Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/XttcjsYj-W3dn3qCXL0b71w9ceE.roa
File: XttcjsYj-W3dn3qCXL0b71w9ceE.roa (raw, json)
Hash identifier: ERJvMc9ig/Dex3T+oiKXOPz6Q9ddy/gb6NzuqIMiMN0=
Subject key identifier: 5E:DB:5C:8E:C6:23:F9:6D:DD:9F:7A:82:5C:BD:1B:EF:5C:3D:71:E1
Certificate issuer: /CN=c7221e402998abc1f035475e158b74e8c76920c0
Certificate serial: 0186B618717859FB027B946429BB0F000C35
Authority key identifier: C7:22:1E:40:29:98:AB:C1:F0:35:47:5E:15:8B:74:E8:C7:69:20:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xyIeQCmYq8HwNUdeFYt06MdpIMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/XttcjsYj-W3dn3qCXL0b71w9ceE.roa
Signing time: Mon 06 Mar 2023 08:45:00 +0000
ROA not before: Mon 06 Mar 2023 08:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205935
IP address blocks: 185.201.132.0/24 maxlen: 24
185.201.135.0/24 maxlen: 24
185.201.134.0/24 maxlen: 24
2a0a:c441::/32 maxlen: 32
2a0a:c445::/32 maxlen: 32
2a0a:c443::/32 maxlen: 32
2a0a:c447::/32 maxlen: 32
2a0a:c444::/32 maxlen: 32
2a0a:c442::/32 maxlen: 32
2a0a:c440::/32 maxlen: 32
2a0a:c446::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:18:71:78:59:fb:02:7b:94:64:29:bb:0f:00:0c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7221e402998abc1f035475e158b74e8c76920c0
Validity
Not Before: Mar 6 08:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5edb5c8ec623f96ddd9f7a825cbd1bef5c3d71e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:11:ae:5a:89:4a:f6:16:6f:e4:81:39:f4:
ae:61:89:4e:24:3e:6f:e2:0b:67:b4:e7:c5:33:8e:
b3:30:54:a6:09:fb:96:e7:e4:ec:4f:a7:66:c7:74:
bb:e6:74:6b:f7:32:9b:80:72:37:0a:4d:4b:99:7f:
90:14:b2:cb:59:8d:4a:29:c4:fd:64:b4:d8:92:f4:
26:e5:50:34:55:ac:99:79:55:ce:c7:ec:75:3e:c1:
6c:7b:d0:ae:20:2e:84:d1:e0:81:7d:4a:7d:3a:23:
0b:25:9d:47:38:08:0e:23:0f:ab:3f:51:30:ae:d0:
3e:33:ca:41:41:02:1b:a2:36:94:5d:9f:66:76:e1:
c2:52:3b:3f:6d:ec:80:31:f7:76:0d:64:b3:fa:b8:
8d:ad:70:45:5e:28:cd:d7:96:ba:ac:c1:f2:8b:45:
d2:39:36:7d:b2:b6:4a:ab:c1:68:b6:25:3f:39:55:
f1:97:9f:0a:34:b9:6f:6a:bd:de:83:24:49:7f:bd:
04:1f:44:e1:de:fa:e9:b1:ae:d0:7d:a0:2c:76:d2:
30:33:c4:74:07:49:93:8d:c6:16:3a:da:02:19:db:
7c:f7:f2:2b:d7:27:57:df:8e:fb:71:61:43:a4:e2:
f7:51:a4:32:55:dd:6e:d9:c0:c2:cc:6a:d2:47:e2:
0b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DB:5C:8E:C6:23:F9:6D:DD:9F:7A:82:5C:BD:1B:EF:5C:3D:71:E1
X509v3 Authority Key Identifier:
keyid:C7:22:1E:40:29:98:AB:C1:F0:35:47:5E:15:8B:74:E8:C7:69:20:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xyIeQCmYq8HwNUdeFYt06MdpIMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/XttcjsYj-W3dn3qCXL0b71w9ceE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/xyIeQCmYq8HwNUdeFYt06MdpIMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.132.0/24
185.201.134.0/23
IPv6:
2a0a:c440::/29
Signature Algorithm: sha256WithRSAEncryption
b1:b1:9a:12:66:eb:ab:85:b6:fd:64:8d:b5:7b:cc:28:28:1c:
e1:81:57:cb:a3:f7:30:71:f8:06:b0:49:fd:59:52:76:83:e0:
c8:b8:d5:7a:b3:a9:d3:2d:3f:19:09:6d:83:c3:db:b4:8e:96:
44:3f:5c:6f:6d:1b:b5:5b:bc:03:cf:c0:ee:7b:1e:a8:62:f0:
54:12:9d:3a:2b:30:df:60:b6:63:72:bf:6d:84:c6:f7:a7:44:
f1:ec:1d:af:8b:aa:34:d2:f1:74:5b:d5:1f:ed:df:03:5a:c5:
80:35:7e:eb:95:3c:12:61:8c:c8:2c:54:7e:2f:2c:6b:9f:2c:
05:8b:51:a3:98:ba:8c:a1:dc:f0:59:23:2a:99:fb:5c:52:dd:
0d:fb:e6:31:99:1c:90:28:d6:16:09:f7:52:55:d5:96:2e:66:
1f:c0:c4:b6:75:52:76:4c:32:2c:3b:a9:8d:8c:76:9e:b3:ab:
be:7f:af:88:a8:48:99:f7:54:0b:b6:64:0f:6c:5b:8c:33:10:
96:ca:a7:f8:19:52:a3:e4:1a:d6:42:e0:8c:2e:4c:2b:a2:21:
20:09:2e:bb:5e:10:68:4c:72:3f:3d:fa:9f:84:1c:16:88:6b:
70:36:b7:7f:20:7d:a2:b9:aa:2e:ff:23:89:6f:d0:11:f5:41:
5a:64:30:ba
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYa2GHF4WfsCe5RkKbsPAAw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MjIxZTQwMjk5OGFiYzFmMDM1NDc1ZTE1OGI3NGU4Yzc2
OTIwYzAwHhcNMjMwMzA2MDg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWRiNWM4ZWM2MjNmOTZkZGQ5ZjdhODI1Y2JkMWJlZjVjM2Q3MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdgRrlqJSvYWb+SBOfSuYYlOJD5v
4gtntOfFM46zMFSmCfuW5+TsT6dmx3S75nRr9zKbgHI3Ck1LmX+QFLLLWY1KKcT9
ZLTYkvQm5VA0VayZeVXOx+x1PsFse9CuIC6E0eCBfUp9OiMLJZ1HOAgOIw+rP1Ew
rtA+M8pBQQIbojaUXZ9mduHCUjs/beyAMfd2DWSz+riNrXBFXijN15a6rMHyi0XS
OTZ9srZKq8FotiU/OVXxl58KNLlvar3egyRJf70EH0Th3vrpsa7QfaAsdtIwM8R0
B0mTjcYWOtoCGdt89/Ir1ydX3477cWFDpOL3UaQyVd1u2cDCzGrSR+ILaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF7bXI7GI/lt3Z96gly9G+9cPXHhMB8GA1UdIwQY
MBaAFMciHkApmKvB8DVHXhWLdOjHaSDAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlJZVFDbVlxOEh3TlVkZUZZdDA2TWRwSU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOWNhN2EtNDExYy00M2E4LTk1MmYt
Y2M1NDA2MDhjNDFkLzEvWHR0Y2pzWWotVzNkbjNxQ1hMMGI3MXc5Y2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOWNhN2EtNDExYy00M2E4LTk1MmYtY2M1NDA2MDhjNDFk
LzEveHlJZVFDbVlxOEh3TlVkZUZZdDA2TWRwSU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAucmEAwQB
ucmGMA0EAgACMAcDBQMqCsRAMA0GCSqGSIb3DQEBCwUAA4IBAQCxsZoSZuurhbb9
ZI21e8woKBzhgVfLo/cwcfgGsEn9WVJ2g+DIuNV6s6nTLT8ZCW2Dw9u0jpZEP1xv
bRu1W7wDz8Duex6oYvBUEp06KzDfYLZjcr9thMb3p0Tx7B2vi6o00vF0W9Uf7d8D
WsWANX7rlTwSYYzILFR+LyxrnywFi1GjmLqModzwWSMqmftcUt0N++YxmRyQKNYW
CfdSVdWWLmYfwMS2dVJ2TDIsO6mNjHaes6u+f6+IqEiZ91QLtmQPbFuMMxCWyqf4
GVKj5BrWQuCMLkwroiEgCS67XhBoTHI/PfqfhBwWiGtwNrd/IH2iuaou/yOJb9AR
9UFaZDC6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:11 2024 by rpki-client on console-ams.rpki-client.org