Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/xnP9Rq0X-3T2cgQ9MmTAGU8fF-A.roa
File: xnP9Rq0X-3T2cgQ9MmTAGU8fF-A.roa (raw, json)
Hash identifier: Vin9Ng6kt+px7jZrEe7LrTuLef117RSZO+t7VL3T7wo=
Subject key identifier: C6:73:FD:46:AD:17:FB:74:F6:72:04:3D:32:64:C0:19:4F:1F:17:E0
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 0188BFC90D69DA7C74DFE88BDB2A910F9867
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/xnP9Rq0X-3T2cgQ9MmTAGU8fF-A.roa
Signing time: Thu 15 Jun 2023 16:00:04 +0000
ROA not before: Thu 15 Jun 2023 16:00:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.95.201.0/24 maxlen: 24
37.19.68.0/22 maxlen: 22
5.249.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 07:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:c9:0d:69:da:7c:74:df:e8:8b:db:2a:91:0f:98:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jun 15 16:00:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c673fd46ad17fb74f672043d3264c0194f1f17e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:4e:82:3c:95:f6:95:90:ce:1f:ab:ca:cd:
b7:5f:ff:1d:bf:20:23:c3:ce:91:8b:a6:a2:71:10:
20:6b:4a:c7:1a:99:c9:da:62:ad:c1:dd:87:6d:88:
24:09:b5:55:30:50:7e:1c:1f:8c:71:ec:89:07:d5:
06:81:c9:be:40:b2:29:57:91:20:8d:c1:00:27:22:
25:d6:78:3e:27:0a:b5:fc:0b:47:0b:87:af:d5:e0:
02:2c:4b:82:03:7f:7d:e8:07:89:bd:79:0e:79:bb:
2a:ea:12:b6:17:ab:42:13:fd:4c:ac:84:47:87:ac:
28:32:f7:3b:83:ea:60:a1:70:5b:1e:61:af:83:63:
bd:19:d9:13:fb:e2:ea:bf:a4:b7:2b:33:39:e1:c3:
27:bc:3f:6e:a1:b5:f4:ba:5d:58:5e:9e:e3:68:6b:
47:0f:2a:e6:62:94:88:97:18:18:f6:16:17:db:56:
2b:cd:e7:8c:e8:7f:7b:6d:89:ef:2e:d8:89:b4:20:
d7:2c:ee:69:06:4d:ad:a1:8f:c8:6e:0d:ae:fb:5c:
84:ed:4e:80:e9:fa:31:e8:d2:e1:fd:bb:78:17:f6:
ca:9b:2b:8e:49:65:cd:1f:2b:ec:a9:b9:97:98:8a:
ba:a8:95:b0:25:64:1f:69:6f:56:94:a2:1f:99:6a:
0e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:73:FD:46:AD:17:FB:74:F6:72:04:3D:32:64:C0:19:4F:1F:17:E0
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/xnP9Rq0X-3T2cgQ9MmTAGU8fF-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.184.0/22
37.19.68.0/22
195.95.201.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:3b:4f:9f:29:1a:15:b6:89:54:35:b5:e4:e5:4c:60:df:ed:
ba:c4:a9:6a:bd:83:1d:40:10:61:59:85:93:7f:49:73:39:c6:
0f:57:8f:e4:4a:b4:05:79:97:cc:0f:eb:d7:a8:02:25:35:06:
6d:09:64:c9:54:c2:b5:7f:c8:1a:4c:07:d4:22:17:53:03:a6:
50:84:f6:f0:77:ec:1d:30:67:54:10:8e:5c:e6:46:2b:46:1c:
dd:08:dc:31:72:b8:9c:14:c6:e9:6d:5a:12:dd:b3:63:3c:74:
6a:2d:62:a9:20:3f:57:20:c9:5a:79:37:cf:f9:a1:26:e4:80:
95:35:d5:29:fb:ae:88:4b:b1:6e:7f:58:f1:08:94:ca:bd:36:
24:16:8f:88:17:67:5b:bc:b2:e0:95:92:6f:ff:a6:d0:f9:3f:
d9:80:ff:4f:1b:ba:c0:09:7e:73:5e:7d:26:c0:26:37:ce:e6:
9a:e0:9f:0b:c8:d7:ab:32:ec:89:a7:a6:a6:4f:e0:c8:4e:8d:
ed:18:c7:b2:b6:2e:d0:92:4b:23:98:fd:a3:11:e9:4c:7d:27:
1c:dc:e5:35:b4:57:7c:36:e1:8c:df:5a:1a:90:4e:42:b1:6c:
70:62:00:93:88:92:2c:bd:3a:25:19:5d:b9:18:10:56:35:ca:
5c:a2:ea:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi/yQ1p2nx03+iL2yqRD5hnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwNjE1MTYwMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjczZmQ0NmFkMTdmYjc0ZjY3MjA0M2QzMjY0YzAxOTRmMWYxN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBtOgjyV9pWQzh+rys23X/8dvyAj
w86Ri6aicRAga0rHGpnJ2mKtwd2HbYgkCbVVMFB+HB+MceyJB9UGgcm+QLIpV5Eg
jcEAJyIl1ng+Jwq1/AtHC4ev1eACLEuCA3996AeJvXkOebsq6hK2F6tCE/1MrIRH
h6woMvc7g+pgoXBbHmGvg2O9GdkT++Lqv6S3KzM54cMnvD9uobX0ul1YXp7jaGtH
DyrmYpSIlxgY9hYX21YrzeeM6H97bYnvLtiJtCDXLO5pBk2toY/Ibg2u+1yE7U6A
6fox6NLh/bt4F/bKmyuOSWXNHyvsqbmXmIq6qJWwJWQfaW9WlKIfmWoOMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMZz/UatF/t09nIEPTJkwBlPHxfgMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEveG5QOVJxMFgtM1QyY2dROU1tVEFHVThmRi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBfm4AwQC
JRNEAwQAw1/JMA0GCSqGSIb3DQEBCwUAA4IBAQCqO0+fKRoVtolUNbXk5Uxg3+26
xKlqvYMdQBBhWYWTf0lzOcYPV4/kSrQFeZfMD+vXqAIlNQZtCWTJVMK1f8gaTAfU
IhdTA6ZQhPbwd+wdMGdUEI5c5kYrRhzdCNwxcricFMbpbVoS3bNjPHRqLWKpID9X
IMlaeTfP+aEm5ICVNdUp+66IS7Fuf1jxCJTKvTYkFo+IF2dbvLLglZJv/6bQ+T/Z
gP9PG7rACX5zXn0mwCY3zuaa4J8LyNerMuyJp6amT+DITo3tGMeyti7QkksjmP2j
EelMfScc3OU1tFd8NuGM31oakE5CsWxwYgCTiJIsvTolGV25GBBWNcpcourF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org