Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xddlL5fWnhhdoQqhaxHJLcMQWiY.roa
File: xddlL5fWnhhdoQqhaxHJLcMQWiY.roa (raw, json)
Hash identifier: aLnVK3yLFCmimPxfcHOhEU5bq1sz6sXxBvY165DQ5KM=
Subject key identifier: C5:D7:65:2F:97:D6:9E:18:5D:A1:0A:A1:6B:11:C9:2D:C3:10:5A:26
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018D41801D60C58F01855F706ACAC1E61619
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xddlL5fWnhhdoQqhaxHJLcMQWiY.roa
Signing time: Thu 25 Jan 2024 16:42:11 +0000
ROA not before: Thu 25 Jan 2024 16:42:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 5.157.160.0/22 maxlen: 22
91.225.14.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
185.76.60.0/24 maxlen: 24
185.76.62.0/24 maxlen: 24
188.74.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 09 May 2024 13:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:80:1d:60:c5:8f:01:85:5f:70:6a:ca:c1:e6:16:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 25 16:42:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5d7652f97d69e185da10aa16b11c92dc3105a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b4:55:e1:64:d8:75:09:bd:cd:6c:e8:08:74:
47:4f:79:f5:96:f7:2c:40:ef:4c:26:99:a1:af:eb:
98:bc:77:ac:26:56:e0:af:b8:f3:27:27:e2:e7:54:
53:a1:4a:a6:cd:3d:06:b9:1b:20:67:5c:74:b1:e9:
59:ec:1d:d1:7c:aa:6d:33:4f:92:f5:3a:1e:db:1f:
c1:93:7a:41:cf:6d:fc:72:d5:94:69:bc:7c:b9:b5:
68:72:b3:08:12:0b:59:0e:7e:16:ec:24:ac:0f:67:
85:48:91:06:50:74:fa:a9:b0:b2:54:f6:c7:47:eb:
54:d4:5c:d9:38:8e:2b:9b:53:08:59:24:cb:4e:ad:
32:ea:8f:01:27:63:dc:ec:db:6e:bc:22:3a:aa:ca:
ac:19:d7:2b:68:7a:01:0c:ee:87:56:23:ed:b6:1d:
13:e8:c3:0f:3c:6c:44:5c:ac:09:06:76:94:60:9d:
3a:be:06:82:44:27:04:25:7d:97:3d:32:81:cb:40:
d5:63:be:2e:2e:b9:24:89:3d:a7:ee:51:c7:06:b3:
b9:4e:39:12:39:5a:68:1d:a3:c4:85:56:93:70:44:
65:1f:04:80:a5:ce:f7:5e:bf:fc:30:d1:49:bc:f0:
6c:3d:46:1a:d7:89:a1:6f:d4:ca:b5:39:04:83:bd:
09:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D7:65:2F:97:D6:9E:18:5D:A1:0A:A1:6B:11:C9:2D:C3:10:5A:26
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xddlL5fWnhhdoQqhaxHJLcMQWiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.160.0/22
91.225.14.0/24
91.235.123.0/24
185.76.60.0/24
185.76.62.0/24
188.74.212.0/22
Signature Algorithm: sha256WithRSAEncryption
41:9d:18:32:20:aa:27:3c:6a:2e:ca:e5:c2:95:3d:c2:71:61:
7f:16:b9:9f:83:29:23:67:3a:d4:7e:74:2c:0a:73:22:7d:9e:
f8:fc:90:9e:24:53:f3:17:4f:c5:32:e9:2d:e4:8a:ea:7b:9e:
88:81:12:9c:ff:ed:fa:87:ad:a7:82:7d:ab:a7:ac:55:b0:67:
fe:52:5c:80:75:e1:93:d3:40:fd:4b:e3:7e:99:be:ac:35:92:
d9:9f:e2:e7:0b:6a:36:3d:b3:c8:4e:9b:f6:5a:63:1c:ec:b1:
39:1a:fc:5c:23:35:a4:5f:bb:d7:6f:e8:bc:78:50:4f:25:56:
b4:45:7a:8c:b5:b8:0a:17:c4:b8:47:d7:db:b5:f1:03:78:d6:
44:fe:24:ee:31:f4:0d:44:0a:ae:56:5f:14:5c:5b:77:3f:e4:
33:ee:f7:c9:c8:86:3d:6d:27:9f:30:9d:31:42:99:76:19:07:
49:29:82:de:91:c6:86:11:a9:95:20:9e:f5:02:85:df:d9:05:
29:86:5d:cc:b4:6e:0c:1f:49:a5:29:3c:05:c7:62:17:6e:24:
a9:d9:a0:8a:88:e1:91:26:50:55:84:7b:d3:c4:f9:92:da:06:
be:39:ac:b9:b5:eb:93:22:9b:22:59:ca:b3:b5:23:d4:53:10:
01:0f:80:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1BgB1gxY8BhV9wasrB5hYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTI1MTY0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ3NjUyZjk3ZDY5ZTE4NWRhMTBhYTE2YjExYzkyZGMzMTA1YTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLRV4WTYdQm9zWzoCHRHT3n1lvcs
QO9MJpmhr+uYvHesJlbgr7jzJyfi51RToUqmzT0GuRsgZ1x0selZ7B3RfKptM0+S
9Toe2x/Bk3pBz238ctWUabx8ubVocrMIEgtZDn4W7CSsD2eFSJEGUHT6qbCyVPbH
R+tU1FzZOI4rm1MIWSTLTq0y6o8BJ2Pc7NtuvCI6qsqsGdcraHoBDO6HViPtth0T
6MMPPGxEXKwJBnaUYJ06vgaCRCcEJX2XPTKBy0DVY74uLrkkiT2n7lHHBrO5TjkS
OVpoHaPEhVaTcERlHwSApc73Xr/8MNFJvPBsPUYa14mhb9TKtTkEg70JvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMXXZS+X1p4YXaEKoWsRyS3DEFomMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEveGRkbEw1ZlduaGhkb1FxaGF4SEpMY01RV2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBZ2gAwQA
W+EOAwQAW+t7AwQAuUw8AwQAuUw+AwQCvErUMA0GCSqGSIb3DQEBCwUAA4IBAQBB
nRgyIKonPGouyuXClT3CcWF/FrmfgykjZzrUfnQsCnMifZ74/JCeJFPzF0/FMukt
5Irqe56IgRKc/+36h62ngn2rp6xVsGf+UlyAdeGT00D9S+N+mb6sNZLZn+LnC2o2
PbPITpv2WmMc7LE5GvxcIzWkX7vXb+i8eFBPJVa0RXqMtbgKF8S4R9fbtfEDeNZE
/iTuMfQNRAquVl8UXFt3P+Qz7vfJyIY9bSefMJ0xQpl2GQdJKYLekcaGEamVIJ71
AoXf2QUphl3MtG4MH0mlKTwFx2IXbiSp2aCKiOGRJlBVhHvTxPmS2ga+Oay5teuT
IpsiWcqztSPUUxABD4CW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:50 2024 by rpki-client on console-ams.rpki-client.org