Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xN0GV-oK_woQ79dlOEKlGTl8b1U.roa
File: xN0GV-oK_woQ79dlOEKlGTl8b1U.roa (raw, json)
Hash identifier: yIlIJ36gWXTKhlC/jpBa8Z0pKHElPuj5VsGv42E0yDk=
Subject key identifier: C4:DD:06:57:EA:0A:FF:0A:10:EF:D7:65:38:42:A5:19:39:7C:6F:55
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E1906361C51154D8C085A488423DC11D2
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xN0GV-oK_woQ79dlOEKlGTl8b1U.roa
Signing time: Thu 07 Mar 2024 13:07:01 +0000
ROA not before: Thu 07 Mar 2024 13:07:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 93.191.168.0/21 maxlen: 21
93.191.173.0/24 maxlen: 24
95.100.147.0/24 maxlen: 24
194.35.38.0/23 maxlen: 23
2a02:2370:fe::/47 maxlen: 48
2a0b:35c0::/29 maxlen: 31
Validation: Failed, certificate revoked on Wed 20 Mar 2024 11:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:06:36:1c:51:15:4d:8c:08:5a:48:84:23:dc:11:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 7 13:07:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4dd0657ea0aff0a10efd7653842a519397c6f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:17:f4:07:ee:35:d2:4f:79:75:0a:9c:7d:
2f:2c:c1:15:02:54:b2:ac:b2:7f:53:6e:e5:ba:67:
7c:7a:d8:5f:ab:72:6f:30:7b:8b:5b:2b:11:be:bf:
e6:18:03:58:f6:c9:e1:2c:24:cc:b6:1c:ec:ec:4d:
d7:c2:d0:2f:cf:a1:1e:95:3f:7f:80:dd:89:5e:4a:
da:51:1d:17:d3:20:58:d1:65:d3:e0:0f:6b:c5:21:
85:0f:f7:6f:3d:7c:9a:89:fb:ed:bd:2b:ed:7f:5c:
46:3d:7a:c0:15:45:d2:63:97:0d:cc:7f:52:6e:97:
1c:47:e7:f5:a3:b0:ac:40:cc:bb:ef:44:fb:9a:f0:
a7:8b:61:c9:c2:6e:95:0a:73:bb:31:85:e0:e5:f0:
ce:fd:c4:62:71:b1:cc:60:27:d8:0d:4c:75:96:6a:
3d:9b:bd:db:42:70:61:cd:ac:ae:19:45:b1:c2:ad:
12:da:c9:6b:04:4e:09:3e:5f:26:68:c9:04:57:ce:
3b:84:13:c9:de:9a:5d:18:42:02:e9:aa:57:c8:f6:
2a:14:bf:52:43:9d:d9:1f:87:d7:6d:88:eb:b6:55:
34:04:91:94:d2:80:c3:e0:13:67:14:13:db:ed:35:
68:91:57:b0:54:7b:ee:ee:7a:58:c5:42:be:2e:f1:
31:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DD:06:57:EA:0A:FF:0A:10:EF:D7:65:38:42:A5:19:39:7C:6F:55
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/xN0GV-oK_woQ79dlOEKlGTl8b1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.168.0/21
95.100.147.0/24
194.35.38.0/23
IPv6:
2a02:2370:fe::/47
2a0b:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:41:99:73:06:b7:df:74:9f:e8:98:36:6f:53:96:3b:ff:cb:
fb:d7:d2:f4:fc:f4:3c:45:5a:07:46:1a:06:34:55:86:1d:54:
a6:39:fd:98:a5:cc:7e:c9:12:0d:cd:d0:c1:10:b6:dd:a0:76:
31:96:4d:c8:2d:26:dc:12:03:3c:f3:9a:2e:52:61:54:5d:26:
0b:89:ad:df:91:55:4e:69:c7:81:65:e3:ef:bf:b2:89:54:12:
3b:8d:76:cc:c1:e9:6e:74:01:e5:c3:67:80:20:83:4f:50:03:
4b:9c:64:fe:e3:59:06:15:89:e1:23:b4:6e:20:b7:aa:fa:f5:
bf:15:e5:65:eb:97:11:0b:aa:3d:7e:c2:62:89:ed:bd:e3:38:
18:c3:1a:81:89:0b:28:9e:60:96:49:44:4f:78:d3:d9:69:75:
8f:da:7d:1c:ce:b0:90:1b:64:2f:6f:c8:a1:b8:81:3a:4c:5d:
92:bf:a2:ac:0b:01:ed:16:b1:4b:c6:cb:d0:fa:ce:f7:f3:0a:
d4:42:00:63:d6:4a:30:02:94:a0:12:dc:24:e2:2e:05:6b:a4:
7e:8e:dc:a3:8c:30:a4:e6:91:8f:0b:b1:7e:72:f6:94:ad:8d:
87:19:7f:91:ea:97:b7:8b:d3:6b:97:96:bd:d0:a5:33:37:99:
5d:29:4a:cb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4ZBjYcURVNjAhaSIQj3BHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzA3MTMwNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRkMDY1N2VhMGFmZjBhMTBlZmQ3NjUzODQyYTUxOTM5N2M2ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF4X9AfuNdJPeXUKnH0vLMEVAlSy
rLJ/U27lumd8ethfq3JvMHuLWysRvr/mGANY9snhLCTMthzs7E3XwtAvz6EelT9/
gN2JXkraUR0X0yBY0WXT4A9rxSGFD/dvPXyaifvtvSvtf1xGPXrAFUXSY5cNzH9S
bpccR+f1o7CsQMy770T7mvCni2HJwm6VCnO7MYXg5fDO/cRicbHMYCfYDUx1lmo9
m73bQnBhzayuGUWxwq0S2slrBE4JPl8maMkEV847hBPJ3ppdGEIC6apXyPYqFL9S
Q53ZH4fXbYjrtlU0BJGU0oDD4BNnFBPb7TVokVewVHvu7npYxUK+LvExwQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMTdBlfqCv8KEO/XZThCpRk5fG9VMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEveE4wR1Ytb0tfd29RNzlkbE9FS2xHVGw4YjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQDXb+oAwQA
X2STAwQBwiMmMBYEAgACMBADBwEqAiNwAP4DBQMqCzXAMA0GCSqGSIb3DQEBCwUA
A4IBAQBOQZlzBrffdJ/omDZvU5Y7/8v719L0/PQ8RVoHRhoGNFWGHVSmOf2Ypcx+
yRINzdDBELbdoHYxlk3ILSbcEgM885ouUmFUXSYLia3fkVVOaceBZePvv7KJVBI7
jXbMweludAHlw2eAIINPUANLnGT+41kGFYnhI7RuILeq+vW/FeVl65cRC6o9fsJi
ie294zgYwxqBiQsonmCWSURPeNPZaXWP2n0czrCQG2Qvb8ihuIE6TF2Sv6KsCwHt
FrFLxsvQ+s738wrUQgBj1kowApSgEtwk4i4Fa6R+jtyjjDCk5pGPC7F+cvaUrY2H
GX+R6pe3i9Nrl5a90KUzN5ldKUrL
-----END CERTIFICATE-----
Generated at Wed Mar 20 14:30:36 2024 by rpki-client on console-ams.rpki-client.org