Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/XwoBv0lmNA5ik7tU9jIoeWQ9_2M.roa
File: XwoBv0lmNA5ik7tU9jIoeWQ9_2M.roa (raw, json)
Hash identifier: MqtQT7Erw+gRCGDJcdVQy5W4sgkuujmfrgd1TcEd+b0=
Subject key identifier: 5F:0A:01:BF:49:66:34:0E:62:93:BB:54:F6:32:28:79:64:3D:FF:63
Certificate issuer: /CN=0407d6c248444f6b5c378db0ffec0f899256eba3
Certificate serial: 0189A7D1B862A8D750E214EE39A8DE9BB094
Authority key identifier: 04:07:D6:C2:48:44:4F:6B:5C:37:8D:B0:FF:EC:0F:89:92:56:EB:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BAfWwkhET2tcN42w_-wPiZJW66M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/XwoBv0lmNA5ik7tU9jIoeWQ9_2M.roa
Signing time: Sun 30 Jul 2023 17:21:26 +0000
ROA not before: Sun 30 Jul 2023 17:21:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199088
IP address blocks: 94.231.36.0/23 maxlen: 23
91.197.5.0/24 maxlen: 24
91.197.6.0/24 maxlen: 24
2a13:45c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a7:d1:b8:62:a8:d7:50:e2:14:ee:39:a8:de:9b:b0:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0407d6c248444f6b5c378db0ffec0f899256eba3
Validity
Not Before: Jul 30 17:21:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f0a01bf4966340e6293bb54f6322879643dff63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3f:ac:70:0b:ac:d1:72:02:d1:75:a6:1d:6f:
0b:c4:9b:0f:95:d1:42:65:d9:3f:9b:b4:6a:83:bf:
5e:82:f5:97:6e:86:2a:f3:02:e1:31:62:eb:f6:9e:
ad:77:69:5e:48:3e:16:f3:3e:f7:0c:b9:b1:80:9b:
81:9e:2b:f6:f4:40:f8:8c:37:b4:f6:a9:1a:16:37:
f4:47:c1:7f:48:f1:3b:6a:19:f0:a9:73:13:2c:fb:
f3:d5:b6:43:3a:96:12:c1:b1:81:d7:9e:e9:31:03:
96:79:0a:f7:39:02:75:24:e5:44:c6:c0:c6:0d:bf:
ee:b7:60:39:1b:c8:16:6a:15:85:0b:47:f0:51:37:
15:d4:36:ae:73:7f:c0:6c:6e:0e:2b:b5:3e:06:c8:
23:eb:30:b4:7d:01:36:74:ec:4e:d6:bc:7b:9d:b1:
51:36:fe:0f:a4:95:f7:d6:f2:2d:4e:98:9d:54:7e:
b4:17:67:d3:e0:d1:91:33:de:48:96:f0:02:74:70:
68:4c:70:1b:3f:d1:0c:b2:1c:ba:03:52:2f:04:e0:
be:dc:d0:f0:b4:39:40:25:c4:84:c2:32:54:b0:2e:
f5:ab:6e:ec:d7:ed:4d:f3:a5:e2:cd:fb:fb:08:1c:
ac:eb:72:96:ce:f1:cf:ee:33:78:92:de:db:94:20:
3a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0A:01:BF:49:66:34:0E:62:93:BB:54:F6:32:28:79:64:3D:FF:63
X509v3 Authority Key Identifier:
keyid:04:07:D6:C2:48:44:4F:6B:5C:37:8D:B0:FF:EC:0F:89:92:56:EB:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BAfWwkhET2tcN42w_-wPiZJW66M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/XwoBv0lmNA5ik7tU9jIoeWQ9_2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/BAfWwkhET2tcN42w_-wPiZJW66M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.5.0-91.197.6.255
94.231.36.0/23
IPv6:
2a13:45c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:30:d2:54:4c:68:5e:eb:ec:81:6b:3b:af:d3:8a:d9:02:27:
59:0d:e6:f6:ad:25:8d:f2:09:22:9e:24:08:f4:ca:3d:93:12:
82:e2:69:3c:e7:20:4b:1a:6d:b1:c9:20:45:16:ec:10:ac:02:
85:0d:cc:77:b1:e7:8a:10:aa:8e:4f:6e:1f:a3:4a:82:4e:64:
63:42:99:5b:9a:bc:2c:72:2b:a9:26:25:13:b2:66:c2:aa:8a:
5c:23:75:34:94:60:02:20:39:58:64:73:a7:b2:60:4c:38:f3:
d8:58:7a:cb:96:3e:23:15:0d:29:e5:ea:d2:32:83:0c:4a:53:
68:7d:30:82:a9:b6:7e:15:21:02:68:ca:90:f9:b4:cb:5c:78:
39:86:7e:cd:18:77:81:cb:77:b4:a0:81:20:41:e6:3c:e2:d5:
66:de:4b:cf:6e:19:8a:54:42:56:07:da:ce:86:bf:ab:38:7c:
8e:71:e0:ef:6c:40:50:7e:0f:05:0b:99:6a:92:d8:81:3a:79:
8d:19:9b:2b:47:66:1b:92:ec:3b:c0:32:45:66:cb:37:cb:9f:
f8:94:e3:50:41:8a:da:e7:a2:f6:68:bd:8c:91:67:de:0f:d4:
a5:32:4c:21:69:67:a9:82:34:15:df:bd:39:37:b2:91:69:60:
42:93:bd:53
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYmn0bhiqNdQ4hTuOajem7CUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MDdkNmMyNDg0NDRmNmI1YzM3OGRiMGZmZWMwZjg5OTI1
NmViYTMwHhcNMjMwNzMwMTcyMTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjBhMDFiZjQ5NjYzNDBlNjI5M2JiNTRmNjMyMjg3OTY0M2RmZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgz+scAus0XIC0XWmHW8LxJsPldFC
Zdk/m7Rqg79egvWXboYq8wLhMWLr9p6td2leSD4W8z73DLmxgJuBniv29ED4jDe0
9qkaFjf0R8F/SPE7ahnwqXMTLPvz1bZDOpYSwbGB157pMQOWeQr3OQJ1JOVExsDG
Db/ut2A5G8gWahWFC0fwUTcV1Dauc3/AbG4OK7U+Bsgj6zC0fQE2dOxO1rx7nbFR
Nv4PpJX31vItTpidVH60F2fT4NGRM95IlvACdHBoTHAbP9EMshy6A1IvBOC+3NDw
tDlAJcSEwjJUsC71q27s1+1N86Xizfv7CBys63KWzvHP7jN4kt7blCA6lQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFF8KAb9JZjQOYpO7VPYyKHlkPf9jMB8GA1UdIwQY
MBaAFAQH1sJIRE9rXDeNsP/sD4mSVuujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkFmV3draEVUMnRjTjQyd18td1BpWkpXNjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZjllMWYtMDk3MS00NDQ2LWE2MTEt
ZmFkMTliZGM3OTJiLzEvWHdvQnYwbG1OQTVpazd0VTlqSW9lV1E5XzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZjllMWYtMDk3MS00NDQ2LWE2MTEtZmFkMTliZGM3OTJi
LzEvQkFmV3draEVUMnRjTjQyd18td1BpWkpXNjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABbxQUD
BABbxQYDBAFe5yQwDQQCAAIwBwMFAyoTRcAwDQYJKoZIhvcNAQELBQADggEBAJMw
0lRMaF7r7IFrO6/TitkCJ1kN5vatJY3yCSKeJAj0yj2TEoLiaTznIEsabbHJIEUW
7BCsAoUNzHex54oQqo5Pbh+jSoJOZGNCmVuavCxyK6kmJROyZsKqilwjdTSUYAIg
OVhkc6eyYEw489hYesuWPiMVDSnl6tIygwxKU2h9MIKptn4VIQJoypD5tMtceDmG
fs0Yd4HLd7SggSBB5jzi1WbeS89uGYpUQlYH2s6Gv6s4fI5x4O9sQFB+DwULmWqS
2IE6eY0ZmytHZhuS7DvAMkVmyzfLn/iU41BBitrnovZovYyRZ94P1KUyTCFpZ6mC
NBXfvTk3spFpYEKTvVM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:21 2024 by rpki-client on console-ams.rpki-client.org