Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/xwCotzowNPrd8nySpjBluBFj5pg.roa
File: xwCotzowNPrd8nySpjBluBFj5pg.roa (raw, json)
Hash identifier: hlK5OaeuQr9hGG4RFkpUZ+2rVIYU3/P1nOntp93SLpY=
Subject key identifier: C7:00:A8:B7:3A:30:34:FA:DD:F2:7C:92:A6:30:65:B8:11:63:E6:98
Certificate issuer: /CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Certificate serial: 018CC5010A93BFB8CA7E884E9B863FCF4ECB
Authority key identifier: 97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/xwCotzowNPrd8nySpjBluBFj5pg.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47242
IP address blocks: 149.62.184.0/21 maxlen: 24
81.31.144.0/20 maxlen: 24
185.201.64.0/22 maxlen: 24
185.84.96.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 08:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0a:93:bf:b8:ca:7e:88:4e:9b:86:3f:cf:4e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c700a8b73a3034faddf27c92a63065b81163e698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:58:5c:ef:88:19:07:6d:69:20:a8:3f:84:89:
d0:53:54:e2:44:dc:21:e5:01:bd:7f:e7:b2:7a:45:
2d:da:5b:23:47:a9:e3:7d:c7:f3:fb:36:68:03:1e:
3a:47:73:b2:35:fb:94:7b:44:f2:9c:bd:3a:2d:a4:
21:cf:4f:cb:0a:ba:74:ad:f3:42:56:67:c9:9c:94:
b3:d4:6c:58:ba:95:e5:31:6f:78:90:d2:5e:dd:60:
b6:c1:7f:88:db:e0:e9:a2:6a:83:2c:37:a5:fd:31:
6b:d0:d0:f5:a0:d6:12:d0:66:a7:37:55:44:52:96:
6d:c5:99:07:cf:53:46:c2:1e:df:c3:9f:bd:d9:70:
08:d5:ea:8f:4c:82:db:b2:81:78:01:f0:7f:fc:52:
fd:05:e9:3c:4d:45:39:0b:13:cd:b4:66:96:53:55:
4c:f9:95:58:9c:be:0e:95:00:63:a6:0f:41:c8:dc:
af:6a:f7:98:86:e8:56:cd:84:b1:42:7e:eb:26:7b:
65:4b:af:94:61:02:01:76:5d:d3:e0:55:ba:77:01:
3a:87:c6:42:15:13:67:09:0e:9e:f6:80:6f:34:e0:
c9:0c:4b:f7:f7:e6:e0:c8:3d:8e:8a:30:09:02:da:
a6:9c:c4:d7:4f:8f:db:85:4d:30:db:ce:a9:96:73:
8f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:00:A8:B7:3A:30:34:FA:DD:F2:7C:92:A6:30:65:B8:11:63:E6:98
X509v3 Authority Key Identifier:
keyid:97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/xwCotzowNPrd8nySpjBluBFj5pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.144.0/20
149.62.184.0/21
185.84.96.0/22
185.201.64.0/22
Signature Algorithm: sha256WithRSAEncryption
25:b9:9a:8b:73:d2:0e:25:6c:78:e8:0e:30:2d:4d:38:84:55:
ce:0b:82:0c:32:04:d9:1c:30:54:40:0d:12:78:e9:d2:80:a6:
a0:49:8a:5c:ab:fa:0e:ba:32:bf:ac:34:d2:fd:b1:5c:b4:2b:
0a:b0:dc:d6:9d:98:98:c6:b4:20:47:71:b6:c1:01:c3:61:29:
87:8e:c0:78:fa:f9:52:cf:da:a5:25:54:bc:03:f4:1f:5d:12:
1e:89:7a:4d:f9:8e:eb:80:aa:f1:5c:b3:88:14:e5:17:f6:81:
9f:43:e9:52:35:7c:97:a0:2d:c5:c5:d6:aa:2e:00:24:1f:a9:
d3:2f:c6:4d:f8:7c:19:9c:bb:56:b4:4e:75:25:5e:82:8d:13:
86:e4:73:85:99:b6:46:94:ac:4c:6e:7f:8d:53:0a:3d:2a:81:
de:8a:6d:7e:cd:65:df:04:76:3f:be:c6:ca:f5:c4:c9:ac:4e:
90:76:6d:84:e2:78:63:41:c3:f6:df:df:69:2a:d9:91:89:f6:
04:a4:ec:68:95:08:c2:06:4d:c6:e8:17:ff:6f:85:ee:61:f3:
8a:8d:81:e5:d0:dc:4c:ef:dc:f6:55:fc:c9:dd:b6:f9:41:4c:
74:de:82:c1:9e:e6:f6:b7:ba:de:cc:ba:b9:08:ae:af:dd:ee:
c5:98:25:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAQqTv7jKfohOm4Y/z07LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MTUzM2NiN2E2Nzk2YWM1YzM4MmIzOGRjZjQ1OWY5MTc2
OTMxZjQwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzAwYThiNzNhMzAzNGZhZGRmMjdjOTJhNjMwNjViODExNjNlNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFhc74gZB21pIKg/hInQU1TiRNwh
5QG9f+eyekUt2lsjR6njfcfz+zZoAx46R3OyNfuUe0TynL06LaQhz0/LCrp0rfNC
VmfJnJSz1GxYupXlMW94kNJe3WC2wX+I2+DpomqDLDel/TFr0ND1oNYS0GanN1VE
UpZtxZkHz1NGwh7fw5+92XAI1eqPTILbsoF4AfB//FL9Bek8TUU5CxPNtGaWU1VM
+ZVYnL4OlQBjpg9ByNyvaveYhuhWzYSxQn7rJntlS6+UYQIBdl3T4FW6dwE6h8ZC
FRNnCQ6e9oBvNODJDEv39+bgyD2OijAJAtqmnMTXT4/bhU0w286plnOPRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMcAqLc6MDT63fJ8kqYwZbgRY+aYMB8GA1UdIwQY
MBaAFJcVM8t6Z5asXDgrONz0WfkXaTH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDIt
MzllY2E0NzI2NjhiLzEveHdDb3R6b3dOUHJkOG55U3BqQmx1QkZqNXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDItMzllY2E0NzI2Njhi
LzEvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR+QAwQD
lT64AwQCuVRgAwQCuclAMA0GCSqGSIb3DQEBCwUAA4IBAQAluZqLc9IOJWx46A4w
LU04hFXOC4IMMgTZHDBUQA0SeOnSgKagSYpcq/oOujK/rDTS/bFctCsKsNzWnZiY
xrQgR3G2wQHDYSmHjsB4+vlSz9qlJVS8A/QfXRIeiXpN+Y7rgKrxXLOIFOUX9oGf
Q+lSNXyXoC3FxdaqLgAkH6nTL8ZN+HwZnLtWtE51JV6CjROG5HOFmbZGlKxMbn+N
Uwo9KoHeim1+zWXfBHY/vsbK9cTJrE6Qdm2E4nhjQcP2399pKtmRifYEpOxolQjC
Bk3G6Bf/b4XuYfOKjYHl0NxM79z2VfzJ3bb5QUx03oLBnub2t7rezLq5CK6v3e7F
mCUE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:07 2025 by rpki-client