Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/XgCCrMhem316-w9APlma_g2AXeU.roa
File: XgCCrMhem316-w9APlma_g2AXeU.roa (raw, json)
Hash identifier: T3GmkXcn0x8U2ZwXjUBaewX5JuCU4e/YmNt2XAEtvpo=
Subject key identifier: 5E:00:82:AC:C8:5E:9B:7D:7A:FB:0F:40:3E:59:9A:FE:0D:80:5D:E5
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018AAC2266CE7341A256743AB04741E6E10A
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/XgCCrMhem316-w9APlma_g2AXeU.roa
Signing time: Tue 19 Sep 2023 06:30:50 +0000
ROA not before: Tue 19 Sep 2023 06:30:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/24 maxlen: 24
81.28.253.0/24 maxlen: 24
91.239.149.0/24 maxlen: 24
91.238.92.0/24 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.198.0/24 maxlen: 24
91.244.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 18:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:22:66:ce:73:41:a2:56:74:3a:b0:47:41:e6:e1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Sep 19 06:30:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e0082acc85e9b7d7afb0f403e599afe0d805de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:1f:82:97:a1:23:d5:23:6e:0b:26:a3:53:
43:ba:5e:94:62:1a:68:e5:fa:92:1c:7f:d9:79:27:
55:6d:6f:39:61:ab:d4:eb:c4:26:57:c2:ef:91:c8:
37:9c:65:0b:bc:77:47:20:75:a2:5f:97:79:06:a1:
a9:a3:3a:fd:a8:9d:7a:7a:51:01:c9:7c:66:00:b1:
a4:da:36:ba:ad:f3:3a:bf:48:03:29:0f:77:c3:5e:
33:77:a2:84:fd:43:cb:8f:49:30:24:e0:74:5f:dd:
01:78:89:6c:49:d8:35:97:5e:dd:2f:e3:16:0f:2f:
1d:27:55:95:a7:4d:89:45:91:2e:97:7c:92:4d:56:
d6:4c:fe:8a:cc:e7:6c:b9:03:b0:fd:ca:4a:94:7e:
e0:19:11:46:65:66:1d:16:6d:e5:6e:7d:8f:a6:7d:
42:e0:d1:98:66:aa:6d:fa:9f:59:c4:22:ac:54:7f:
be:ef:51:ea:26:b8:59:46:06:14:88:41:2d:80:75:
07:fa:70:a9:d1:ca:d3:c7:30:fd:62:8a:f4:f2:24:
6d:fc:b7:e1:13:93:84:93:b3:6a:3c:78:48:cb:6c:
7f:ad:bc:be:33:7b:fa:9a:b4:e5:e7:c5:8a:82:c1:
94:34:b4:0e:d0:fb:5d:51:a4:84:0a:e6:fa:e3:99:
be:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:00:82:AC:C8:5E:9B:7D:7A:FB:0F:40:3E:59:9A:FE:0D:80:5D:E5
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/XgCCrMhem316-w9APlma_g2AXeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
81.28.253.0/24
91.238.92.0/24
91.239.149.0/24
91.244.198.0/23
176.105.228.0/24
Signature Algorithm: sha256WithRSAEncryption
86:25:a5:93:16:92:c1:57:16:68:97:2a:46:f8:55:3f:31:f1:
f5:e2:69:b7:1f:21:6f:11:75:ca:28:7d:b5:de:f0:c8:c8:eb:
0c:d9:ea:8f:15:c1:b9:25:78:03:7a:f7:d0:c7:65:03:bf:4d:
58:44:23:d4:70:8e:a0:22:e2:63:47:43:17:db:e9:69:95:97:
9b:71:a3:66:2d:c3:eb:1a:64:bd:f7:59:ce:43:86:f6:ec:0d:
db:84:3a:e9:4f:53:15:e6:7f:40:a3:3f:de:a5:7d:78:17:5d:
58:f8:8c:62:52:35:a7:8b:c0:23:0e:d3:8e:78:df:ec:28:7f:
6b:75:a4:c1:39:22:82:20:3f:32:ba:75:0e:6d:85:2b:4f:90:
b7:b9:72:66:95:1e:40:77:07:1b:ad:89:fd:52:cd:6c:5d:f5:
0f:a5:d4:98:75:49:63:54:9d:43:a0:b7:71:f0:fc:e3:10:24:
81:59:6b:f6:75:39:79:d3:c1:d5:1f:d6:dc:de:8e:ae:d8:3d:
ca:bb:76:56:05:7f:b6:50:8a:1d:4e:4c:ff:4d:13:21:17:c1:
52:ae:81:40:c2:cc:07:3f:b9:60:af:a4:44:25:c9:d4:a5:70:
91:70:82:a5:d5:9d:67:fd:80:69:8d:a6:4d:7a:72:ed:1b:25:
d6:d9:55:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYqsImbOc0GiVnQ6sEdB5uEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMwOTE5MDYzMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAwODJhY2M4NWU5YjdkN2FmYjBmNDAzZTU5OWFmZTBkODA1ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTQfgpehI9Ujbgsmo1NDul6UYhpo
5fqSHH/ZeSdVbW85YavU68QmV8Lvkcg3nGULvHdHIHWiX5d5BqGpozr9qJ16elEB
yXxmALGk2ja6rfM6v0gDKQ93w14zd6KE/UPLj0kwJOB0X90BeIlsSdg1l17dL+MW
Dy8dJ1WVp02JRZEul3ySTVbWTP6KzOdsuQOw/cpKlH7gGRFGZWYdFm3lbn2Ppn1C
4NGYZqpt+p9ZxCKsVH++71HqJrhZRgYUiEEtgHUH+nCp0crTxzD9Yor08iRt/Lfh
E5OEk7NqPHhIy2x/rby+M3v6mrTl58WKgsGUNLQO0PtdUaSECub645m+KwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFF4AgqzIXpt9evsPQD5Zmv4NgF3lMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvWGdDQ3JNaGVtMzE2LXc5QVBsbWFfZzJBWGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLYRQAwQA
URz9AwQAW+5cAwQAW++VAwQBW/TGAwQAsGnkMA0GCSqGSIb3DQEBCwUAA4IBAQCG
JaWTFpLBVxZolypG+FU/MfH14mm3HyFvEXXKKH213vDIyOsM2eqPFcG5JXgDevfQ
x2UDv01YRCPUcI6gIuJjR0MX2+lplZebcaNmLcPrGmS991nOQ4b27A3bhDrpT1MV
5n9Aoz/epX14F11Y+IxiUjWni8AjDtOOeN/sKH9rdaTBOSKCID8yunUObYUrT5C3
uXJmlR5AdwcbrYn9Us1sXfUPpdSYdUljVJ1DoLdx8PzjECSBWWv2dTl508HVH9bc
3o6u2D3Ku3ZWBX+2UIodTkz/TRMhF8FSroFAwswHP7lgr6REJcnUpXCRcIKl1Z1n
/YBpjaZNenLtGyXW2VVJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:43 2024 by rpki-client on console-ams.rpki-client.org