Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/Xamyw_SeF28qn37p9K1aatoIniQ.roa
File: Xamyw_SeF28qn37p9K1aatoIniQ.roa (raw, json)
Hash identifier: nAR2rkK8Lr0BVWxwbq6MCcKjcrjDXfO10j5q1ahPcRE=
Subject key identifier: 5D:A9:B2:C3:F4:9E:17:6F:2A:9F:7E:E9:F4:AD:5A:6A:DA:08:9E:24
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 0185720C721696BBE6F58BE45AAFF76795B5
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/Xamyw_SeF28qn37p9K1aatoIniQ.roa
Signing time: Mon 02 Jan 2023 10:34:56 +0000
ROA not before: Mon 02 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201814
IP address blocks: 5.181.189.0/24 maxlen: 24
5.181.188.0/22 maxlen: 22
95.214.52.0/22 maxlen: 23
185.16.36.0/22 maxlen: 24
2a03:cfc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Mar 2023 11:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:72:16:96:bb:e6:f5:8b:e4:5a:af:f7:67:95:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Jan 2 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5da9b2c3f49e176f2a9f7ee9f4ad5a6ada089e24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d3:dd:ea:00:b0:9a:0c:87:01:b6:24:f0:0a:
01:c4:af:16:18:ca:9d:c6:84:9f:23:9a:74:ed:f8:
94:27:6a:23:43:9c:ec:e1:76:1b:c6:2a:0f:a3:c0:
b5:b1:df:99:27:e1:e6:a7:71:f2:ae:57:90:88:ef:
f0:58:b5:a4:63:3f:bf:f2:05:f7:71:bc:86:26:ea:
58:0c:5c:be:30:48:8c:5c:ab:fa:8f:79:c4:a1:ff:
13:28:d3:f7:bf:5b:e4:a2:c9:95:15:b9:b2:4f:20:
79:ef:1c:ce:f3:b5:b3:d1:e7:78:12:da:46:03:5b:
bf:7c:d4:c8:75:a3:dc:de:f6:f4:51:73:09:a6:3c:
22:9f:6f:c6:43:80:d5:ad:de:10:02:80:2e:69:6f:
a3:e2:ea:17:b6:54:97:40:46:d9:f4:5e:b1:28:43:
15:f8:7d:53:87:b5:19:9a:f0:b3:a8:92:bb:20:85:
e9:d4:18:02:33:a8:3f:20:cd:59:74:c5:02:78:93:
94:19:6a:36:27:3e:cf:bf:48:db:2e:51:e3:24:6c:
fd:f1:82:7b:b9:fe:45:ea:23:01:d5:6c:71:2c:29:
a9:a7:c3:5a:c9:1d:c3:72:b2:1e:52:36:2a:21:46:
3e:5f:c8:be:80:e1:fd:08:01:17:09:1d:f4:1f:46:
30:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A9:B2:C3:F4:9E:17:6F:2A:9F:7E:E9:F4:AD:5A:6A:DA:08:9E:24
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/Xamyw_SeF28qn37p9K1aatoIniQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.188.0/22
95.214.52.0/22
185.16.36.0/22
IPv6:
2a03:cfc0::/32
Signature Algorithm: sha256WithRSAEncryption
46:10:1e:eb:d2:af:04:ea:ed:0f:91:83:48:83:3a:d7:3e:d7:
24:dc:05:fa:55:22:a5:09:19:1f:38:a1:86:7d:ac:22:6d:88:
c8:26:87:da:dd:80:d9:c8:fe:9e:70:64:d6:95:b6:d2:74:12:
19:24:72:36:ad:15:a6:54:80:74:28:ea:05:41:9c:5d:c5:4e:
7a:e9:17:01:da:b2:5c:e3:15:0f:48:be:2b:8b:96:d0:66:a9:
38:13:c1:d0:be:48:bf:ea:a1:5b:77:41:2f:7a:e1:5f:6a:c5:
61:c8:5e:a4:df:fd:d8:ff:7b:a2:21:f9:dc:12:d3:f8:2b:55:
e4:72:b8:f9:4b:dd:b0:57:65:b2:00:e6:61:39:c1:bc:ff:5b:
55:fd:f4:a5:96:83:f9:6f:14:c9:05:cf:86:e7:6e:11:5b:cd:
67:64:c7:39:cf:ea:4e:a3:4e:3a:c2:04:f8:71:59:16:23:8b:
5a:16:a1:b0:26:eb:19:64:c3:02:8e:87:08:56:e2:ca:dc:ec:
17:1f:c6:38:88:fa:b8:ae:ab:68:5c:6e:91:e6:e6:89:e3:3f:
f2:68:e9:ef:e8:c1:74:f0:3c:0a:a3:ca:b0:b7:c1:47:3a:f2:
26:15:de:39:76:5c:c0:7a:50:79:7e:e1:9e:e3:5e:43:d5:cb:
61:73:10:3b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyDHIWlrvm9YvkWq/3Z5W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE5YjJjM2Y0OWUxNzZmMmE5ZjdlZTlmNGFkNWE2YWRhMDg5ZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitPd6gCwmgyHAbYk8AoBxK8WGMqd
xoSfI5p07fiUJ2ojQ5zs4XYbxioPo8C1sd+ZJ+Hmp3HyrleQiO/wWLWkYz+/8gX3
cbyGJupYDFy+MEiMXKv6j3nEof8TKNP3v1vkosmVFbmyTyB57xzO87Wz0ed4EtpG
A1u/fNTIdaPc3vb0UXMJpjwin2/GQ4DVrd4QAoAuaW+j4uoXtlSXQEbZ9F6xKEMV
+H1Th7UZmvCzqJK7IIXp1BgCM6g/IM1ZdMUCeJOUGWo2Jz7Pv0jbLlHjJGz98YJ7
uf5F6iMB1WxxLCmpp8NayR3DcrIeUjYqIUY+X8i+gOH9CAEXCR30H0Yw9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF2pssP0nhdvKp9+6fStWmraCJ4kMB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvWGFteXdfU2VGMjhxbjM3cDlLMWFhdG9JbmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbW8AwQC
X9Y0AwQCuRAkMA0EAgACMAcDBQAqA8/AMA0GCSqGSIb3DQEBCwUAA4IBAQBGEB7r
0q8E6u0PkYNIgzrXPtck3AX6VSKlCRkfOKGGfawibYjIJofa3YDZyP6ecGTWlbbS
dBIZJHI2rRWmVIB0KOoFQZxdxU566RcB2rJc4xUPSL4ri5bQZqk4E8HQvki/6qFb
d0EveuFfasVhyF6k3/3Y/3uiIfncEtP4K1Xkcrj5S92wV2WyAOZhOcG8/1tV/fSl
loP5bxTJBc+G524RW81nZMc5z+pOo046wgT4cVkWI4taFqGwJusZZMMCjocIVuLK
3OwXH8Y4iPq4rqtoXG6R5uaJ4z/yaOnv6MF08DwKo8qwt8FHOvImFd45dlzAelB5
fuGe415D1cthcxA7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:25 2024 by rpki-client on console-fra.rpki-client.org