Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/XKJzIoXus7AGM_eW-1z9xQfy2qQ.roa
File: XKJzIoXus7AGM_eW-1z9xQfy2qQ.roa (raw, json)
Hash identifier: 8LKrbxsotUAPerAvZWtUcgYDnwjSamd/iPNkCsHCOa4=
Subject key identifier: 5C:A2:73:22:85:EE:B3:B0:06:33:F7:96:FB:5C:FD:C5:07:F2:DA:A4
Certificate issuer: /CN=f970049cba7f39aeed31d65313c7b953f3fda135
Certificate serial: 0190C056384541EF5E5475B7AF1DDC73C667
Authority key identifier: F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/XKJzIoXus7AGM_eW-1z9xQfy2qQ.roa
Signing time: Wed 17 Jul 2024 10:56:34 +0000
ROA not before: Wed 17 Jul 2024 10:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3292
IP address blocks: 2.110.0.0/20 maxlen: 20
2.110.16.0/22 maxlen: 22
185.158.162.0/24 maxlen: 24
185.158.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 06:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:56:38:45:41:ef:5e:54:75:b7:af:1d:dc:73:c6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f970049cba7f39aeed31d65313c7b953f3fda135
Validity
Not Before: Jul 17 10:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ca2732285eeb3b00633f796fb5cfdc507f2daa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:10:ee:88:a9:41:62:a1:77:e8:aa:6f:fb:a3:
a4:52:8d:41:68:93:cd:62:1e:1c:fd:5b:e5:cd:9a:
74:d9:c7:5b:86:eb:c2:02:97:94:4f:d9:49:c0:97:
37:65:36:15:83:85:c7:6e:92:2c:33:e8:bb:33:1d:
6e:16:41:ab:0d:70:3e:6c:be:16:60:e5:0b:d8:fd:
ca:f6:75:de:59:38:4c:5a:8b:0e:53:a2:c9:02:0a:
95:3e:c9:ad:2e:4d:d8:b3:26:28:4c:99:9b:5b:42:
1d:ff:56:5b:30:61:80:c8:0e:cd:5b:ed:4b:5e:f0:
70:0c:6d:e9:4b:4c:9d:5c:86:e8:28:6c:4d:25:a1:
aa:c0:0c:f6:ad:db:14:39:f3:04:ba:62:07:f0:00:
8c:cf:a3:6d:4d:95:1a:d3:57:e9:7a:9b:e0:26:bb:
f6:b7:97:25:a8:96:e5:67:5b:e3:61:d1:27:d3:b5:
9b:8a:2e:81:e4:6b:5e:24:54:ea:84:92:d7:a0:ba:
15:ab:37:71:f5:49:16:dd:31:39:4c:3a:42:77:f7:
4a:e4:f4:ac:12:e3:85:6a:95:de:ea:31:c6:ed:d8:
9a:9f:54:81:f0:a9:5e:b1:5c:31:75:cb:b8:a4:e4:
9c:cb:5d:1c:b5:25:4c:e6:7c:f8:b8:fc:ba:0a:20:
37:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A2:73:22:85:EE:B3:B0:06:33:F7:96:FB:5C:FD:C5:07:F2:DA:A4
X509v3 Authority Key Identifier:
keyid:F9:70:04:9C:BA:7F:39:AE:ED:31:D6:53:13:C7:B9:53:F3:FD:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/XKJzIoXus7AGM_eW-1z9xQfy2qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/13f5f1-45b6-4bc1-b5a5-521fa41dfc96/1/1-XAEnLp_Oa7tMdZTE8e5U_P9oTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.110.0.0-2.110.19.255
185.158.162.0/23
Signature Algorithm: sha256WithRSAEncryption
56:fd:c8:32:d2:8f:de:bc:4a:29:c3:d0:a0:3e:81:ac:39:21:
d1:ce:af:cc:17:c3:45:71:02:90:c7:f1:51:07:f7:cd:6c:b8:
dc:5f:71:8c:6f:c7:06:fa:b3:b4:70:ee:ad:13:55:9c:1d:bb:
18:9b:b9:7d:c9:94:9b:a1:cf:96:74:50:8a:8b:e8:e9:8c:6a:
ee:81:bb:2c:7b:3f:8b:d5:8d:a8:38:63:fb:ce:fc:fe:0d:89:
bd:73:f1:23:1a:3e:06:6c:23:cd:fe:82:ca:6e:90:5d:58:f8:
86:42:d2:84:72:46:81:36:c5:a3:8d:12:76:a6:a6:15:b1:2a:
93:97:62:b2:a4:c5:e8:cc:69:80:f4:eb:b7:fc:d4:60:fd:cc:
6d:b1:27:57:c8:3f:2f:32:9e:82:37:74:e4:5a:21:d1:62:07:
af:14:b5:93:4e:0d:dc:88:35:8f:c3:af:db:91:a8:43:80:b9:
5d:0b:ec:2b:55:fe:e3:1f:1b:f4:d8:00:ce:b3:c7:18:ed:9e:
88:36:51:9a:65:4e:ef:3d:77:d7:53:df:e0:42:77:f5:2b:84:
87:f3:39:4f:f0:5b:a4:ce:17:24:6d:19:6f:81:e7:1e:3b:34:
c8:89:64:42:e4:95:0d:11:a9:ae:43:51:8e:db:ca:a6:44:b3:
f3:1e:2a:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZDAVjhFQe9eVHW3rx3cc8ZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzAwNDljYmE3ZjM5YWVlZDMxZDY1MzEzYzdiOTUzZjNm
ZGExMzUwHhcNMjQwNzE3MTA1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EyNzMyMjg1ZWViM2IwMDYzM2Y3OTZmYjVjZmRjNTA3ZjJkYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RDuiKlBYqF36Kpv+6OkUo1BaJPN
Yh4c/VvlzZp02cdbhuvCApeUT9lJwJc3ZTYVg4XHbpIsM+i7Mx1uFkGrDXA+bL4W
YOUL2P3K9nXeWThMWosOU6LJAgqVPsmtLk3YsyYoTJmbW0Id/1ZbMGGAyA7NW+1L
XvBwDG3pS0ydXIboKGxNJaGqwAz2rdsUOfMEumIH8ACMz6NtTZUa01fpepvgJrv2
t5clqJblZ1vjYdEn07Wbii6B5GteJFTqhJLXoLoVqzdx9UkW3TE5TDpCd/dK5PSs
EuOFapXe6jHG7dian1SB8KlesVwxdcu4pOScy10ctSVM5nz4uPy6CiA3rQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFyicyKF7rOwBjP3lvtc/cUH8tqkMB8GA1UdIwQY
MBaAFPlwBJy6fzmu7THWUxPHuVPz/aE1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YQUVuTHBfT2E3dE1kWlRFOGU1VV9QOW9UVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1
LTUyMWZhNDFkZmM5Ni8xL1hLSnpJb1h1czdBR01fZVctMXo5eFFmeTJxUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMTNmNWYxLTQ1YjYtNGJjMS1iNWE1LTUyMWZhNDFkZmM5
Ni8xLzEtWEFFbkxwX09hN3RNZFpURThlNVVfUDlvVFUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLAYIKwYBBQUHAQcBAf8EHTAbMBkEAgABMBMwCwMDAQJu
AwQCAm4QAwQBuZ6iMA0GCSqGSIb3DQEBCwUAA4IBAQBW/cgy0o/evEopw9CgPoGs
OSHRzq/MF8NFcQKQx/FRB/fNbLjcX3GMb8cG+rO0cO6tE1WcHbsYm7l9yZSboc+W
dFCKi+jpjGrugbssez+L1Y2oOGP7zvz+DYm9c/EjGj4GbCPN/oLKbpBdWPiGQtKE
ckaBNsWjjRJ2pqYVsSqTl2KypMXozGmA9Ou3/NRg/cxtsSdXyD8vMp6CN3TkWiHR
YgevFLWTTg3ciDWPw6/bkahDgLldC+wrVf7jHxv02ADOs8cY7Z6INlGaZU7vPXfX
U9/gQnf1K4SH8zlP8FukzhckbRlvgeceOzTIiWRC5JUNEamuQ1GO28qmRLPzHip3
-----END CERTIFICATE-----
Generated at Thu Aug 29 08:34:02 2024 by rpki-client on console-ams.rpki-client.org