Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/XJVp6gnG9eik3E9FRoR-hr05s-0.roa
File: XJVp6gnG9eik3E9FRoR-hr05s-0.roa (raw, json)
Hash identifier: 07c0fXxiudoX+GxCsIPL8ajBj5sihYyIz3sGnHxOahQ=
Subject key identifier: 5C:95:69:EA:09:C6:F5:E8:A4:DC:4F:45:46:84:7E:86:BD:39:B3:ED
Certificate issuer: /CN=19622650048107918adf1b22cdf087c8a834f79c
Certificate serial: 01884342B35130999F1CC73B1565BAC110F5
Authority key identifier: 19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/XJVp6gnG9eik3E9FRoR-hr05s-0.roa
Signing time: Mon 22 May 2023 11:40:24 +0000
ROA not before: Mon 22 May 2023 11:40:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206170
IP address blocks: 86.106.25.0/24 maxlen: 24
86.107.103.0/24 maxlen: 24
109.205.246.0/24 maxlen: 24
188.66.62.0/24 maxlen: 24
188.66.63.0/24 maxlen: 24
188.66.60.0/24 maxlen: 24
185.189.48.0/22 maxlen: 22
188.66.61.0/24 maxlen: 24
195.85.54.0/24 maxlen: 24
2a0b:dc80::/29 maxlen: 29
2001:67c:750::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:42:b3:51:30:99:9f:1c:c7:3b:15:65:ba:c1:10:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19622650048107918adf1b22cdf087c8a834f79c
Validity
Not Before: May 22 11:40:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c9569ea09c6f5e8a4dc4f4546847e86bd39b3ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:01:e1:73:02:70:18:9a:c8:2d:71:3e:c8:
2e:58:8c:92:4c:95:79:bd:c7:d9:d2:a9:a7:0b:67:
d7:2c:92:e5:be:5e:8f:b6:b5:e5:17:0b:0e:aa:25:
46:ae:01:3f:05:cd:93:b0:57:82:b2:4e:d5:c3:cd:
57:88:1e:7f:7b:2e:66:f2:2b:c2:43:56:40:66:2c:
70:ed:1c:9a:bd:38:e5:63:16:d2:f9:90:35:65:93:
db:ac:94:5f:77:0e:cd:5e:0f:dc:ad:48:44:82:56:
7c:bd:6f:ff:ee:75:dd:12:11:e2:c4:0b:77:0b:b7:
3e:e8:e3:6d:f1:cb:bc:0c:55:4a:1e:0a:00:a8:f5:
15:39:4d:c6:0c:36:ba:c0:7c:fd:dc:c5:1e:0f:6d:
9d:da:0b:05:97:87:cf:08:40:ad:e0:24:f7:f7:f1:
89:cb:b2:88:28:68:b3:5f:a0:9d:b2:87:7d:80:fc:
bd:69:7a:f8:eb:35:66:a7:57:68:c6:e0:e4:fb:83:
45:36:1c:22:aa:04:54:a5:63:90:90:b1:b9:f5:c1:
e6:b4:75:57:3c:fe:69:e9:fa:75:de:56:c5:08:1a:
02:75:0f:80:75:83:32:64:24:37:3f:28:2d:0a:4e:
e9:9e:bc:d0:9a:4a:62:e4:2b:d7:7e:05:ba:09:97:
29:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:95:69:EA:09:C6:F5:E8:A4:DC:4F:45:46:84:7E:86:BD:39:B3:ED
X509v3 Authority Key Identifier:
keyid:19:62:26:50:04:81:07:91:8A:DF:1B:22:CD:F0:87:C8:A8:34:F7:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWImUASBB5GK3xsizfCHyKg095w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/XJVp6gnG9eik3E9FRoR-hr05s-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c502c1-f314-40b1-a024-8d10fee584fe/1/GWImUASBB5GK3xsizfCHyKg095w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.25.0/24
86.107.103.0/24
109.205.246.0/24
185.189.48.0/22
188.66.60.0/22
195.85.54.0/24
IPv6:
2001:67c:750::/48
2a0b:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
72:65:cd:98:a6:70:a5:4f:6e:09:f4:77:3c:ca:bf:b0:22:74:
da:9a:8e:9a:06:89:a7:9f:be:37:8f:6b:cd:7a:b0:97:f8:24:
a8:41:fd:9e:34:51:f8:af:b3:14:e7:ba:7e:e2:7a:0e:13:cc:
3f:65:4c:38:9b:58:9e:aa:4a:81:38:32:5f:8f:11:ad:77:19:
10:dc:93:2e:e3:6d:14:34:48:da:8e:be:10:ac:c4:30:29:1d:
e5:86:0a:a5:ad:d9:9b:d7:35:38:a7:3e:c0:d3:8a:6e:52:af:
8b:ef:aa:22:b1:19:53:12:ca:45:e3:86:8d:47:1e:a1:77:e5:
91:80:73:2d:79:39:90:07:9a:a3:37:ed:58:af:cb:30:7e:8c:
fc:88:28:a8:6b:eb:2a:3f:fd:50:a1:f0:ab:63:af:9a:c5:af:
b5:b7:54:84:b5:49:59:aa:08:06:b8:25:60:4b:89:19:1a:f2:
a2:c5:f4:cc:05:c4:2a:aa:1b:03:ce:8f:7d:32:72:da:34:6a:
73:65:d7:15:a6:59:d6:72:c1:ca:67:55:88:bd:13:31:bf:11:
75:01:ba:e7:eb:b0:c7:ec:3a:fc:2e:f2:a7:47:79:55:52:f1:
6e:2a:65:f6:91:fb:9a:d2:96:16:10:5d:52:bb:de:ad:1b:e2:
d1:4d:cc:f8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYhDQrNRMJmfHMc7FWW6wRD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjIyNjUwMDQ4MTA3OTE4YWRmMWIyMmNkZjA4N2M4YTgz
NGY3OWMwHhcNMjMwNTIyMTE0MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk1NjllYTA5YzZmNWU4YTRkYzRmNDU0Njg0N2U4NmJkMzliM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0YB4XMCcBiayC1xPsguWIySTJV5
vcfZ0qmnC2fXLJLlvl6PtrXlFwsOqiVGrgE/Bc2TsFeCsk7Vw81XiB5/ey5m8ivC
Q1ZAZixw7RyavTjlYxbS+ZA1ZZPbrJRfdw7NXg/crUhEglZ8vW//7nXdEhHixAt3
C7c+6ONt8cu8DFVKHgoAqPUVOU3GDDa6wHz93MUeD22d2gsFl4fPCECt4CT39/GJ
y7KIKGizX6Cdsod9gPy9aXr46zVmp1doxuDk+4NFNhwiqgRUpWOQkLG59cHmtHVX
PP5p6fp13lbFCBoCdQ+AdYMyZCQ3PygtCk7pnrzQmkpi5CvXfgW6CZcpewIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFyVaeoJxvXopNxPRUaEfoa9ObPtMB8GA1UdIwQY
MBaAFBliJlAEgQeRit8bIs3wh8ioNPecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQt
OGQxMGZlZTU4NGZlLzEvWEpWcDZnbkc5ZWlrM0U5RlJvUi1ocjA1cy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jNTAyYzEtZjMxNC00MGIxLWEwMjQtOGQxMGZlZTU4NGZl
LzEvR1dJbVVBU0JCNUdLM3hzaXpmQ0h5S2cwOTV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQAVmoZAwQA
VmtnAwQAbc32AwQCub0wAwQCvEI8AwQAw1U2MBYEAgACMBADBwAgAQZ8B1ADBQMq
C9yAMA0GCSqGSIb3DQEBCwUAA4IBAQByZc2YpnClT24J9Hc8yr+wInTamo6aBomn
n743j2vNerCX+CSoQf2eNFH4r7MU57p+4noOE8w/ZUw4m1ieqkqBODJfjxGtdxkQ
3JMu420UNEjajr4QrMQwKR3lhgqlrdmb1zU4pz7A04puUq+L76oisRlTEspF44aN
Rx6hd+WRgHMteTmQB5qjN+1Yr8swfoz8iCioa+sqP/1QofCrY6+axa+1t1SEtUlZ
qggGuCVgS4kZGvKixfTMBcQqqhsDzo99MnLaNGpzZdcVplnWcsHKZ1WIvRMxvxF1
Abrn67DH7Dr8LvKnR3lVUvFuKmX2kfua0pYWEF1Su96tG+LRTcz4
-----END CERTIFICATE-----
Generated at Thu Nov 2 09:56:00 2023 by rpki-client on console-fra.rpki-client.org