Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/XIYkovmafhAZSQRmEVURrTYQ1XI.roa
File: XIYkovmafhAZSQRmEVURrTYQ1XI.roa (raw, json)
Hash identifier: QGsgAPpuEgkWIoEKMpTRyiBDNRdCQErrWszwRFnxyqA=
Subject key identifier: 5C:86:24:A2:F9:9A:7E:10:19:49:04:66:11:55:11:AD:36:10:D5:72
Certificate issuer: /CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Certificate serial: 018CC500C367101B3674CDD1B58C6D08DC2D
Authority key identifier: BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/XIYkovmafhAZSQRmEVURrTYQ1XI.roa
Signing time: Mon 01 Jan 2024 12:30:10 +0000
ROA not before: Mon 01 Jan 2024 12:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60064
IP address blocks: 185.63.253.0/24 maxlen: 24
185.63.252.0/24 maxlen: 24
185.63.255.0/24 maxlen: 24
185.63.254.0/24 maxlen: 24
91.239.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 18:40:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c3:67:10:1b:36:74:cd:d1:b5:8c:6d:08:dc:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Validity
Not Before: Jan 1 12:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c8624a2f99a7e1019490466115511ad3610d572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:6e:56:71:ba:e4:92:50:f4:08:e8:77:de:
05:e9:c5:7f:6b:5f:58:c1:f0:9c:fc:db:aa:11:29:
6a:c4:79:1d:c3:bd:f5:a5:ae:c6:18:c1:22:6b:3f:
71:0c:4a:56:2c:8d:07:5b:ff:c0:73:22:15:db:75:
a4:dc:46:ba:17:37:b7:f1:5e:a6:e8:13:71:49:a0:
1b:46:d1:59:cc:00:fb:5f:fc:41:0c:f2:29:8c:1e:
dc:0c:60:31:3d:a0:c3:9f:ca:54:45:91:f5:bd:2c:
97:05:60:c6:d1:02:93:a4:22:bf:97:20:d7:6d:db:
28:5e:18:1d:65:e5:b6:2c:98:04:1b:a1:b9:b6:c5:
69:a6:0f:01:ff:9c:a8:c3:4e:d2:61:27:6f:49:98:
ae:33:11:58:38:61:36:05:07:64:c8:82:a7:22:b9:
3e:1a:08:d9:3e:66:f3:72:c0:2e:34:77:03:d9:02:
c8:1b:1a:38:1d:50:a0:de:a9:d5:ac:ff:a5:bc:84:
3b:e2:09:02:6c:81:fc:19:93:1b:a0:fc:d6:f4:c7:
1e:a4:aa:97:e5:7f:f0:b4:49:d7:46:3f:19:a4:27:
3d:35:52:bb:92:ed:84:e4:a9:4f:48:61:61:b8:35:
bb:da:67:e2:c0:41:29:79:13:e4:29:d4:37:54:8e:
b2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:86:24:A2:F9:9A:7E:10:19:49:04:66:11:55:11:AD:36:10:D5:72
X509v3 Authority Key Identifier:
keyid:BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/XIYkovmafhAZSQRmEVURrTYQ1XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.55.0/24
185.63.252.0/22
Signature Algorithm: sha256WithRSAEncryption
97:f2:b0:60:1a:a6:60:28:2a:df:c7:bc:cc:52:13:ef:71:ba:
b8:5a:24:2f:a0:a1:16:be:26:56:f6:ed:f7:60:7e:1d:14:a2:
37:35:3e:6a:5b:0c:91:78:1c:c0:09:c7:b5:ce:c8:e0:07:41:
95:56:98:d1:a8:03:49:8e:bc:62:ed:c8:5e:3a:1c:26:e9:26:
94:90:75:c2:7b:59:ec:73:e6:25:35:59:41:4d:95:11:66:06:
cf:6e:70:04:4a:5f:20:7c:41:b5:9a:a6:a8:c7:f9:55:ed:19:
67:3a:dd:d2:8b:b7:eb:bb:0e:0a:c6:01:f1:14:5c:51:46:c0:
3e:3c:c1:8e:a0:46:5f:49:94:59:aa:be:06:87:4a:2f:b5:fe:
9c:65:4c:30:2f:fe:95:a3:1a:8b:a5:ba:d0:42:76:c9:6a:ee:
8e:f6:67:80:73:29:15:30:e2:67:10:94:73:e8:a1:a0:86:ca:
59:30:95:76:88:c8:30:24:9f:00:31:38:0c:8f:2a:92:ae:94:
d8:d0:e7:d8:60:f3:5d:0e:c6:de:4c:08:d1:ea:ed:22:19:d4:
f7:eb:31:a8:2c:28:e0:ae:9f:73:58:e9:42:67:2f:1f:dc:67:
c3:f7:1e:86:a3:8c:40:8b:6e:0a:a7:4c:51:44:71:6e:ef:5c:
0d:31:7a:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAMNnEBs2dM3RtYxtCNwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTVmMGU3NjU0NzU3NTk1N2JjOTJjNmRkZGQwODRkM2Vh
N2Y4NjMwHhcNMjQwMTAxMTIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg2MjRhMmY5OWE3ZTEwMTk0OTA0NjYxMTU1MTFhZDM2MTBkNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoFuVnG65JJQ9Ajod94F6cV/a19Y
wfCc/NuqESlqxHkdw731pa7GGMEiaz9xDEpWLI0HW//AcyIV23Wk3Ea6Fze38V6m
6BNxSaAbRtFZzAD7X/xBDPIpjB7cDGAxPaDDn8pURZH1vSyXBWDG0QKTpCK/lyDX
bdsoXhgdZeW2LJgEG6G5tsVppg8B/5yow07SYSdvSZiuMxFYOGE2BQdkyIKnIrk+
GgjZPmbzcsAuNHcD2QLIGxo4HVCg3qnVrP+lvIQ74gkCbIH8GZMboPzW9McepKqX
5X/wtEnXRj8ZpCc9NVK7ku2E5KlPSGFhuDW72mfiwEEpeRPkKdQ3VI6yLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFyGJKL5mn4QGUkEZhFVEa02ENVyMB8GA1UdIwQY
MBaAFL+l8OdlR1dZV7ySxt3dCE0+p/hjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYt
MDFkMTlhNzRiZTIzLzEvWElZa292bWFmaEFaU1FSbUVWVVJyVFlRMVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYtMDFkMTlhNzRiZTIz
LzEvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+83AwQC
uT/8MA0GCSqGSIb3DQEBCwUAA4IBAQCX8rBgGqZgKCrfx7zMUhPvcbq4WiQvoKEW
viZW9u33YH4dFKI3NT5qWwyReBzACce1zsjgB0GVVpjRqANJjrxi7cheOhwm6SaU
kHXCe1nsc+YlNVlBTZURZgbPbnAESl8gfEG1mqaox/lV7RlnOt3Si7fruw4KxgHx
FFxRRsA+PMGOoEZfSZRZqr4Gh0ovtf6cZUwwL/6VoxqLpbrQQnbJau6O9meAcykV
MOJnEJRz6KGghspZMJV2iMgwJJ8AMTgMjyqSrpTY0OfYYPNdDsbeTAjR6u0iGdT3
6zGoLCjgrp9zWOlCZy8f3GfD9x6Go4xAi24Kp0xRRHFu71wNMXoJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:22 2024 by rpki-client on console-fra.rpki-client.org