Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XVKnihygNA2SrmFpUV5QpITewXc.roa
File: XVKnihygNA2SrmFpUV5QpITewXc.roa (raw, json)
Hash identifier: JVaiv4vSYHV8kjLBbQXdPNrVSL1iJrpgqi7rYGwoHUM=
Subject key identifier: 5D:52:A7:8A:1C:A0:34:0D:92:AE:61:69:51:5E:50:A4:84:DE:C1:77
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BE800FFD210E453A620E127D2C57F2904
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XVKnihygNA2SrmFpUV5QpITewXc.roa
Signing time: Sun 19 Nov 2023 14:34:21 +0000
ROA not before: Sun 19 Nov 2023 14:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
89.213.178.0/24 maxlen: 24
89.213.180.0/22 maxlen: 24
89.213.182.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Nov 2023 16:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e8:00:ff:d2:10:e4:53:a6:20:e1:27:d2:c5:7f:29:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 19 14:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d52a78a1ca0340d92ae6169515e50a484dec177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:76:e4:a2:8e:bc:53:34:4e:f6:86:a1:de:
31:da:3e:85:09:b0:6a:e0:f1:17:dd:c8:36:c6:ed:
99:1e:f0:4f:46:7a:0e:1a:e2:31:30:61:11:e2:a6:
97:84:6d:bd:c3:3b:6c:fd:04:58:6e:59:a7:84:ea:
6f:b0:55:21:09:30:0f:75:e4:1d:f2:a7:b3:2b:10:
68:82:98:a7:cb:ab:f8:f3:48:69:4b:af:7e:90:25:
81:99:4b:ea:c6:f8:38:77:f1:b1:f8:4b:13:90:50:
b0:c5:a9:19:13:11:12:34:86:7e:18:67:1f:3d:e5:
56:52:3b:7a:7d:56:75:e8:44:1a:a2:02:ce:6b:56:
f4:fc:86:4b:e0:47:2c:3c:6b:8d:46:3a:24:96:98:
fc:d1:30:1b:05:b9:0a:f8:91:89:07:10:91:9b:c9:
de:32:57:7a:70:78:e0:f7:df:cc:86:3f:07:f6:73:
b3:e1:0b:2c:6e:cc:cc:4e:52:41:5b:3e:96:ce:b7:
3e:b6:b5:34:9d:3f:94:d2:f3:26:5f:28:67:2e:c6:
62:47:2d:af:0e:b8:83:87:9d:a4:ee:31:4e:c9:0f:
f0:a1:50:99:3f:1c:1a:a9:08:95:00:42:87:53:42:
ac:55:75:f2:68:0c:da:30:fc:ba:9e:58:66:32:0e:
63:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:52:A7:8A:1C:A0:34:0D:92:AE:61:69:51:5E:50:A4:84:DE:C1:77
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XVKnihygNA2SrmFpUV5QpITewXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.153.1.0/24
82.153.136.0/22
82.153.227.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.178.0/24
89.213.180.0/22
109.176.248.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
43:3a:14:f9:35:ca:a2:60:71:a4:51:d1:2b:ab:6e:02:59:77:
4b:ee:3b:92:7b:2a:3d:93:78:98:c3:8a:33:ef:34:65:51:87:
75:0b:68:ac:e9:9c:64:df:47:1c:8a:cb:5f:34:e8:c6:3c:65:
f5:e6:4b:f5:a4:58:5a:cd:8c:9e:ce:24:cf:87:45:c0:64:94:
88:c0:71:ec:40:e0:53:06:fa:03:97:78:2e:1f:83:31:3a:68:
35:d1:14:9c:13:a5:2e:28:3b:a8:32:81:8d:87:da:76:98:6b:
5d:9f:c7:8f:c1:78:11:8d:cd:fb:f1:53:26:ca:3d:85:c4:2e:
80:cd:37:5c:ea:92:c2:0b:87:4d:46:b0:20:85:1d:35:55:75:
17:31:83:b6:1f:e4:47:04:85:f2:3f:5a:77:d4:d6:87:65:06:
df:b5:64:08:cb:b4:f1:d9:0b:62:e8:7c:12:47:61:15:5a:1a:
bb:1a:6c:b2:6f:bf:23:8b:1e:74:8d:a8:5d:ca:dc:f0:13:8b:
f4:fa:05:de:53:6e:4f:32:3f:5a:38:93:c8:73:1c:52:b4:0d:
6a:d5:b0:b8:41:b2:3a:69:95:48:ef:2a:ee:14:6e:4b:31:72:
54:e6:dc:bd:ef:a9:fc:92:c6:24:f9:87:36:67:1a:6c:b8:95:
05:55:35:4e
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYvoAP/SEORTpiDhJ9LFfykEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTE5MTQzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUyYTc4YTFjYTAzNDBkOTJhZTYxNjk1MTVlNTBhNDg0ZGVjMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWB25KKOvFM0TvaGod4x2j6FCbBq
4PEX3cg2xu2ZHvBPRnoOGuIxMGER4qaXhG29wzts/QRYblmnhOpvsFUhCTAPdeQd
8qezKxBogpiny6v480hpS69+kCWBmUvqxvg4d/Gx+EsTkFCwxakZExESNIZ+GGcf
PeVWUjt6fVZ16EQaogLOa1b0/IZL4EcsPGuNRjoklpj80TAbBbkK+JGJBxCRm8ne
Mld6cHjg99/Mhj8H9nOz4QssbszMTlJBWz6Wzrc+trU0nT+U0vMmXyhnLsZiRy2v
DriDh52k7jFOyQ/woVCZPxwaqQiVAEKHU0KsVXXyaAzaMPy6nlhmMg5jVQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFF1Sp4ocoDQNkq5haVFeUKSE3sF3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWFZLbmloeWdOQTJTcm1GcFVWNVFwSVRld1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAUah3AwQA
Uah7AwQAUpkBAwQCUpmIAwQAUpnjMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bID
BAJZ1bQDBABtsPgDBAG5MX4DBADVmCowDQYJKoZIhvcNAQELBQADggEBAEM6FPk1
yqJgcaRR0SurbgJZd0vuO5J7Kj2TeJjDijPvNGVRh3ULaKzpnGTfRxyKy1806MY8
ZfXmS/WkWFrNjJ7OJM+HRcBklIjAcexA4FMG+gOXeC4fgzE6aDXRFJwTpS4oO6gy
gY2H2naYa12fx4/BeBGNzfvxUybKPYXELoDNN1zqksILh01GsCCFHTVVdRcxg7Yf
5EcEhfI/WnfU1odlBt+1ZAjLtPHZC2LofBJHYRVaGrsabLJvvyOLHnSNqF3K3PAT
i/T6Bd5Tbk8yP1o4k8hzHFK0DWrVsLhBsjpplUjvKu4UbksxclTm3L3vqfySxiT5
hzZnGmy4lQVVNU4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:16 2024 by rpki-client on console-fra.rpki-client.org