Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/_XQuZfVINWq9_DmZqS4yCTs8Nsw.roa
File: _XQuZfVINWq9_DmZqS4yCTs8Nsw.roa (raw, json)
Hash identifier: 5ioqBEvci5Lm+efvvpnzXs6N63ZQqIW8Ct3oLut7QPQ=
Subject key identifier: FD:74:2E:65:F5:48:35:6A:BD:FC:39:99:A9:2E:32:09:3B:3C:36:CC
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0185AB11310DE101C5532BFDAE616E60A6D0
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/_XQuZfVINWq9_DmZqS4yCTs8Nsw.roa
Signing time: Fri 13 Jan 2023 12:18:28 +0000
ROA not before: Fri 13 Jan 2023 12:18:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 23 Jan 2023 08:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ab:11:31:0d:e1:01:c5:53:2b:fd:ae:61:6e:60:a6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 13 12:18:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd742e65f548356abdfc3999a92e32093b3c36cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d4:51:2c:7c:df:b4:5a:99:12:40:af:e0:b2:
82:d0:3d:e7:b3:4e:54:e3:2b:30:48:11:d1:a9:07:
90:03:a2:56:34:72:a8:fe:50:40:dd:07:3d:85:4d:
e0:83:3f:22:35:94:d4:4a:f4:fb:8e:7c:d2:a4:99:
73:9e:bb:46:73:10:ca:42:a8:f7:9c:f2:27:05:b9:
3f:ab:61:b7:44:71:41:29:0b:50:6e:b9:57:6c:b8:
ec:a6:e7:1d:6d:a5:51:ba:d6:e6:aa:13:52:2a:5a:
1a:8e:f3:45:8c:13:e2:90:10:42:22:11:7f:f3:b0:
da:6d:8c:51:ec:bd:4e:44:30:91:4c:68:0c:1b:ae:
1d:6f:35:1f:bd:3a:64:0a:c8:84:81:6c:be:cb:a1:
76:96:b1:cc:14:0e:71:73:1b:4b:49:d7:a3:a5:16:
1f:3d:6c:d1:0a:b7:a2:21:2f:f0:8c:1f:8e:0e:1f:
2f:ce:d4:d6:c2:a8:21:27:38:9c:1c:d4:f6:81:41:
37:aa:ce:f3:97:b6:84:64:4c:53:aa:8c:9f:df:34:
94:ca:30:d9:23:27:bd:c9:24:c5:3b:61:0d:fd:94:
8b:b0:d6:f3:c3:b3:23:16:89:6f:1c:d4:1f:75:c7:
f6:8c:4f:f9:4d:3b:c3:c7:3c:c5:8b:ae:68:8a:c8:
de:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:74:2E:65:F5:48:35:6A:BD:FC:39:99:A9:2E:32:09:3B:3C:36:CC
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/_XQuZfVINWq9_DmZqS4yCTs8Nsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a10:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
56:01:87:12:c9:86:e4:58:0a:55:68:5c:6c:e6:64:6f:3b:87:
34:31:40:f6:bd:80:a0:14:dd:ff:9d:ea:74:66:1e:ea:96:82:
4a:7c:7b:26:7b:74:b3:45:30:e4:a5:f2:ef:9a:50:9f:16:4c:
f2:29:12:cb:32:f7:0a:4a:2d:c3:43:92:fb:df:46:70:ef:63:
95:44:b5:7f:bc:ea:62:2a:fa:c0:69:c9:55:54:2f:ef:9d:3f:
16:d5:bb:63:0f:30:f3:e8:c9:40:b8:d9:44:50:cb:ca:c7:fb:
18:ae:77:1a:91:e4:c9:37:2e:c6:e6:94:45:e0:ed:3a:2e:6f:
80:05:76:3a:53:4a:da:95:eb:2f:cb:37:ac:ca:40:a9:ac:63:
0a:5f:c1:ba:48:e1:db:25:a0:d0:39:43:91:b4:47:4c:9e:16:
38:6d:3c:06:60:5e:42:c5:35:65:84:f8:7f:89:09:38:2e:ce:
3c:61:96:12:bb:68:22:8b:0e:6b:db:f8:9a:42:bf:72:fb:94:
48:2e:71:07:81:5c:11:8a:4f:04:fb:fa:7b:30:3d:6c:7b:4d:
91:46:ce:db:e7:e7:cc:2b:71:f8:52:03:00:83:2b:40:8f:a4:
26:a8:10:59:83:2f:07:fa:a5:f0:0b:e7:89:31:c8:35:38:9d:
53:ec:c3:9c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYWrETEN4QHFUyv9rmFuYKbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTEzMTIxODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc0MmU2NWY1NDgzNTZhYmRmYzM5OTlhOTJlMzIwOTNiM2MzNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktRRLHzftFqZEkCv4LKC0D3ns05U
4yswSBHRqQeQA6JWNHKo/lBA3Qc9hU3ggz8iNZTUSvT7jnzSpJlznrtGcxDKQqj3
nPInBbk/q2G3RHFBKQtQbrlXbLjspucdbaVRutbmqhNSKloajvNFjBPikBBCIhF/
87DabYxR7L1ORDCRTGgMG64dbzUfvTpkCsiEgWy+y6F2lrHMFA5xcxtLSdejpRYf
PWzRCreiIS/wjB+ODh8vztTWwqghJzicHNT2gUE3qs7zl7aEZExTqoyf3zSUyjDZ
Iye9ySTFO2EN/ZSLsNbzw7MjFolvHNQfdcf2jE/5TTvDxzzFi65oisjenwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP10LmX1SDVqvfw5makuMgk7PDbMMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvX1hRdVpmVklOV3E5X0RtWnFTNHlDVHM4TnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCU6vwAwQA
VDYkAwQAwnFpMA0EAgACMAcDBQMqEMDAMA0GCSqGSIb3DQEBCwUAA4IBAQBWAYcS
yYbkWApVaFxs5mRvO4c0MUD2vYCgFN3/nep0Zh7qloJKfHsme3SzRTDkpfLvmlCf
FkzyKRLLMvcKSi3DQ5L730Zw72OVRLV/vOpiKvrAaclVVC/vnT8W1btjDzDz6MlA
uNlEUMvKx/sYrncakeTJNy7G5pRF4O06Lm+ABXY6U0ralesvyzesykCprGMKX8G6
SOHbJaDQOUORtEdMnhY4bTwGYF5CxTVlhPh/iQk4Ls48YZYSu2giiw5r2/iaQr9y
+5RILnEHgVwRik8E+/p7MD1se02RRs7b5+fMK3H4UgMAgytAj6QmqBBZgy8H+qXw
C+eJMcg1OJ1T7MOc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org