Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/xU0PpJ4ldtw2Ka0s4sDniZ6siNU.roa
File: xU0PpJ4ldtw2Ka0s4sDniZ6siNU.roa (raw, json)
Hash identifier: Agfo+x1k2+uVEW3/oOxb3gilOWTWC+IEx3vOYqmLZq8=
Subject key identifier: C5:4D:0F:A4:9E:25:76:DC:36:29:AD:2C:E2:C0:E7:89:9E:AC:88:D5
Certificate issuer: /CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Certificate serial: 018EACB5B7B072ADBCBCCB86FDD438B27CBD
Authority key identifier: 64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/xU0PpJ4ldtw2Ka0s4sDniZ6siNU.roa
Signing time: Fri 05 Apr 2024 05:22:53 +0000
ROA not before: Fri 05 Apr 2024 05:22:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208666
IP address blocks: 31.193.185.0/24 maxlen: 24
83.229.2.0/24 maxlen: 24
147.236.165.0/24 maxlen: 24
213.255.192.0/24 maxlen: 24
2a09:b300::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 11:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ac:b5:b7:b0:72:ad:bc:bc:cb:86:fd:d4:38:b2:7c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Validity
Not Before: Apr 5 05:22:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c54d0fa49e2576dc3629ad2ce2c0e7899eac88d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:65:35:5f:bc:68:e5:19:c3:c0:c2:04:fa:
9d:97:84:82:e2:e1:bc:c8:fa:3d:04:b3:a7:44:01:
4b:1b:61:84:04:55:90:0b:2a:67:6f:95:7f:2d:5d:
06:b4:8d:d7:9a:fd:df:ed:9f:82:73:f9:f4:a9:d9:
40:b5:0b:68:b6:34:bb:c8:af:ca:f6:1a:03:91:27:
ae:bf:1a:08:71:52:df:6b:9f:d8:44:8b:fd:b4:c5:
ea:95:25:c2:91:0d:2c:58:05:75:96:96:9b:5c:84:
1e:49:d4:90:e7:84:ea:68:e0:83:45:e8:dc:4d:f0:
dd:d5:3f:80:41:6f:1b:9d:4b:03:a5:8f:3d:c5:68:
0f:8e:fb:36:c0:61:be:23:1f:dd:fd:4b:44:59:c7:
92:45:7e:7f:d6:13:2d:ad:3f:bc:5c:9d:fe:b4:f3:
04:43:8e:31:0f:b0:7b:ec:b8:fa:35:bb:c0:64:63:
1b:6f:50:5b:09:72:cc:3c:5d:79:62:91:6d:fa:f3:
a5:c5:28:a6:86:df:bc:ff:b9:d2:b0:c5:ba:e6:ac:
5e:20:53:5e:a6:73:8d:c5:7c:9d:08:2c:7c:35:18:
79:dd:83:00:fe:61:4f:89:cd:ec:3f:31:5e:0a:c1:
93:a8:fa:9d:88:18:f8:54:69:21:86:d5:8b:ac:2e:
7c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4D:0F:A4:9E:25:76:DC:36:29:AD:2C:E2:C0:E7:89:9E:AC:88:D5
X509v3 Authority Key Identifier:
keyid:64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/xU0PpJ4ldtw2Ka0s4sDniZ6siNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.185.0/24
83.229.2.0/24
147.236.165.0/24
213.255.192.0/24
IPv6:
2a09:b300::/29
Signature Algorithm: sha256WithRSAEncryption
35:7e:75:d0:22:05:61:2b:61:6b:12:58:b2:c7:a2:23:a3:f6:
0b:0f:27:f7:cf:13:0b:54:4d:1c:90:82:ac:71:66:bf:d8:92:
1d:d2:23:6b:07:29:fc:99:63:5d:c0:52:d3:9a:61:6a:8f:ff:
53:7d:1b:d9:c2:93:9d:f5:13:5b:c3:18:2d:91:eb:02:1e:9b:
a8:8c:e7:7b:1e:b1:08:aa:a7:2e:5d:93:84:15:c0:43:1b:c6:
da:c1:e8:c0:fe:25:9c:24:54:98:9e:51:80:30:33:21:4b:f7:
81:b8:81:b6:5e:9e:10:eb:9b:e9:5a:d2:4d:2e:a0:55:02:36:
65:ea:16:d4:fb:a5:00:c7:2b:62:35:c5:32:da:d6:24:60:ab:
90:df:76:ea:3f:bc:9f:ae:fc:0d:bb:4c:2f:68:72:4e:a7:15:
80:a1:42:b9:2a:61:a9:c6:b7:19:c2:03:ec:91:fd:fc:6b:7b:
f0:9e:51:5a:43:f5:36:ff:b5:56:00:c7:4a:9d:a9:fe:3d:c1:
7e:c7:84:fb:72:39:f8:d9:11:df:40:d5:e1:30:58:3a:a8:12:
9f:b1:af:98:bb:52:a1:97:08:fb:ea:c4:db:23:9b:48:05:ff:
3c:a9:d5:39:15:09:05:70:d1:be:53:0e:03:27:d8:7f:74:76:
96:76:ed:d7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY6stbewcq28vMuG/dQ4sny9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MDFhZGVkYmM5YzhmMWM2Y2YyMzg5ZmM3Zjc0MWVkZjRm
MTlmMmMwHhcNMjQwNDA1MDUyMjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRkMGZhNDllMjU3NmRjMzYyOWFkMmNlMmMwZTc4OTllYWM4OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs31lNV+8aOUZw8DCBPqdl4SC4uG8
yPo9BLOnRAFLG2GEBFWQCypnb5V/LV0GtI3Xmv3f7Z+Cc/n0qdlAtQtotjS7yK/K
9hoDkSeuvxoIcVLfa5/YRIv9tMXqlSXCkQ0sWAV1lpabXIQeSdSQ54TqaOCDRejc
TfDd1T+AQW8bnUsDpY89xWgPjvs2wGG+Ix/d/UtEWceSRX5/1hMtrT+8XJ3+tPME
Q44xD7B77Lj6NbvAZGMbb1BbCXLMPF15YpFt+vOlxSimht+8/7nSsMW65qxeIFNe
pnONxXydCCx8NRh53YMA/mFPic3sPzFeCsGTqPqdiBj4VGkhhtWLrC58uQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMVND6SeJXbcNimtLOLA54merIjVMB8GA1UdIwQY
MBaAFGQBre28nI8cbPI4n8f3Qe308Z8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEt
MzU2YzA5NmJjNmY5LzEveFUwUHBKNGxkdHcyS2EwczRzRG5pWjZzaU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEtMzU2YzA5NmJjNmY5
LzEvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH8G5AwQA
U+UCAwQAk+ylAwQA1f/AMA0EAgACMAcDBQMqCbMAMA0GCSqGSIb3DQEBCwUAA4IB
AQA1fnXQIgVhK2FrEliyx6Ijo/YLDyf3zxMLVE0ckIKscWa/2JId0iNrByn8mWNd
wFLTmmFqj/9TfRvZwpOd9RNbwxgtkesCHpuojOd7HrEIqqcuXZOEFcBDG8bawejA
/iWcJFSYnlGAMDMhS/eBuIG2Xp4Q65vpWtJNLqBVAjZl6hbU+6UAxytiNcUy2tYk
YKuQ33bqP7yfrvwNu0wvaHJOpxWAoUK5KmGpxrcZwgPskf38a3vwnlFaQ/U2/7VW
AMdKnan+PcF+x4T7cjn42RHfQNXhMFg6qBKfsa+Yu1Khlwj76sTbI5tIBf88qdU5
FQkFcNG+Uw4DJ9h/dHaWdu3X
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:26 2025 by rpki-client