Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/xCjk6WCqch9r7kAlnsJu_xaKm3g.roa
File: xCjk6WCqch9r7kAlnsJu_xaKm3g.roa (raw, json)
Hash identifier: uLv/oIgwpxO5nqOeMQiasPta+avSgxvOtsWfx+OrQvk=
Subject key identifier: C4:28:E4:E9:60:AA:72:1F:6B:EE:40:25:9E:C2:6E:FF:16:8A:9B:78
Certificate issuer: /CN=05899f3976487038a3fa6343952b14b4d072b33d
Certificate serial: 018C295C433AC006C39F6C5CDCBCA997F393
Authority key identifier: 05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/xCjk6WCqch9r7kAlnsJu_xaKm3g.roa
Signing time: Sat 02 Dec 2023 07:09:21 +0000
ROA not before: Sat 02 Dec 2023 07:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44090
IP address blocks: 185.179.168.0/22 maxlen: 22
109.70.237.0/24 maxlen: 24
2a0a:74c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:29:5c:43:3a:c0:06:c3:9f:6c:5c:dc:bc:a9:97:f3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05899f3976487038a3fa6343952b14b4d072b33d
Validity
Not Before: Dec 2 07:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c428e4e960aa721f6bee40259ec26eff168a9b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:ad:b7:72:15:3b:ab:42:de:25:57:a9:6b:
17:4e:c0:4f:53:9f:ae:7a:cd:bf:4b:4a:19:9f:de:
7e:9b:95:32:2c:15:07:38:b0:5a:24:0d:4c:e2:31:
b9:08:3f:6b:b0:48:0f:4f:4d:93:4f:5b:2f:fa:aa:
2a:60:27:4d:b5:f2:90:7d:fd:10:73:83:81:cf:38:
17:65:4c:4e:4e:50:76:13:f1:f4:43:1d:22:ff:35:
13:69:43:28:1c:c3:df:f3:85:5e:3b:18:b1:26:54:
32:08:a1:08:3c:1b:e6:c5:65:86:15:fc:b5:5b:59:
98:8e:3b:a1:ec:ac:3c:04:be:45:23:be:e8:9a:b3:
81:17:f6:92:05:89:46:05:a6:59:46:3b:29:7d:87:
dc:b0:04:69:94:c8:98:08:41:81:21:8e:28:f7:b2:
f2:25:a6:87:dc:49:ad:85:5d:5a:4d:88:89:90:fb:
37:66:3b:26:a6:0a:76:1c:b1:1e:dd:56:cd:14:a9:
b8:a6:2c:4f:db:df:67:24:e7:dd:60:10:db:02:7a:
33:84:ff:1b:31:81:43:83:91:da:3b:52:58:b3:89:
2c:82:ef:c5:6a:92:71:f0:33:93:a3:e8:70:a8:31:
4b:02:3f:2f:0c:80:60:ff:c7:24:60:c8:64:e7:5d:
53:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:28:E4:E9:60:AA:72:1F:6B:EE:40:25:9E:C2:6E:FF:16:8A:9B:78
X509v3 Authority Key Identifier:
keyid:05:89:9F:39:76:48:70:38:A3:FA:63:43:95:2B:14:B4:D0:72:B3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYmfOXZIcDij-mNDlSsUtNBysz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/xCjk6WCqch9r7kAlnsJu_xaKm3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/1fce93-02ea-4f99-99c2-08c2123580ed/1/BYmfOXZIcDij-mNDlSsUtNBysz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.70.237.0/24
185.179.168.0/22
IPv6:
2a0a:74c0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:c1:f7:9c:dd:9a:b7:86:d4:35:e1:9f:ce:4e:e5:4c:f3:6f:
f4:27:8a:21:58:1f:bd:c2:f8:af:b4:a8:bf:14:76:82:2e:06:
0b:d0:6a:38:fd:65:7a:61:6a:7c:2a:ab:02:b6:35:7c:87:77:
bd:11:d9:6a:71:7d:2c:b8:d6:d4:c5:1b:90:c4:36:ab:93:31:
7e:a0:12:05:8a:bb:d3:9a:0b:16:a8:e3:b1:4a:64:94:67:a0:
cb:a3:29:dc:47:44:f8:68:84:60:e6:5c:06:cf:ab:67:8a:d5:
fa:31:0a:93:47:f0:82:5b:7c:e2:4f:ba:c0:23:1d:96:b8:96:
3c:6e:28:7d:3e:88:d9:3b:93:2e:76:4f:f4:30:de:d6:61:a4:
c0:34:69:41:0a:a7:28:20:26:7f:2a:cb:9a:fb:32:bb:d1:17:
49:0d:37:50:d6:f3:8d:46:83:d3:39:1d:24:e7:ee:03:79:c2:
67:5e:c7:0d:81:fe:bd:e5:41:2f:3d:4b:ab:ae:97:ac:93:f9:
01:65:df:b7:e2:39:f5:1d:12:20:71:36:b0:aa:59:a3:f2:15:
da:f8:08:8d:bf:d3:a1:75:b4:99:b1:23:6a:fb:17:bb:01:fc:
38:dd:d1:14:b7:fc:a0:82:83:0d:0f:90:fe:50:1e:84:90:cf:
03:ad:ca:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwpXEM6wAbDn2xc3Lypl/OTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODk5ZjM5NzY0ODcwMzhhM2ZhNjM0Mzk1MmIxNGI0ZDA3
MmIzM2QwHhcNMjMxMjAyMDcwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI4ZTRlOTYwYWE3MjFmNmJlZTQwMjU5ZWMyNmVmZjE2OGE5Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskqtt3IVO6tC3iVXqWsXTsBPU5+u
es2/S0oZn95+m5UyLBUHOLBaJA1M4jG5CD9rsEgPT02TT1sv+qoqYCdNtfKQff0Q
c4OBzzgXZUxOTlB2E/H0Qx0i/zUTaUMoHMPf84VeOxixJlQyCKEIPBvmxWWGFfy1
W1mYjjuh7Kw8BL5FI77omrOBF/aSBYlGBaZZRjspfYfcsARplMiYCEGBIY4o97Ly
JaaH3EmthV1aTYiJkPs3Zjsmpgp2HLEe3VbNFKm4pixP299nJOfdYBDbAnozhP8b
MYFDg5HaO1JYs4ksgu/FapJx8DOTo+hwqDFLAj8vDIBg/8ckYMhk511TzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMQo5OlgqnIfa+5AJZ7Cbv8Wipt4MB8GA1UdIwQY
MBaAFAWJnzl2SHA4o/pjQ5UrFLTQcrM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzIt
MDhjMjEyMzU4MGVkLzEveENqazZXQ3FjaDlyN2tBbG5zSnVfeGFLbTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xZmNlOTMtMDJlYS00Zjk5LTk5YzItMDhjMjEyMzU4MGVk
LzEvQlltZk9YWkljRGlqLW1ORGxTc1V0TkJ5c3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAbUbtAwQC
ubOoMA0EAgACMAcDBQAqCnTAMA0GCSqGSIb3DQEBCwUAA4IBAQAKwfec3Zq3htQ1
4Z/OTuVM82/0J4ohWB+9wvivtKi/FHaCLgYL0Go4/WV6YWp8KqsCtjV8h3e9Edlq
cX0suNbUxRuQxDarkzF+oBIFirvTmgsWqOOxSmSUZ6DLoyncR0T4aIRg5lwGz6tn
itX6MQqTR/CCW3ziT7rAIx2WuJY8bih9PojZO5Mudk/0MN7WYaTANGlBCqcoICZ/
Ksua+zK70RdJDTdQ1vONRoPTOR0k5+4DecJnXscNgf695UEvPUurrpesk/kBZd+3
4jn1HRIgcTawqlmj8hXa+AiNv9OhdbSZsSNq+xe7Afw43dEUt/yggoMND5D+UB6E
kM8Drcrc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org