HspLqeUaqLjLCGX
pLZ3D0ND4Hf2nv8Ro/yrSO80eUjBjHpj4PJVriCAvedto198AlAayWwYR/eXATVy
HnKkN8BxGhGQSK8mc9T/HUhJ1N7n2PGywvUYkTlCKCIO76Rg0JSDFtg4z0EC17sh
mqybqhWWSBMBQLgMjkmmGD6zy4bbzxMRlcFqVVnAPEcETB3HsWEJxXe7nzq09gbe
dfM1g+Cw82HhsBUpbz4L4R8GaB+q3/Qok55q4T3bpYYzZ3NRJqM0ugKBUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMYFj6VpYcTFjZ+FLMr79whrN2gzMB8GA1UdIwQY
MBaAFAKemDNvamzJ288ey0iVWA8JTj4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUt
MGZlNmY1NWRiM2Y2LzEveGdXUHBXbGh4TVdObjRVc3l2djNDR3MzYURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUtMGZlNmY1NWRiM2Y2
LzEvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWLgAwQF
1CIAAwQF1YsgMA0EAgACMAcDBQMqABjYMA0GCSqGSIb3DQEBCwUAA4IBAQAkzsv7
HP1ixZGcYZ/l6BNlOTl3X8bmzU4f1/U4bA5cuzKp/K/wacVh/aPNRlPhvyPl1Q2s
75nc9Ki+kUvF8Pq7vXymMPuw8xIUZAmJd/p0ysQ2j3hNVzyfwFyw6ralqh6ew5h3
nuqVDSJhQniA3L6xZ/K5oArH0cmGhrwAPmFrIUnxXYMvbjOH3BElulrMeCA6mTLz
1s+rCBz7caTzJ/JkiZyAzD59v+JLuOEZsOcBHHhLeGzBf71cKfGlmmuBVfqjQSjE
wZrBIgnH+ZPvQFEbLADrtWtHkLvnnb9F/gSrVNQw/oEWyVI0f27LvxyyvEQc8RD9
Q4BWylwtGFJsFPnj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:49 2024 by rpki-client on console-fra.rpki-client.org