Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/xLH4_iQBSqEroAOhyvv0AUkS6zY.roa
File: xLH4_iQBSqEroAOhyvv0AUkS6zY.roa (raw, json)
Hash identifier: tSNJ8rJUjxDyl24pjWQzeqZGCCf7MSnWS2fhZvnPxBU=
Subject key identifier: C4:B1:F8:FE:24:01:4A:A1:2B:A0:03:A1:CA:FB:F4:01:49:12:EB:36
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 01865575408A3CBD8F4A5D66D0DB7BFA231F
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/xLH4_iQBSqEroAOhyvv0AUkS6zY.roa
Signing time: Wed 15 Feb 2023 14:23:12 +0000
ROA not before: Wed 15 Feb 2023 14:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50613
IP address blocks: 193.107.84.0/22 maxlen: 22
82.221.129.0/24 maxlen: 24
82.221.131.0/24 maxlen: 24
82.221.128.0/19 maxlen: 19
82.221.139.0/24 maxlen: 24
82.221.146.0/24 maxlen: 24
82.221.96.0/19 maxlen: 19
82.221.100.0/23 maxlen: 23
82.221.105.0/24 maxlen: 24
82.221.104.0/24 maxlen: 24
82.221.111.0/24 maxlen: 24
82.221.113.0/24 maxlen: 24
2a02:f48:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 11 May 2023 14:40:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:75:40:8a:3c:bd:8f:4a:5d:66:d0:db:7b:fa:23:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Feb 15 14:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4b1f8fe24014aa12ba003a1cafbf4014912eb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ac:75:da:a6:4a:e6:7b:55:f8:4a:06:6e:ca:
7b:67:55:6c:34:3b:ae:ee:73:7c:75:46:94:e2:ad:
71:f1:cc:4a:54:ba:b1:db:ca:94:67:08:dc:12:de:
d1:d3:8f:c2:1b:0a:1e:59:66:dc:0c:ba:ab:16:8f:
54:33:fd:eb:83:01:a1:cf:e3:b3:c4:29:b8:ce:40:
b2:0a:da:67:f7:bf:f8:83:df:74:d8:3f:3e:88:28:
87:31:f4:06:7a:7a:1c:34:a6:64:0f:01:b0:eb:35:
47:fe:0c:3f:c9:26:2c:d3:da:3c:3f:23:77:78:70:
75:02:c5:f6:d2:9f:c3:61:29:86:10:7f:2b:61:2e:
71:d3:b8:78:fa:86:4c:2e:b7:31:aa:a6:d1:d7:ef:
9a:fa:bb:26:be:99:75:54:54:b1:e5:75:90:6c:b5:
9d:c8:fd:5c:73:43:15:8f:5e:33:db:cc:76:36:52:
a9:c9:b7:71:35:3f:d0:c0:06:f9:70:18:6c:7b:3c:
c5:23:1a:b3:b4:74:c8:af:76:6b:c1:ce:b6:2c:d6:
d6:c5:d5:54:b1:49:fc:98:f5:1c:74:fc:94:42:ea:
30:d2:b1:7c:fa:c7:cc:a4:36:4d:8e:76:a0:5e:b9:
9c:6f:e8:85:10:c5:3b:47:67:a6:30:b0:29:e0:28:
4f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B1:F8:FE:24:01:4A:A1:2B:A0:03:A1:CA:FB:F4:01:49:12:EB:36
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/xLH4_iQBSqEroAOhyvv0AUkS6zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.96.0-82.221.159.255
193.107.84.0/22
IPv6:
2a02:f48:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:cf:94:e5:f3:73:98:1f:6b:d8:a1:42:07:fa:01:4e:aa:bc:
4f:a0:a8:cc:75:11:c9:0c:5d:56:1d:26:9e:2a:37:a9:af:93:
e0:8b:35:2f:ce:b0:82:86:dd:f4:1c:87:c5:54:75:09:08:fe:
5f:93:62:53:d1:d8:ef:ca:d5:2f:22:53:60:29:93:fc:d7:14:
75:b2:b6:80:77:c8:62:5c:42:2d:8b:cb:fe:67:ed:a6:5e:1d:
03:fe:0f:69:35:a6:cb:e1:b0:8f:22:56:00:74:a1:27:b9:ab:
79:03:fd:a8:88:e1:2c:7d:5a:f7:a9:c3:04:78:03:5d:ea:29:
cd:c1:c4:0d:be:5a:6b:af:01:aa:01:c3:2e:5d:bc:ca:91:12:
aa:25:2d:2f:dd:20:3b:c4:a7:fc:48:80:04:7d:1a:7b:48:5a:
1f:db:2f:5f:22:99:22:0a:4d:d4:87:ab:0f:10:fd:68:ab:b1:
f4:ed:d7:da:60:b1:c3:b8:19:6f:a9:50:8c:5e:e4:52:b1:e4:
d3:dd:26:09:f4:db:f4:c9:44:25:19:dc:30:cb:4b:bc:72:51:
a3:b7:b7:e8:3c:a9:a8:ab:11:08:5f:67:80:8e:63:96:92:de:
be:32:8f:49:5f:af:d9:34:86:ce:ca:af:a9:96:84:4b:4e:5f:
c6:d0:19:e6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZVdUCKPL2PSl1m0Nt7+iMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjMwMjE1MTQyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGIxZjhmZTI0MDE0YWExMmJhMDAzYTFjYWZiZjQwMTQ5MTJlYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqx12qZK5ntV+EoGbsp7Z1VsNDuu
7nN8dUaU4q1x8cxKVLqx28qUZwjcEt7R04/CGwoeWWbcDLqrFo9UM/3rgwGhz+Oz
xCm4zkCyCtpn97/4g9902D8+iCiHMfQGenocNKZkDwGw6zVH/gw/ySYs09o8PyN3
eHB1AsX20p/DYSmGEH8rYS5x07h4+oZMLrcxqqbR1++a+rsmvpl1VFSx5XWQbLWd
yP1cc0MVj14z28x2NlKpybdxNT/QwAb5cBhsezzFIxqztHTIr3Zrwc62LNbWxdVU
sUn8mPUcdPyUQuow0rF8+sfMpDZNjnagXrmcb+iFEMU7R2emMLAp4ChPuwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMSx+P4kAUqhK6ADocr79AFJEus2MB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEveExINF9pUUJTcUVyb0FPaHl2djBBVWtTNnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAVS3WAD
BAVS3YADBALBa1QwDgQCAAIwCAMGACoCD0ggMA0GCSqGSIb3DQEBCwUAA4IBAQAr
z5Tl83OYH2vYoUIH+gFOqrxPoKjMdRHJDF1WHSaeKjepr5PgizUvzrCCht30HIfF
VHUJCP5fk2JT0djvytUvIlNgKZP81xR1sraAd8hiXEIti8v+Z+2mXh0D/g9pNabL
4bCPIlYAdKEnuat5A/2oiOEsfVr3qcMEeANd6inNwcQNvlprrwGqAcMuXbzKkRKq
JS0v3SA7xKf8SIAEfRp7SFof2y9fIpkiCk3Uh6sPEP1oq7H07dfaYLHDuBlvqVCM
XuRSseTT3SYJ9Nv0yUQlGdwwy0u8clGjt7foPKmoqxEIX2eAjmOWkt6+Mo9JX6/Z
NIbOyq+ploRLTl/G0Bnm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:36 2024 by rpki-client on console-fra.rpki-client.org