Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/XWNuiAfB84O5WaSS4waucWkO2Bc.roa
File: XWNuiAfB84O5WaSS4waucWkO2Bc.roa (raw, json)
Hash identifier: fkwBne1J2whvPyLsrzryZQEv0QAFJi1GvBVMJyBNrFs=
Subject key identifier: 5D:63:6E:88:07:C1:F3:83:B9:59:A4:92:E3:06:AE:71:69:0E:D8:17
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018C2028E8265F15F76FAE6161CA213C8BD5
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/XWNuiAfB84O5WaSS4waucWkO2Bc.roa
Signing time: Thu 30 Nov 2023 12:16:40 +0000
ROA not before: Thu 30 Nov 2023 12:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202636
IP address blocks: 185.243.152.0/22 maxlen: 22
91.246.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:28:e8:26:5f:15:f7:6f:ae:61:61:ca:21:3c:8b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Nov 30 12:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d636e8807c1f383b959a492e306ae71690ed817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:de:2e:3c:70:e7:45:10:f7:b4:43:b3:eb:be:
62:55:b6:3b:76:bc:20:53:a6:a6:47:8f:eb:4f:74:
1b:53:1b:d4:7d:f9:a2:9d:84:65:c6:e3:e3:e0:1c:
69:c3:49:b5:b1:39:58:f4:1a:c1:16:1c:d4:f7:ec:
2d:df:d1:38:ac:d3:a9:ee:f9:9b:c2:0d:09:b9:86:
a1:59:83:29:bc:a7:3f:a1:34:4b:1f:b3:2b:ae:ad:
38:eb:1f:07:5d:2f:e3:b7:69:25:88:01:40:7a:bb:
e2:8f:1a:16:5c:13:92:02:5a:3d:7a:5a:de:50:79:
d6:2c:14:fb:41:5e:b1:06:ff:fe:4a:f0:ce:b7:cb:
a4:04:8d:63:65:20:c2:22:d0:52:21:d0:63:ec:0a:
25:12:04:a8:8a:57:c4:cb:34:8e:1d:92:20:ac:32:
07:6f:ff:64:3f:81:21:5a:54:94:20:2a:1a:73:d8:
e7:c1:5d:e4:df:8e:fc:63:15:81:77:88:8e:9c:24:
ab:bb:c3:80:b6:77:f0:a2:22:c7:ba:e1:13:de:07:
d1:ec:50:dd:52:c4:e9:f1:f1:c2:de:13:18:73:b4:
4d:c5:ab:bd:1a:04:6e:2f:f7:c4:24:ac:37:ad:d8:
29:3d:01:c2:6c:50:b4:96:0e:98:84:6d:3c:d6:27:
d7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:63:6E:88:07:C1:F3:83:B9:59:A4:92:E3:06:AE:71:69:0E:D8:17
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/XWNuiAfB84O5WaSS4waucWkO2Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.52.0/24
185.243.152.0/22
Signature Algorithm: sha256WithRSAEncryption
43:79:29:58:3d:a5:5d:33:ba:8f:9e:4a:a3:b3:36:ce:6f:16:
3a:f7:99:2b:46:39:c8:f9:9e:34:f9:0a:1f:0c:20:90:51:99:
fb:7a:f8:49:7a:3d:a5:2b:4f:a8:8c:d3:00:d7:c1:ba:eb:13:
96:4a:84:75:d4:f4:ce:ff:4f:fb:9e:94:bd:fd:3e:e2:dc:24:
34:2e:e5:70:bc:76:d0:c6:7d:a4:ae:37:68:02:5a:e4:dc:18:
64:f1:10:ae:87:ce:09:9c:ba:f1:98:ea:6a:be:eb:33:0c:53:
91:36:1b:8a:88:f5:f5:eb:b5:fc:b4:cd:77:97:c5:c1:95:3a:
8c:61:85:ab:0e:a6:fd:31:84:37:1a:df:82:d7:70:55:dd:80:
f1:05:3a:48:25:81:bb:37:cd:1e:61:5b:a3:b6:74:4e:8c:c3:
98:ad:24:c5:75:f2:df:36:51:31:9d:14:ec:ec:8b:09:da:88:
02:fb:ac:67:20:70:27:e5:61:27:82:55:c6:e4:20:2d:0a:56:
1e:56:24:b9:4b:03:25:11:22:e0:85:96:13:eb:4d:a5:69:fc:
39:74:bc:ca:e4:a1:d0:0b:1e:92:d6:64:61:1b:da:5b:f9:8f:
29:91:28:95:a0:69:ed:3d:14:4e:27:34:1e:12:ec:6c:28:1a:
21:82:e0:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwgKOgmXxX3b65hYcohPIvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMxMTMwMTIxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYzNmU4ODA3YzFmMzgzYjk1OWE0OTJlMzA2YWU3MTY5MGVkODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq94uPHDnRRD3tEOz675iVbY7drwg
U6amR4/rT3QbUxvUffminYRlxuPj4Bxpw0m1sTlY9BrBFhzU9+wt39E4rNOp7vmb
wg0JuYahWYMpvKc/oTRLH7Mrrq046x8HXS/jt2kliAFAervijxoWXBOSAlo9elre
UHnWLBT7QV6xBv/+SvDOt8ukBI1jZSDCItBSIdBj7AolEgSoilfEyzSOHZIgrDIH
b/9kP4EhWlSUICoac9jnwV3k3478YxWBd4iOnCSru8OAtnfwoiLHuuET3gfR7FDd
UsTp8fHC3hMYc7RNxau9GgRuL/fEJKw3rdgpPQHCbFC0lg6YhG081ifXswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1jbogHwfODuVmkkuMGrnFpDtgXMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvWFdOdWlBZkI4NE81V2FTUzR3YXVjV2tPMkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/Y0AwQC
ufOYMA0GCSqGSIb3DQEBCwUAA4IBAQBDeSlYPaVdM7qPnkqjszbObxY695krRjnI
+Z40+QofDCCQUZn7evhJej2lK0+ojNMA18G66xOWSoR11PTO/0/7npS9/T7i3CQ0
LuVwvHbQxn2krjdoAlrk3Bhk8RCuh84JnLrxmOpqvuszDFORNhuKiPX167X8tM13
l8XBlTqMYYWrDqb9MYQ3Gt+C13BV3YDxBTpIJYG7N80eYVujtnROjMOYrSTFdfLf
NlExnRTs7IsJ2ogC+6xnIHAn5WEnglXG5CAtClYeViS5SwMlESLghZYT602lafw5
dLzK5KHQCx6S1mRhG9pb+Y8pkSiVoGntPRROJzQeEuxsKBohguDG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org