Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/xeIIaPAUHsmx-C2grMXR44XeMFQ.roa
File: xeIIaPAUHsmx-C2grMXR44XeMFQ.roa (raw, json)
Hash identifier: eQ6WrUEyPfwmFz5cH0lAk+Q+0K8GiexdTFuOUaSCOOE=
Subject key identifier: C5:E2:08:68:F0:14:1E:C9:B1:F8:2D:A0:AC:C5:D1:E3:85:DE:30:54
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C9FC9C05AB69A7C19D9A9E7BAD49BA4
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/xeIIaPAUHsmx-C2grMXR44XeMFQ.roa
Signing time: Mon 28 Aug 2023 14:50:19 +0000
ROA not before: Mon 28 Aug 2023 14:50:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 109.166.36.0/22 maxlen: 24
151.248.68.0/23 maxlen: 24
91.232.182.0/24 maxlen: 24
91.232.184.0/24 maxlen: 24
176.118.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:9f:c9:c0:5a:b6:9a:7c:19:d9:a9:e7:ba:d4:9b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:50:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5e20868f0141ec9b1f82da0acc5d1e385de3054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a9:b8:04:88:f7:34:c3:59:0e:17:fd:47:89:
2d:41:8f:74:59:83:b2:14:e6:36:52:41:30:ac:b3:
a7:c8:3f:13:4d:88:cd:5e:6c:74:8b:2b:d3:e3:c3:
46:91:29:2f:23:9b:3b:86:3d:d2:51:ce:af:d6:93:
83:29:f5:ea:63:82:dc:92:19:76:39:cf:4c:52:03:
64:c9:16:11:c6:6d:05:5d:83:88:c1:2e:05:70:bc:
26:88:92:41:a0:3c:c5:ae:4a:b8:17:4d:a0:2d:9b:
38:1a:da:63:44:1e:54:8b:01:8a:a5:b7:4b:d4:da:
c1:d6:ef:26:25:48:00:ef:5a:08:12:f0:01:95:90:
59:7a:05:7e:ef:ce:9b:38:5d:fd:54:58:d2:48:fe:
ae:7f:89:ec:c8:8c:2b:b5:21:8e:bc:45:86:bb:c8:
a0:a4:15:aa:6c:f9:e5:84:4f:5e:f0:86:64:a0:ca:
a5:a7:9d:97:ed:9e:af:b1:fb:d9:17:65:39:0e:3e:
4b:d1:8d:ec:54:b8:f5:8b:bf:03:c9:b3:bf:9b:55:
33:09:b5:ea:6a:21:43:cb:8d:b6:3d:ca:5d:ff:59:
48:ec:49:d5:0d:28:24:d0:7e:e7:a8:ea:c7:de:e0:
e4:12:af:b0:e4:c6:d2:29:0b:5a:6c:4f:11:6b:6c:
c3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E2:08:68:F0:14:1E:C9:B1:F8:2D:A0:AC:C5:D1:E3:85:DE:30:54
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/xeIIaPAUHsmx-C2grMXR44XeMFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.182.0/24
91.232.184.0/24
109.166.36.0/22
151.248.68.0/23
176.118.80.0/21
Signature Algorithm: sha256WithRSAEncryption
87:17:c7:38:72:ea:98:6c:39:15:71:68:36:df:8b:29:39:2e:
a1:85:52:69:f5:87:99:de:1e:0b:2d:33:b7:de:73:4a:8c:2a:
fe:98:6f:92:17:60:d8:19:62:78:4d:ce:6d:04:bd:be:73:e9:
40:f1:f3:d0:19:76:5b:f8:b9:e7:89:aa:64:6e:1a:bd:2c:7d:
b6:51:41:0d:68:aa:7e:6c:09:40:30:26:61:72:d2:eb:d3:bf:
f5:43:a4:b5:d4:84:bf:c0:96:6a:7d:5a:ee:80:71:65:75:9c:
2e:fb:1d:ad:ee:a7:6e:e6:9f:9a:38:7d:6a:03:79:21:b8:87:
b0:75:2e:91:86:25:cc:d0:08:5f:9f:bd:11:86:0c:f2:29:4c:
51:c0:e9:ab:14:73:55:9c:1c:16:09:2a:81:ed:53:0a:63:aa:
92:bb:15:03:c1:03:e1:46:15:5d:ff:ff:92:54:59:5a:c0:ec:
87:68:31:e9:12:0f:c0:99:e2:db:74:38:3c:ae:ca:a2:71:41:
d7:65:50:86:eb:50:90:51:b0:14:92:74:36:2e:4d:6a:39:c3:
9a:50:e7:6d:db:26:4b:ca:d4:0d:0d:7d:b1:d1:9e:c4:e1:a7:
12:d3:30:b4:9d:ce:ad:8c:76:e4:b2:7b:c7:67:b4:3f:10:dc:
b2:86:3f:58
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYo8n8nAWraafBnZqee61JukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQ1MDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWUyMDg2OGYwMTQxZWM5YjFmODJkYTBhY2M1ZDFlMzg1ZGUzMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKm4BIj3NMNZDhf9R4ktQY90WYOy
FOY2UkEwrLOnyD8TTYjNXmx0iyvT48NGkSkvI5s7hj3SUc6v1pODKfXqY4Lckhl2
Oc9MUgNkyRYRxm0FXYOIwS4FcLwmiJJBoDzFrkq4F02gLZs4GtpjRB5UiwGKpbdL
1NrB1u8mJUgA71oIEvABlZBZegV+786bOF39VFjSSP6uf4nsyIwrtSGOvEWGu8ig
pBWqbPnlhE9e8IZkoMqlp52X7Z6vsfvZF2U5Dj5L0Y3sVLj1i78DybO/m1UzCbXq
aiFDy422Pcpd/1lI7EnVDSgk0H7nqOrH3uDkEq+w5MbSKQtabE8Ra2zD+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMXiCGjwFB7JsfgtoKzF0eOF3jBUMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEveGVJSWFQQVVIc214LUMyZ3JNWFI0NFhlTUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW+i2AwQA
W+i4AwQCbaYkAwQBl/hEAwQDsHZQMA0GCSqGSIb3DQEBCwUAA4IBAQCHF8c4cuqY
bDkVcWg234spOS6hhVJp9YeZ3h4LLTO33nNKjCr+mG+SF2DYGWJ4Tc5tBL2+c+lA
8fPQGXZb+Lnniapkbhq9LH22UUENaKp+bAlAMCZhctLr07/1Q6S11IS/wJZqfVru
gHFldZwu+x2t7qdu5p+aOH1qA3khuIewdS6RhiXM0Ahfn70RhgzyKUxRwOmrFHNV
nBwWCSqB7VMKY6qSuxUDwQPhRhVd//+SVFlawOyHaDHpEg/AmeLbdDg8rsqicUHX
ZVCG61CQUbAUknQ2Lk1qOcOaUOdt2yZLytQNDX2x0Z7E4acS0zC0nc6tjHbksnvH
Z7Q/ENyyhj9Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org