Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/_XQeL6B5Kh7kL-17M3WKdoxqbKA.roa
File: _XQeL6B5Kh7kL-17M3WKdoxqbKA.roa (raw, json)
Hash identifier: vrLLKWTc1GPlMtQfUg0aDaNO7Nj42m/uOPnWi23QlcI=
Subject key identifier: FD:74:1E:2F:A0:79:2A:1E:E4:2F:ED:7B:33:75:8A:76:8C:6A:6C:A0
Certificate issuer: /CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Certificate serial: 018CC6B90773F10BE799E920D08ADF2E520B
Authority key identifier: 42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/_XQeL6B5Kh7kL-17M3WKdoxqbKA.roa
Signing time: Mon 01 Jan 2024 20:31:03 +0000
ROA not before: Mon 01 Jan 2024 20:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206260
IP address blocks: 83.223.208.0/20 maxlen: 20
185.13.124.0/22 maxlen: 22
143.110.96.0/19 maxlen: 19
141.0.128.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 30 Apr 2024 20:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:07:73:f1:0b:e7:99:e9:20:d0:8a:df:2e:52:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Validity
Not Before: Jan 1 20:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd741e2fa0792a1ee42fed7b33758a768c6a6ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a0:01:0d:1f:46:f3:83:97:0e:d0:ab:69:1c:
3f:ab:d2:79:d8:2f:75:9e:1a:c8:34:a9:00:57:45:
e9:38:05:1e:e8:14:b1:a4:f0:5f:62:c4:e1:73:20:
cd:f7:54:69:4c:d9:34:ba:e0:36:a2:01:46:e7:d9:
20:97:df:1f:dc:df:d4:bb:db:21:ed:f5:a6:6d:4b:
a6:da:56:01:c8:5d:1b:c8:bd:a1:a5:7b:53:a1:25:
c7:3d:69:5a:37:a9:bf:45:ca:f7:b8:83:45:a4:04:
73:b1:56:81:d0:fd:ac:a9:02:ab:0c:e4:84:af:a2:
a3:f1:84:e0:2c:89:51:31:c1:4a:dd:56:ba:29:4b:
b2:d2:4e:2e:5c:92:39:f8:b8:78:ab:e2:6f:ca:4c:
a5:38:38:d3:9e:a6:04:16:54:31:82:c8:f8:4e:05:
c3:96:db:3d:d6:34:16:15:c7:05:f9:a6:4c:ad:a3:
3f:b1:7c:0c:dd:73:f8:e4:d6:68:b4:1e:d5:ff:7d:
2c:eb:20:2c:17:8f:fd:b2:d6:29:24:08:06:f9:f9:
71:5f:7c:f8:38:bf:e2:76:3e:81:8d:85:41:eb:ee:
4f:77:8d:97:ce:21:1b:46:dc:75:8f:f8:e8:e7:e5:
ef:0c:7f:3f:56:5f:83:57:62:0c:69:d9:43:8d:cd:
52:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:74:1E:2F:A0:79:2A:1E:E4:2F:ED:7B:33:75:8A:76:8C:6A:6C:A0
X509v3 Authority Key Identifier:
keyid:42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/_XQeL6B5Kh7kL-17M3WKdoxqbKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.208.0/20
141.0.128.0/20
143.110.96.0/19
185.13.124.0/22
Signature Algorithm: sha256WithRSAEncryption
20:6d:93:37:e9:c3:43:ce:82:40:d7:62:e3:37:68:9d:3a:c1:
8b:9b:85:29:ae:dd:5c:55:ed:5e:0b:ea:84:6a:d7:e1:73:82:
6b:83:95:20:5f:66:be:4e:e0:2a:20:cd:90:31:bb:5c:69:e6:
96:17:de:c5:d7:ca:a0:b5:45:37:2b:e6:ae:af:2b:2d:18:e1:
16:97:81:53:28:ef:fb:72:f9:6a:62:c1:67:cd:67:80:de:05:
81:6d:4c:e0:3c:6f:bd:c2:50:06:e0:07:e6:c7:5f:54:ab:a0:
e2:f8:6e:c6:de:b1:e5:34:e3:b9:b9:c5:88:31:fd:5a:d7:b7:
a3:f7:e1:1c:e3:fa:1d:01:b0:b8:7d:1c:0b:fc:ec:ef:eb:93:
9f:be:7a:cb:ae:ca:81:51:1d:ea:e3:69:15:0e:80:ff:6f:07:
64:23:6a:52:d9:0d:00:6c:b9:65:2f:c6:0b:17:5e:f8:cf:5c:
79:fc:05:ee:5f:0b:e0:9a:d2:17:a4:eb:0d:bd:c3:97:66:e2:
bb:9a:32:68:17:a7:1e:76:79:be:f3:69:6c:89:8c:61:14:16:
2d:e2:ac:76:1c:5a:f4:5d:3b:81:ca:c1:f9:87:d7:41:86:61:
7c:bd:60:74:ff:5f:31:60:dd:d1:17:3c:42:df:d9:ef:47:5b:
7d:17:fc:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGuQdz8Qvnmekg0IrfLlILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjlhOTY5NTI3NzdmMTA3NDMzODMwM2VjYjY1MDI1YzRl
MmI4YjUwHhcNMjQwMTAxMjAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc0MWUyZmEwNzkyYTFlZTQyZmVkN2IzMzc1OGE3NjhjNmE2Y2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaABDR9G84OXDtCraRw/q9J52C91
nhrINKkAV0XpOAUe6BSxpPBfYsThcyDN91RpTNk0uuA2ogFG59kgl98f3N/Uu9sh
7fWmbUum2lYByF0byL2hpXtToSXHPWlaN6m/Rcr3uINFpARzsVaB0P2sqQKrDOSE
r6Kj8YTgLIlRMcFK3Va6KUuy0k4uXJI5+Lh4q+JvykylODjTnqYEFlQxgsj4TgXD
lts91jQWFccF+aZMraM/sXwM3XP45NZotB7V/30s6yAsF4/9stYpJAgG+flxX3z4
OL/idj6BjYVB6+5Pd42XziEbRtx1j/jo5+XvDH8/Vl+DV2IMadlDjc1S1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP10Hi+geSoe5C/tezN1inaMamygMB8GA1UdIwQY
MBaAFEL5qWlSd38QdDODA+y2UCXE4ri1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUt
NzdmYTI5MTI5OTRkLzEvX1hRZUw2QjVLaDdrTC0xN00zV0tkb3hxYktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUtNzdmYTI5MTI5OTRk
LzEvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEU9/QAwQE
jQCAAwQFj25gAwQCuQ18MA0GCSqGSIb3DQEBCwUAA4IBAQAgbZM36cNDzoJA12Lj
N2idOsGLm4Uprt1cVe1eC+qEatfhc4Jrg5UgX2a+TuAqIM2QMbtcaeaWF97F18qg
tUU3K+aurystGOEWl4FTKO/7cvlqYsFnzWeA3gWBbUzgPG+9wlAG4Afmx19Uq6Di
+G7G3rHlNOO5ucWIMf1a17ej9+Ec4/odAbC4fRwL/Ozv65OfvnrLrsqBUR3q42kV
DoD/bwdkI2pS2Q0AbLllL8YLF174z1x5/AXuXwvgmtIXpOsNvcOXZuK7mjJoF6ce
dnm+82lsiYxhFBYt4qx2HFr0XTuBysH5h9dBhmF8vWB0/18xYN3RFzxC39nvR1t9
F/wH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:41 2024 by rpki-client on console-ams.rpki-client.org