Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/xBZUB5sDY3qVx6wpa1KlSq2YUl8.roa
File: xBZUB5sDY3qVx6wpa1KlSq2YUl8.roa (raw, json)
Hash identifier: q2tjW6vcqqD+AMrC+/vYUNmEIl1MfH2XXKOJ/npdxwo=
Subject key identifier: C4:16:54:07:9B:03:63:7A:95:C7:AC:29:6B:52:A5:4A:AD:98:52:5F
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018593E86F183E920EBF5B3F78780F70739B
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/xBZUB5sDY3qVx6wpa1KlSq2YUl8.roa
Signing time: Mon 09 Jan 2023 00:22:41 +0000
ROA not before: Mon 09 Jan 2023 00:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 37.19.64.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
5.249.176.0/22 maxlen: 24
5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jan 2023 19:39:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:93:e8:6f:18:3e:92:0e:bf:5b:3f:78:78:0f:70:73:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 9 00:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c41654079b03637a95c7ac296b52a54aad98525f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:af:c5:cd:08:11:1c:43:f0:c9:f8:05:95:3c:
bc:fc:ea:01:b7:d3:90:55:0e:11:70:51:c1:87:15:
ac:2c:5f:10:5e:f9:a8:57:4c:c8:c0:49:3c:04:0a:
43:cf:20:e5:2c:3a:86:03:a8:76:c0:9e:71:a6:e8:
8e:fe:66:71:67:d3:e5:32:32:e1:39:de:0f:6d:ba:
16:54:ee:53:15:c7:8c:56:06:14:ad:62:28:ef:1c:
ac:8f:ac:c5:c6:02:f7:07:1e:b5:55:9e:4d:0f:75:
45:df:57:87:af:28:f2:88:ae:b8:f0:80:c2:b6:7a:
55:27:3b:c2:ff:6c:ed:c0:98:c7:4a:89:75:cc:1e:
9c:23:ce:aa:c0:3a:05:2a:3b:3b:6c:2f:92:19:80:
ae:d7:99:e9:e3:9f:c4:38:c0:ef:72:65:91:60:89:
2c:34:e6:8f:1e:58:5e:c6:13:d2:83:87:c3:48:7c:
77:22:b3:1f:28:bc:09:03:07:17:ce:8b:39:d5:d8:
7c:e4:91:c7:68:64:13:d7:91:38:1b:ac:cd:01:5f:
c3:2c:7d:66:ab:ff:02:a2:c7:34:8c:9d:65:17:2f:
d3:5b:92:c8:9f:d6:77:ab:89:e2:94:fd:5f:17:90:
8e:44:8d:35:50:40:e1:3f:76:f4:00:9c:e9:a6:69:
ad:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:16:54:07:9B:03:63:7A:95:C7:AC:29:6B:52:A5:4A:AD:98:52:5F
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/xBZUB5sDY3qVx6wpa1KlSq2YUl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
5.249.184.0/22
37.19.64.0/22
185.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:ff:b9:5e:28:e3:6c:7e:2d:7d:20:ea:c5:f8:89:3c:9c:40:
cb:bc:07:6f:93:9e:a9:9f:b0:d4:17:80:f6:ad:4b:51:96:67:
ca:02:32:d3:58:6f:99:f1:df:b6:bf:a5:f5:a9:e6:90:dc:3e:
74:71:74:dc:2d:00:23:e1:f7:d9:9b:08:46:cb:0a:bc:f7:d9:
5f:67:d0:40:77:e0:50:67:07:fd:e5:2b:4d:11:bf:4f:55:b8:
ab:9a:49:85:2e:83:42:5b:e6:d0:9d:f7:09:18:2a:ef:11:c5:
d1:03:3a:fa:9e:0a:67:20:e4:ea:53:ba:6d:8f:ea:31:33:81:
6b:bc:4b:92:e2:8f:69:c7:b9:47:f4:2d:36:fe:9c:e1:5d:f4:
80:6a:95:72:db:c5:7c:c5:48:8e:ba:83:13:a4:af:f0:bf:c6:
44:07:ab:d8:12:3a:d6:3e:56:d4:d2:50:c3:34:bd:1a:24:ba:
ec:eb:e8:17:7b:47:16:4b:61:a1:83:2e:d5:2a:0b:ff:e0:0f:
1e:d7:9e:63:7a:47:8f:ef:b8:21:5b:89:3b:2c:57:27:56:16:
67:3b:b7:b6:4e:69:a3:d0:90:dc:a9:11:78:62:64:04:f5:22:
91:40:95:5a:8c:be:e4:eb:de:8f:b8:d9:e1:0d:3b:0d:47:ea:
e8:18:fd:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWT6G8YPpIOv1s/eHgPcHObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTA5MDAyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDE2NTQwNzliMDM2MzdhOTVjN2FjMjk2YjUyYTU0YWFkOTg1MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq/FzQgRHEPwyfgFlTy8/OoBt9OQ
VQ4RcFHBhxWsLF8QXvmoV0zIwEk8BApDzyDlLDqGA6h2wJ5xpuiO/mZxZ9PlMjLh
Od4PbboWVO5TFceMVgYUrWIo7xysj6zFxgL3Bx61VZ5ND3VF31eHryjyiK648IDC
tnpVJzvC/2ztwJjHSol1zB6cI86qwDoFKjs7bC+SGYCu15np45/EOMDvcmWRYIks
NOaPHlhexhPSg4fDSHx3IrMfKLwJAwcXzos51dh85JHHaGQT15E4G6zNAV/DLH1m
q/8Cosc0jJ1lFy/TW5LIn9Z3q4nilP1fF5CORI01UEDhP3b0AJzppmmtjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMQWVAebA2N6lcesKWtSpUqtmFJfMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEveEJaVUI1c0RZM3FWeDZ3cGExS2xTcTJZVWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfmwAwQC
Bfm4AwQCJRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQAu/7leKONsfi19IOrF
+Ik8nEDLvAdvk56pn7DUF4D2rUtRlmfKAjLTWG+Z8d+2v6X1qeaQ3D50cXTcLQAj
4ffZmwhGywq899lfZ9BAd+BQZwf95StNEb9PVbirmkmFLoNCW+bQnfcJGCrvEcXR
Azr6ngpnIOTqU7ptj+oxM4FrvEuS4o9px7lH9C02/pzhXfSAapVy28V8xUiOuoMT
pK/wv8ZEB6vYEjrWPlbU0lDDNL0aJLrs6+gXe0cWS2Ghgy7VKgv/4A8e155jekeP
77ghW4k7LFcnVhZnO7e2Tmmj0JDcqRF4YmQE9SKRQJVajL7k696PuNnhDTsNR+ro
GP0b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org