Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xEQFXGwrig8bfTJvwJmwWic6lqE.roa
File: xEQFXGwrig8bfTJvwJmwWic6lqE.roa (raw, json)
Hash identifier: vow2Kg8qjYUnz+HBrF3++x5RaZzbTaPcZO2HT2bi+jc=
Subject key identifier: C4:44:05:5C:6C:2B:8A:0F:1B:7D:32:6F:C0:99:B0:5A:27:3A:96:A1
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018A44E702E50B7271AFEBD4BECFDCE69BB2
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xEQFXGwrig8bfTJvwJmwWic6lqE.roa
Signing time: Wed 30 Aug 2023 05:25:04 +0000
ROA not before: Wed 30 Aug 2023 05:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12793
IP address blocks: 212.88.160.0/19 maxlen: 19
213.147.160.0/19 maxlen: 19
217.149.160.0/20 maxlen: 20
213.225.0.0/18 maxlen: 18
Validation: Failed, certificate revoked on Wed 06 Sep 2023 05:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:44:e7:02:e5:0b:72:71:af:eb:d4:be:cf:dc:e6:9b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Aug 30 05:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c444055c6c2b8a0f1b7d326fc099b05a273a96a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c0:8a:cc:e4:b4:ac:24:e5:f3:7a:26:73:de:
6b:e5:76:3b:bd:5d:03:1a:4a:4e:9f:2f:17:a8:85:
da:fc:5f:23:56:2b:14:f0:f5:89:35:f0:af:e9:4f:
73:5e:fb:a9:5b:4d:23:97:47:66:d2:34:e4:2a:8c:
47:de:28:94:a8:2a:a7:c2:ca:55:68:1c:e6:38:25:
3e:9f:ef:ce:b8:62:1c:76:78:cb:87:51:dc:56:ed:
29:e9:32:ee:bd:ae:d4:ef:78:c7:1b:0b:db:ca:b3:
5b:05:19:96:1c:d8:44:57:d8:88:36:74:a0:8a:c9:
8b:45:10:d8:aa:af:71:81:65:68:93:12:44:93:a4:
b7:95:99:e3:3f:cb:cc:2b:33:a1:53:63:6a:41:c2:
a6:28:ec:d1:c0:71:90:ee:25:f5:67:69:fe:f6:3a:
9d:de:f4:25:f5:c1:2c:76:c8:6a:38:07:b0:68:4a:
55:2c:f2:5b:08:d1:af:df:ce:1d:de:67:9f:c2:47:
c6:89:29:1a:7d:d4:55:8a:a6:3c:ce:41:23:05:68:
f7:0b:1d:49:a1:be:64:71:12:34:82:8b:82:6f:a4:
5f:4d:f6:61:5e:39:ab:0f:8d:e5:df:f1:82:11:22:
7a:8f:c2:78:f2:be:b1:4f:16:d2:10:1d:9e:16:63:
53:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:44:05:5C:6C:2B:8A:0F:1B:7D:32:6F:C0:99:B0:5A:27:3A:96:A1
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/xEQFXGwrig8bfTJvwJmwWic6lqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.88.160.0/19
213.147.160.0/19
213.225.0.0/18
217.149.160.0/20
Signature Algorithm: sha256WithRSAEncryption
d4:fa:2a:11:63:ba:7b:7c:65:0c:93:0e:d7:35:ed:cd:38:87:
cc:6d:fb:a8:91:af:34:21:9d:9f:0e:d5:ab:a0:d0:d0:74:d8:
60:78:4d:a1:bd:2c:86:60:5a:ee:cc:00:76:99:a2:07:1a:02:
02:a5:e0:48:75:c9:b1:3b:5c:6c:7d:01:9b:f8:dd:4e:b4:93:
59:a3:7c:01:49:9d:6b:ca:81:bf:42:21:e8:af:81:ad:cf:8a:
a1:27:a6:38:2e:36:81:a6:de:6e:75:00:b4:15:bf:05:20:a5:
74:9c:d8:07:a1:d4:f6:80:04:83:fe:13:81:9d:c3:3b:31:1b:
2a:66:f4:f5:bf:66:d2:9f:db:65:97:bb:5a:ce:83:fb:c4:7e:
12:c1:bf:6a:89:93:42:e1:e9:0d:40:6b:56:ff:f2:91:b1:0f:
2d:d0:bc:ef:08:fa:3d:c7:24:78:79:a7:3f:82:a3:0b:0d:3a:
71:2e:6c:06:34:2c:30:d6:f8:85:a1:dd:4a:47:c3:c0:0e:1c:
36:9e:fb:ca:a8:e5:c1:fb:18:2f:2b:5a:b7:8b:bd:da:c6:63:
17:ec:4b:d5:e9:a8:d6:36:d9:df:21:67:de:b7:a3:8a:3c:63:
8d:ba:38:48:a9:39:46:c0:e3:74:b8:4b:e3:49:6f:2b:69:f1:
c4:c6:50:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpE5wLlC3Jxr+vUvs/c5puyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwODMwMDUyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ0MDU1YzZjMmI4YTBmMWI3ZDMyNmZjMDk5YjA1YTI3M2E5NmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcCKzOS0rCTl83omc95r5XY7vV0D
GkpOny8XqIXa/F8jVisU8PWJNfCv6U9zXvupW00jl0dm0jTkKoxH3iiUqCqnwspV
aBzmOCU+n+/OuGIcdnjLh1HcVu0p6TLuva7U73jHGwvbyrNbBRmWHNhEV9iINnSg
ismLRRDYqq9xgWVokxJEk6S3lZnjP8vMKzOhU2NqQcKmKOzRwHGQ7iX1Z2n+9jqd
3vQl9cEsdshqOAewaEpVLPJbCNGv384d3mefwkfGiSkafdRViqY8zkEjBWj3Cx1J
ob5kcRI0gouCb6RfTfZhXjmrD43l3/GCESJ6j8J48r6xTxbSEB2eFmNTxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMREBVxsK4oPG30yb8CZsFonOpahMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEveEVRRlhHd3JpZzhiZlRKdndKbXdXaWM2bHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQF1FigAwQF
1ZOgAwQG1eEAAwQE2ZWgMA0GCSqGSIb3DQEBCwUAA4IBAQDU+ioRY7p7fGUMkw7X
Ne3NOIfMbfuoka80IZ2fDtWroNDQdNhgeE2hvSyGYFruzAB2maIHGgICpeBIdcmx
O1xsfQGb+N1OtJNZo3wBSZ1ryoG/QiHor4Gtz4qhJ6Y4LjaBpt5udQC0Fb8FIKV0
nNgHodT2gASD/hOBncM7MRsqZvT1v2bSn9tll7tazoP7xH4Swb9qiZNC4ekNQGtW
//KRsQ8t0LzvCPo9xyR4eac/gqMLDTpxLmwGNCww1viFod1KR8PADhw2nvvKqOXB
+xgvK1q3i73axmMX7EvV6ajWNtnfIWfet6OKPGONujhIqTlGwON0uEvjSW8rafHE
xlDF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org