Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xqX8ZYu3MERawwtZ3a5NxwUtJjc.roa
File: xqX8ZYu3MERawwtZ3a5NxwUtJjc.roa (raw, json)
Hash identifier: ytfFRTmE26wvKEAwPqXqUpBcJq7LT7mSswJE5sY9J9k=
Subject key identifier: C6:A5:FC:65:8B:B7:30:44:5A:C3:0B:59:DD:AE:4D:C7:05:2D:26:37
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CF6944331D2EA394BFB14E3D0ACA40A1C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xqX8ZYu3MERawwtZ3a5NxwUtJjc.roa
Signing time: Thu 11 Jan 2024 03:32:40 +0000
ROA not before: Thu 11 Jan 2024 03:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.208.0/21 maxlen: 21
188.253.96.0/19 maxlen: 24
5.34.216.0/21 maxlen: 21
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
91.247.177.0/24 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 15:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f6:94:43:31:d2:ea:39:4b:fb:14:e3:d0:ac:a4:0a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 11 03:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6a5fc658bb730445ac30b59ddae4dc7052d2637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:24:f7:47:0c:82:e3:af:6f:07:d4:ba:fe:
0b:f1:4f:65:ae:eb:6b:4a:43:4c:51:3d:a6:37:7b:
f8:86:55:26:d8:05:a7:0d:0c:3d:39:12:a0:a0:fc:
39:bb:52:46:bc:b0:5a:66:94:31:f2:29:9c:46:cd:
77:e6:e2:fa:30:a8:f6:7c:5b:28:c1:87:2d:7f:ec:
65:7a:58:39:70:7f:81:07:01:54:8c:0b:fb:7a:39:
44:80:74:39:ae:da:e2:6f:5a:0f:8c:30:e5:c0:d2:
6a:63:a8:d9:6b:76:c6:7b:8f:1c:62:b7:71:ec:ab:
03:9f:1a:56:c0:63:68:11:f9:43:79:cc:9b:ee:5a:
f5:51:35:a6:5a:e8:fc:83:57:d2:1d:56:3b:5b:1e:
d2:1e:a9:7c:25:a3:8b:e6:91:a3:4b:39:39:96:17:
0b:d9:4b:83:03:a1:a9:9b:3d:f3:67:56:ad:3c:8e:
39:a0:1f:5c:7b:c8:2f:c3:56:7e:8f:a2:75:c4:57:
38:7f:1d:3d:22:fa:41:80:9a:f4:66:6b:a8:92:8f:
5d:b2:35:e1:fd:a7:f0:c6:58:67:fe:21:94:71:90:
31:f4:9e:76:b0:64:c3:df:da:34:02:0a:d3:ee:1e:
ae:d0:48:d3:a9:be:4f:ba:cc:21:97:7c:cb:71:e9:
d9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A5:FC:65:8B:B7:30:44:5A:C3:0B:59:DD:AE:4D:C7:05:2D:26:37
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xqX8ZYu3MERawwtZ3a5NxwUtJjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
91.247.177.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
46:5d:4b:0d:dd:2a:6d:e9:3d:40:b0:37:9f:71:aa:84:0d:4f:
c8:69:e4:7c:09:c3:9b:a0:8f:9d:a4:4d:37:03:0b:31:12:2e:
1d:9f:98:8f:7f:68:3f:e1:ac:7b:05:ef:e2:d2:28:c4:6a:40:
17:60:52:3e:d5:9b:aa:2e:e0:c8:77:83:5a:38:b6:75:55:c4:
ff:0b:d3:31:99:25:f8:4d:b7:9b:91:d9:23:49:48:75:66:5e:
09:2f:79:c8:b2:49:3c:3a:73:0e:dc:cc:27:9e:81:c0:f6:77:
25:30:44:3a:ff:3c:9e:f4:62:b2:49:f7:9b:d3:89:b5:d4:51:
e6:cb:0c:83:40:b2:e0:4d:0e:48:da:a0:1c:43:b9:4c:25:79:
37:75:12:b9:33:ad:cf:5e:c3:36:6c:c3:0c:f2:9d:52:f0:dc:
ca:de:4b:ff:e6:9c:43:59:fd:82:71:5a:f7:4d:28:c7:db:eb:
ac:13:7f:66:1c:cf:8c:bc:53:4c:60:a1:c9:f9:a3:93:ba:41:
3e:77:72:c5:7a:28:5e:8e:7e:34:40:e0:62:b1:f0:49:8f:77:
47:7c:48:0f:fe:7b:33:55:42:5b:fa:4a:12:b7:4b:fe:ff:ab:
73:51:5d:91:e7:fc:f9:43:7e:b6:36:e2:d0:30:44:fa:5c:6c:
a6:5e:bb:fd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYz2lEMx0uo5S/sU49CspAocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTExMDMzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmE1ZmM2NThiYjczMDQ0NWFjMzBiNTlkZGFlNGRjNzA1MmQyNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVQk90cMguOvbwfUuv4L8U9lrutr
SkNMUT2mN3v4hlUm2AWnDQw9ORKgoPw5u1JGvLBaZpQx8imcRs135uL6MKj2fFso
wYctf+xlelg5cH+BBwFUjAv7ejlEgHQ5rtrib1oPjDDlwNJqY6jZa3bGe48cYrdx
7KsDnxpWwGNoEflDecyb7lr1UTWmWuj8g1fSHVY7Wx7SHql8JaOL5pGjSzk5lhcL
2UuDA6Gpmz3zZ1atPI45oB9ce8gvw1Z+j6J1xFc4fx09IvpBgJr0Zmuoko9dsjXh
/afwxlhn/iGUcZAx9J52sGTD39o0AgrT7h6u0EjTqb5Puswhl3zLcenZkwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMal/GWLtzBEWsMLWd2uTccFLSY3MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveHFYOFpZdTNNRVJhd3d0WjNhNU54d1V0SmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEBSLQAwQA
W/exAwQAudf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEB
CwUAA4IBAQBGXUsN3Spt6T1AsDefcaqEDU/IaeR8CcOboI+dpE03AwsxEi4dn5iP
f2g/4ax7Be/i0ijEakAXYFI+1ZuqLuDId4NaOLZ1VcT/C9MxmSX4TbebkdkjSUh1
Zl4JL3nIskk8OnMO3MwnnoHA9nclMEQ6/zye9GKySfeb04m11FHmywyDQLLgTQ5I
2qAcQ7lMJXk3dRK5M63PXsM2bMMM8p1S8NzK3kv/5pxDWf2CcVr3TSjH2+usE39m
HM+MvFNMYKHJ+aOTukE+d3LFeihejn40QOBisfBJj3dHfEgP/nszVUJb+koSt0v+
/6tzUV2R5/z5Q362NuLQMET6XGymXrv9
-----END CERTIFICATE-----
Generated at Thu Jan 11 18:15:41 2024 by rpki-client on console-ams.rpki-client.org