Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/X42ujMAcxBlWUnN2nrKbwC7FvP0.roa
File: X42ujMAcxBlWUnN2nrKbwC7FvP0.roa (raw, json)
Hash identifier: foUlMqx7erVR8VjvTM1n71yUwlQNSQSk7f8TsNiq6Cg=
Subject key identifier: 5F:8D:AE:8C:C0:1C:C4:19:56:52:73:76:9E:B2:9B:C0:2E:C5:BC:FD
Certificate issuer: /CN=5d16dccfb2e2c88cf09f487c421fc8af7bbd3574
Certificate serial: 01856C65E896B062A087C802175EBFE8C61F
Authority key identifier: 5D:16:DC:CF:B2:E2:C8:8C:F0:9F:48:7C:42:1F:C8:AF:7B:BD:35:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/X42ujMAcxBlWUnN2nrKbwC7FvP0.roa
Signing time: Sun 01 Jan 2023 08:14:56 +0000
ROA not before: Sun 01 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200931
IP address blocks: 185.91.4.0/24 maxlen: 24
185.91.4.0/22 maxlen: 22
185.91.5.0/24 maxlen: 24
185.91.6.0/24 maxlen: 24
2a03:8860::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e8:96:b0:62:a0:87:c8:02:17:5e:bf:e8:c6:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d16dccfb2e2c88cf09f487c421fc8af7bbd3574
Validity
Not Before: Jan 1 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f8dae8cc01cc419565273769eb29bc02ec5bcfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:79:5c:48:c7:46:63:40:08:5a:bb:4b:47:67:
d5:dd:c5:b7:28:8f:fc:ab:fb:b5:78:f4:d9:59:0d:
de:0d:60:08:aa:62:2a:33:ee:51:76:2d:1d:89:1d:
73:b8:44:0c:27:2d:ab:fe:97:0d:cb:e0:83:1d:18:
36:96:bf:fb:d8:9e:04:9d:6f:4e:0c:9b:5c:34:cf:
5a:dd:ba:9a:d1:81:e8:6d:5e:60:09:b5:ab:e7:f3:
85:4e:71:c0:23:48:b3:16:32:40:fd:05:83:68:bd:
ff:e6:d4:ac:c8:3c:ae:22:96:c7:8f:a7:ee:48:f4:
0e:56:58:f4:06:5e:74:66:ac:15:da:f4:65:ee:15:
30:94:c5:05:bb:ef:bc:ae:0f:84:04:e0:02:ca:a8:
63:da:42:4f:1d:21:3d:ee:32:21:68:c7:f7:b5:88:
7f:d6:41:11:38:70:b2:33:35:6c:90:0f:10:6a:63:
37:19:19:2a:8f:d3:e6:4a:55:42:1e:4e:8f:aa:c8:
44:23:5e:44:11:1f:ed:63:34:73:9d:51:b1:1c:09:
73:9c:6d:9d:9f:3e:6e:63:e0:e9:60:fa:00:d1:f5:
c4:16:89:6a:8d:a5:89:a3:ac:c7:61:55:14:0f:29:
93:bd:e2:69:ce:47:99:a7:df:e7:0d:9e:7d:f8:9a:
c6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8D:AE:8C:C0:1C:C4:19:56:52:73:76:9E:B2:9B:C0:2E:C5:BC:FD
X509v3 Authority Key Identifier:
keyid:5D:16:DC:CF:B2:E2:C8:8C:F0:9F:48:7C:42:1F:C8:AF:7B:BD:35:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/X42ujMAcxBlWUnN2nrKbwC7FvP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.4.0/22
IPv6:
2a03:8860::/32
Signature Algorithm: sha256WithRSAEncryption
0a:be:84:9f:10:9c:27:6b:c7:0c:97:b9:dd:ce:ac:86:8a:d7:
ca:4e:e2:6c:9a:8d:60:de:0f:ac:95:1a:05:95:cc:99:8e:bd:
71:e4:66:5b:47:08:c2:5d:38:d4:ea:5b:3b:32:05:81:11:42:
34:37:f2:57:79:75:c6:1c:d9:ea:eb:5d:62:65:68:57:f8:a9:
8c:58:8a:d2:56:bb:99:4b:23:57:8f:db:b9:39:03:ca:30:64:
57:33:63:c0:c8:2c:a2:89:1a:bc:a7:d4:4a:d3:7a:d5:cc:01:
b7:0d:0a:73:33:a6:b0:7c:f5:49:a8:50:6c:9c:5f:71:fb:a2:
b7:ec:e2:19:86:94:40:e2:a6:31:13:02:62:26:b9:bc:67:79:
fc:ed:7e:cc:16:d1:01:74:84:a5:82:b8:35:d7:eb:03:5d:3a:
f1:4d:b4:9e:f5:c5:ea:ac:81:6b:80:4d:af:e8:1c:1a:95:91:
66:47:6f:24:c9:01:47:cb:86:5c:a7:14:12:71:d8:99:c6:a6:
b3:2e:91:f1:4e:f7:1e:1f:ed:d6:39:e2:05:e7:fd:38:68:25:
fd:98:99:37:fc:a4:d7:3a:14:27:67:3a:26:97:14:fd:21:f6:
46:d9:06:07:f7:81:5a:c1:0e:49:8a:b8:08:a6:66:57:c4:d9:
ac:ed:cd:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsZeiWsGKgh8gCF16/6MYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTZkY2NmYjJlMmM4OGNmMDlmNDg3YzQyMWZjOGFmN2Ji
ZDM1NzQwHhcNMjMwMTAxMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhkYWU4Y2MwMWNjNDE5NTY1MjczNzY5ZWIyOWJjMDJlYzViY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3lcSMdGY0AIWrtLR2fV3cW3KI/8
q/u1ePTZWQ3eDWAIqmIqM+5Rdi0diR1zuEQMJy2r/pcNy+CDHRg2lr/72J4EnW9O
DJtcNM9a3bqa0YHobV5gCbWr5/OFTnHAI0izFjJA/QWDaL3/5tSsyDyuIpbHj6fu
SPQOVlj0Bl50ZqwV2vRl7hUwlMUFu++8rg+EBOACyqhj2kJPHSE97jIhaMf3tYh/
1kEROHCyMzVskA8QamM3GRkqj9PmSlVCHk6PqshEI15EER/tYzRznVGxHAlznG2d
nz5uY+DpYPoA0fXEFolqjaWJo6zHYVUUDymTveJpzkeZp9/nDZ59+JrGlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF+NrozAHMQZVlJzdp6ym8Auxbz9MB8GA1UdIwQY
MBaAFF0W3M+y4siM8J9IfEIfyK97vTV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJiY3o3TGl5SXp3bjBoOFFoX0lyM3U5TlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hZDAyNDEtMWFlMy00ZDViLWIwZDEt
ODVjNWQ1MzAyZDg4LzEvWDQydWpNQWN4QmxXVW5OMm5yS2J3QzdGdlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hZDAyNDEtMWFlMy00ZDViLWIwZDEtODVjNWQ1MzAyZDg4
LzEvWFJiY3o3TGl5SXp3bjBoOFFoX0lyM3U5TlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVsEMA0E
AgACMAcDBQAqA4hgMA0GCSqGSIb3DQEBCwUAA4IBAQAKvoSfEJwna8cMl7ndzqyG
itfKTuJsmo1g3g+slRoFlcyZjr1x5GZbRwjCXTjU6ls7MgWBEUI0N/JXeXXGHNnq
611iZWhX+KmMWIrSVruZSyNXj9u5OQPKMGRXM2PAyCyiiRq8p9RK03rVzAG3DQpz
M6awfPVJqFBsnF9x+6K37OIZhpRA4qYxEwJiJrm8Z3n87X7MFtEBdISlgrg11+sD
XTrxTbSe9cXqrIFrgE2v6BwalZFmR28kyQFHy4ZcpxQScdiZxqazLpHxTvceH+3W
OeIF5/04aCX9mJk3/KTXOhQnZzomlxT9IfZG2QYH94FawQ5JirgIpmZXxNms7c1n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:31 2024 by rpki-client on console-ams.rpki-client.org