Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/xwEJOqAVBvWxyzEoch3UyzeujTg.roa
File: xwEJOqAVBvWxyzEoch3UyzeujTg.roa (raw, json)
Hash identifier: oLAATCdChA0hzvVhBvJOiObrw9QvEP3FwSy/LCx8W/Q=
Subject key identifier: C7:01:09:3A:A0:15:06:F5:B1:CB:31:28:72:1D:D4:CB:37:AE:8D:38
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018848A0E91A56C848B4FA812A60AAA10F57
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/xwEJOqAVBvWxyzEoch3UyzeujTg.roa
Signing time: Tue 23 May 2023 12:41:24 +0000
ROA not before: Tue 23 May 2023 12:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202613
IP address blocks: 176.107.152.0/21 maxlen: 24
195.231.96.0/19 maxlen: 24
80.73.232.0/21 maxlen: 24
209.227.192.0/20 maxlen: 24
185.58.120.0/22 maxlen: 24
95.110.180.0/22 maxlen: 24
195.231.40.0/21 maxlen: 24
82.192.128.0/19 maxlen: 24
217.198.128.0/20 maxlen: 24
2a00:6d43::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:a0:e9:1a:56:c8:48:b4:fa:81:2a:60:aa:a1:0f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: May 23 12:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c701093aa01506f5b1cb3128721dd4cb37ae8d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:74:c1:aa:33:00:bf:70:55:ba:ff:ad:1c:8c:
63:a9:68:03:1c:8e:f4:1b:54:9b:58:f6:19:6e:a1:
4a:dc:94:06:86:f6:01:ef:ba:4a:0c:c9:80:b2:48:
b9:27:43:9c:f9:ce:c1:6f:52:80:35:73:43:c8:76:
ee:69:4f:68:78:9c:42:ff:36:dd:5f:02:17:53:74:
d0:f4:a2:de:8f:3f:9d:b3:e6:e6:d4:08:65:87:41:
6c:af:a2:a0:71:0b:a3:8c:f3:0b:e5:92:df:95:88:
58:08:34:87:bd:dd:bd:4a:f8:c7:1e:43:11:7f:fc:
fe:3b:d6:29:ec:06:9d:9a:0c:fe:9f:89:a5:fa:62:
05:ea:53:da:95:9e:81:1f:52:76:1e:6b:9f:8b:fc:
0e:81:7b:66:98:74:ab:e6:c5:29:56:d1:14:61:23:
db:b0:09:9d:65:77:75:29:b7:6c:fd:d8:b8:b1:53:
ff:03:90:ff:45:46:59:a3:06:3f:83:29:62:ca:30:
40:4a:d4:fe:34:13:6f:a5:ea:bf:c4:25:08:44:15:
b8:61:89:84:54:e0:2c:8f:bb:d9:b6:5d:39:52:54:
0c:0b:95:fd:78:f1:a7:bb:5e:19:bc:4e:26:27:e5:
ca:f6:f3:3b:c2:07:55:07:b0:c8:31:49:f0:12:b9:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:01:09:3A:A0:15:06:F5:B1:CB:31:28:72:1D:D4:CB:37:AE:8D:38
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/xwEJOqAVBvWxyzEoch3UyzeujTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.232.0/21
82.192.128.0/19
95.110.180.0/22
176.107.152.0/21
185.58.120.0/22
195.231.40.0/21
195.231.96.0/19
209.227.192.0/20
217.198.128.0/20
IPv6:
2a00:6d43::/32
Signature Algorithm: sha256WithRSAEncryption
67:0c:c5:d6:58:8c:b2:ac:ca:69:71:cd:e6:00:d6:ce:d1:2a:
2c:29:26:bc:75:6b:8a:a2:9f:26:d9:e6:2f:d2:91:24:0a:6b:
58:71:d8:be:0c:b3:c9:9c:4f:5b:6a:a4:d1:9b:cf:ad:6d:d0:
a7:53:5e:3e:40:1f:19:c6:8d:82:66:a3:2b:9b:31:c4:0a:24:
4c:b9:47:7b:f1:6f:b5:fc:ac:b3:ac:72:8a:64:ba:20:f3:5e:
23:9d:cb:e4:64:9c:17:e5:f1:49:86:f2:45:8f:60:34:0e:a6:
f2:dc:0f:d4:ef:ba:c2:21:50:eb:21:54:5f:6e:cd:d5:f9:03:
92:e6:dd:c3:3e:05:29:37:cf:6a:22:ff:b8:b1:b3:06:24:0c:
26:e5:5f:25:dd:88:26:4c:06:a3:86:1e:31:35:17:09:a8:ee:
ae:50:04:50:11:5d:bd:54:80:a5:5d:90:0e:0d:f2:c3:fb:49:
14:be:32:bc:2f:1f:36:35:f2:c6:cd:56:0e:a5:2b:7a:0a:8d:
d7:84:65:0a:20:11:5f:2d:5e:c9:38:24:5f:43:02:06:dc:fe:
e9:aa:f4:ff:04:48:05:8d:36:ec:bf:f6:d8:7a:84:1d:1b:40:
65:8d:22:ed:9f:d9:b0:9f:18:d3:6f:1d:a7:fd:5e:e9:74:cc:
58:d4:26:cf
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYhIoOkaVshItPqBKmCqoQ9XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwNTIzMTI0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzAxMDkzYWEwMTUwNmY1YjFjYjMxMjg3MjFkZDRjYjM3YWU4ZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHTBqjMAv3BVuv+tHIxjqWgDHI70
G1SbWPYZbqFK3JQGhvYB77pKDMmAski5J0Oc+c7Bb1KANXNDyHbuaU9oeJxC/zbd
XwIXU3TQ9KLejz+ds+bm1Ahlh0Fsr6KgcQujjPML5ZLflYhYCDSHvd29SvjHHkMR
f/z+O9Yp7Aadmgz+n4ml+mIF6lPalZ6BH1J2Hmufi/wOgXtmmHSr5sUpVtEUYSPb
sAmdZXd1Kbds/di4sVP/A5D/RUZZowY/gyliyjBAStT+NBNvpeq/xCUIRBW4YYmE
VOAsj7vZtl05UlQMC5X9ePGnu14ZvE4mJ+XK9vM7wgdVB7DIMUnwErn8kwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMcBCTqgFQb1scsxKHId1Ms3ro04MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEveHdFSk9xQVZCdld4eXpFb2NoM1V5emV1alRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDUEnoAwQF
UsCAAwQCX260AwQDsGuYAwQCuTp4AwQDw+coAwQFw+dgAwQE0ePAAwQE2caAMA0E
AgACMAcDBQAqAG1DMA0GCSqGSIb3DQEBCwUAA4IBAQBnDMXWWIyyrMppcc3mANbO
0SosKSa8dWuKop8m2eYv0pEkCmtYcdi+DLPJnE9baqTRm8+tbdCnU14+QB8Zxo2C
ZqMrmzHECiRMuUd78W+1/KyzrHKKZLog814jncvkZJwX5fFJhvJFj2A0Dqby3A/U
77rCIVDrIVRfbs3V+QOS5t3DPgUpN89qIv+4sbMGJAwm5V8l3YgmTAajhh4xNRcJ
qO6uUARQEV29VIClXZAODfLD+0kUvjK8Lx82NfLGzVYOpSt6Co3XhGUKIBFfLV7J
OCRfQwIG3P7pqvT/BEgFjTbsv/bYeoQdG0BljSLtn9mwnxjTbx2n/V7pdMxY1CbP
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:16 2024 by rpki-client on console-ams.rpki-client.org