Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/X43Dml7qFs9EOJPJhT2Df2A3YUk.roa
File: X43Dml7qFs9EOJPJhT2Df2A3YUk.roa (raw, json)
Hash identifier: CaC5szyy5dOzcdRRBOp+8s2rbbjXJMpz67BiXkisNmA=
Subject key identifier: 5F:8D:C3:9A:5E:EA:16:CF:44:38:93:C9:85:3D:83:7F:60:37:61:49
Certificate issuer: /CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Certificate serial: 01856F2FF7D09A60B4C5F64D0613DA665BAB
Authority key identifier: CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/X43Dml7qFs9EOJPJhT2Df2A3YUk.roa
Signing time: Sun 01 Jan 2023 21:14:52 +0000
ROA not before: Sun 01 Jan 2023 21:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197064
IP address blocks: 151.248.56.0/21 maxlen: 21
178.23.104.0/21 maxlen: 21
185.24.196.0/22 maxlen: 22
2a02:2408::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:f7:d0:9a:60:b4:c5:f6:4d:06:13:da:66:5b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Validity
Not Before: Jan 1 21:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f8dc39a5eea16cf443893c9853d837f60376149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:06:bd:15:8a:b8:88:7f:d9:72:ce:6c:68:
9a:88:3e:47:bf:65:3f:90:ba:67:0d:53:c0:2e:44:
80:4e:3e:dc:c3:0f:75:61:7b:c6:99:d6:5e:0f:f1:
2d:1b:39:1d:76:f0:c8:8d:fb:76:ca:78:0e:52:04:
13:94:cd:97:d7:0b:61:62:1f:a3:29:b2:30:6f:fa:
54:ee:b5:7d:1d:8d:05:5f:a8:32:cc:f4:35:da:d9:
e8:a5:8d:7d:04:3e:6e:e6:c7:42:11:4a:db:c5:e0:
bd:d0:f0:08:a6:cd:d3:7e:90:c6:84:f2:09:71:6d:
7e:52:01:f7:56:54:92:35:cc:22:4f:c9:45:36:c3:
af:e4:01:c0:a0:e4:84:36:c7:90:60:05:be:5b:f8:
51:f0:9a:93:3f:ed:c8:ba:08:c0:82:55:dd:56:98:
e2:ce:f7:51:09:8c:d8:ae:19:6c:15:4c:6b:a7:83:
74:ad:92:ec:14:da:9d:cf:ec:a7:8a:06:f2:43:d6:
81:b9:ab:74:c2:ab:27:bb:ec:be:44:f8:f3:44:f8:
74:3a:1f:ed:4b:3a:77:50:86:8d:86:ea:48:df:ea:
9a:50:63:0f:40:94:08:f5:81:71:89:f2:77:88:1b:
06:86:3b:65:f0:d9:de:e0:e6:65:b8:20:45:5b:9f:
b6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8D:C3:9A:5E:EA:16:CF:44:38:93:C9:85:3D:83:7F:60:37:61:49
X509v3 Authority Key Identifier:
keyid:CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/X43Dml7qFs9EOJPJhT2Df2A3YUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.56.0/21
178.23.104.0/21
185.24.196.0/22
IPv6:
2a02:2408::/32
Signature Algorithm: sha256WithRSAEncryption
91:d4:ea:96:77:ba:04:23:34:91:5a:db:03:37:81:82:1f:9b:
92:34:e3:5b:2c:14:34:30:3f:8d:cc:0d:18:71:e2:da:b6:2c:
b4:db:84:08:d7:f0:ff:20:b7:5d:e9:3c:46:d4:7b:b7:00:f9:
6c:17:40:41:5f:24:25:d4:5a:d8:92:e6:ca:1d:e7:8d:16:8e:
0b:0c:42:9e:73:97:4b:d7:3d:ea:d1:e0:08:13:7f:d4:95:d8:
08:cf:9c:3a:d5:d6:9b:cf:9f:85:03:70:5d:6a:a9:3a:06:69:
ea:1e:13:22:5d:80:91:7f:4b:6e:f8:d5:51:13:8e:d7:fc:2b:
fe:40:3d:9e:ee:c7:bb:f8:34:6d:26:c8:d9:fb:6a:f6:65:a0:
15:72:2f:8c:e8:be:89:c3:1e:f9:26:73:74:ee:e9:33:9e:2a:
57:1d:7e:7e:50:3d:21:bf:d3:8b:d4:bf:15:b9:57:07:7b:45:
79:98:dc:22:4e:ef:6c:06:c4:c4:12:6a:55:64:84:22:2b:f3:
4c:64:91:8d:9f:9e:8a:84:53:96:3d:1c:be:8c:aa:8b:da:74:
b0:68:2e:6f:58:66:f7:c5:18:b3:4b:b2:b4:34:e2:e0:e2:80:
f3:3a:1a:17:27:f3:c9:0f:31:16:34:b6:ae:2d:12:d3:28:80:
0a:d6:dc:66
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvL/fQmmC0xfZNBhPaZlurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMmNjN2NlNDJlNzljMzUxYWM3ZDI4ZjY0NWRlN2Y1OTM4
YWNjOWMwHhcNMjMwMTAxMjExNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhkYzM5YTVlZWExNmNmNDQzODkzYzk4NTNkODM3ZjYwMzc2MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+EGvRWKuIh/2XLObGiaiD5Hv2U/
kLpnDVPALkSATj7cww91YXvGmdZeD/EtGzkddvDIjft2yngOUgQTlM2X1wthYh+j
KbIwb/pU7rV9HY0FX6gyzPQ12tnopY19BD5u5sdCEUrbxeC90PAIps3TfpDGhPIJ
cW1+UgH3VlSSNcwiT8lFNsOv5AHAoOSENseQYAW+W/hR8JqTP+3IugjAglXdVpji
zvdRCYzYrhlsFUxrp4N0rZLsFNqdz+ynigbyQ9aBuat0wqsnu+y+RPjzRPh0Oh/t
Szp3UIaNhupI3+qaUGMPQJQI9YFxifJ3iBsGhjtl8Nne4OZluCBFW5+2sQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF+Nw5pe6hbPRDiTyYU9g39gN2FJMB8GA1UdIwQY
MBaAFMssx85C55w1GsfSj2Rd5/WTisycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXl6SHprTG5uRFVheDlLUFpGM245Wk9Lekp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MGM0MDMtZTZlOS00MWUwLWIxNTct
NzgxZDhmYjFkMmZiLzEvWDQzRG1sN3FGczlFT0pQSmhUMkRmMkEzWVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MGM0MDMtZTZlOS00MWUwLWIxNTctNzgxZDhmYjFkMmZi
LzEveXl6SHprTG5uRFVheDlLUFpGM245Wk9Lekp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDl/g4AwQD
shdoAwQCuRjEMA0EAgACMAcDBQAqAiQIMA0GCSqGSIb3DQEBCwUAA4IBAQCR1OqW
d7oEIzSRWtsDN4GCH5uSNONbLBQ0MD+NzA0YceLatiy024QI1/D/ILdd6TxG1Hu3
APlsF0BBXyQl1FrYkubKHeeNFo4LDEKec5dL1z3q0eAIE3/UldgIz5w61dabz5+F
A3Bdaqk6BmnqHhMiXYCRf0tu+NVRE47X/Cv+QD2e7se7+DRtJsjZ+2r2ZaAVci+M
6L6Jwx75JnN07ukznipXHX5+UD0hv9OL1L8VuVcHe0V5mNwiTu9sBsTEEmpVZIQi
K/NMZJGNn56KhFOWPRy+jKqL2nSwaC5vWGb3xRizS7K0NOLg4oDzOhoXJ/PJDzEW
NLauLRLTKIAK1txm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org