Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/xCos9bX3jifJaMeb-_2sEi9VaJ0.roa
File: xCos9bX3jifJaMeb-_2sEi9VaJ0.roa (raw, json)
Hash identifier: 3O7zrNKVZ7+LxvDlQYikv2uy2efdYIJnYyFSJHcbbC8=
Subject key identifier: C4:2A:2C:F5:B5:F7:8E:27:C9:68:C7:9B:FB:FD:AC:12:2F:55:68:9D
Certificate issuer: /CN=c1ae636549f56d84858ff96c8b1630e8cb8a48af
Certificate serial: 018CC3491893DD47CC3437483A5CA9C18142
Authority key identifier: C1:AE:63:65:49:F5:6D:84:85:8F:F9:6C:8B:16:30:E8:CB:8A:48:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/xCos9bX3jifJaMeb-_2sEi9VaJ0.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42176
IP address blocks: 92.42.81.0/24 maxlen: 24
92.42.84.0/23 maxlen: 23
92.42.84.0/24 maxlen: 24
92.42.80.0/24 maxlen: 24
92.42.80.0/22 maxlen: 22
92.42.83.0/24 maxlen: 24
92.42.82.0/24 maxlen: 24
92.42.85.0/24 maxlen: 24
92.42.87.0/24 maxlen: 24
92.42.86.0/24 maxlen: 24
2a10:8e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:18:93:dd:47:cc:34:37:48:3a:5c:a9:c1:81:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ae636549f56d84858ff96c8b1630e8cb8a48af
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c42a2cf5b5f78e27c968c79bfbfdac122f55689d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:58:f2:01:a7:07:90:c8:72:14:87:bb:56:33:
8a:0f:af:59:37:23:62:06:d9:e2:e8:7c:9a:67:32:
a3:da:8b:24:cd:f8:1e:d3:04:2e:6a:97:85:8b:62:
86:29:91:d9:87:2b:84:07:c0:93:71:b9:3f:d9:54:
0a:2b:b9:a7:fd:a4:34:23:44:6f:e8:42:0f:33:b1:
5a:c8:4a:d2:bd:4c:6a:8b:86:03:39:fd:b5:19:ea:
6b:43:72:2b:74:96:6a:92:69:1a:d8:58:58:33:b5:
0f:bc:77:dd:25:20:b8:64:84:01:bf:a4:53:60:34:
8a:3b:8b:d2:42:0c:a4:ed:72:bf:d7:96:5b:15:56:
9c:3a:82:1b:94:40:5f:0b:b3:c2:0e:ec:bd:b3:05:
e2:11:0f:03:62:c0:6a:ce:94:17:3e:60:23:20:5e:
c3:69:6a:f2:c4:f4:ed:73:4e:9c:21:ca:e1:54:93:
24:3b:5f:77:00:42:e6:1e:aa:fc:c4:43:c5:ca:91:
c4:ad:70:73:e4:b5:94:e8:a4:c0:2e:a5:fd:19:f7:
03:ad:cf:ac:6c:d3:b5:3c:10:ea:81:e1:23:e8:cc:
d4:cb:87:51:9c:c3:f1:39:0e:51:c1:fa:39:e3:d5:
01:ac:94:69:41:72:df:e1:c9:ce:60:53:7d:e0:5e:
20:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2A:2C:F5:B5:F7:8E:27:C9:68:C7:9B:FB:FD:AC:12:2F:55:68:9D
X509v3 Authority Key Identifier:
keyid:C1:AE:63:65:49:F5:6D:84:85:8F:F9:6C:8B:16:30:E8:CB:8A:48:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/xCos9bX3jifJaMeb-_2sEi9VaJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/wa5jZUn1bYSFj_lsixYw6MuKSK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.80.0/21
IPv6:
2a10:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
16:53:96:e6:bd:a5:e3:dd:9c:ba:49:61:9b:b5:7d:4b:00:36:
c6:5d:2e:ee:d5:b3:eb:cc:4d:2d:c7:83:8a:ae:91:f5:90:8d:
12:f6:18:d1:bd:d2:52:f8:ed:9c:4d:cc:2a:2c:05:33:4d:3b:
80:31:f7:0c:c9:6e:27:6a:fc:9b:b4:9b:1c:9f:67:3a:f3:b3:
8f:67:a0:0f:30:57:91:de:bb:74:98:e0:5c:ca:03:68:78:60:
b0:5a:68:2a:30:a6:2f:e3:a1:b0:4a:72:0d:e1:68:3f:45:68:
16:62:4f:b7:cb:05:04:3e:f2:3f:2c:ac:c2:66:a6:f1:62:aa:
a7:9f:6c:19:8c:64:94:bf:23:86:f0:26:18:84:f7:75:f1:74:
34:ad:44:89:96:2d:c2:c5:cb:23:72:7b:d8:e1:26:23:83:8d:
31:6b:d2:04:d6:72:6a:fc:f6:ad:a4:cb:1b:c5:b6:96:cc:50:
6e:5c:88:7f:67:b4:5a:7d:80:00:aa:ef:0a:18:a3:8c:dd:46:
6a:38:d8:1b:94:78:19:5e:a5:44:58:f9:f3:c7:ba:85:d2:fc:
ee:e4:3f:30:22:f1:1f:a6:80:f0:d1:0b:01:77:15:27:05:77:
ac:89:ae:a6:a2:d9:18:06:3a:e4:f4:f5:e2:e8:63:28:f9:37:
2c:b0:f9:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSRiT3UfMNDdIOlypwYFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWU2MzY1NDlmNTZkODQ4NThmZjk2YzhiMTYzMGU4Y2I4
YTQ4YWYwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJhMmNmNWI1Zjc4ZTI3Yzk2OGM3OWJmYmZkYWMxMjJmNTU2ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmljyAacHkMhyFIe7VjOKD69ZNyNi
Btni6HyaZzKj2oskzfge0wQuapeFi2KGKZHZhyuEB8CTcbk/2VQKK7mn/aQ0I0Rv
6EIPM7FayErSvUxqi4YDOf21GeprQ3IrdJZqkmka2FhYM7UPvHfdJSC4ZIQBv6RT
YDSKO4vSQgyk7XK/15ZbFVacOoIblEBfC7PCDuy9swXiEQ8DYsBqzpQXPmAjIF7D
aWryxPTtc06cIcrhVJMkO193AELmHqr8xEPFypHErXBz5LWU6KTALqX9GfcDrc+s
bNO1PBDqgeEj6MzUy4dRnMPxOQ5Rwfo549UBrJRpQXLf4cnOYFN94F4gwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMQqLPW1944nyWjHm/v9rBIvVWidMB8GA1UdIwQY
MBaAFMGuY2VJ9W2EhY/5bIsWMOjLikivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2E1alpVbjFiWVNGal9sc2l4WXc2TXVLU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80YjkwOGQtZjQzYS00ODgyLWE2NmYt
YjIxNjg0NGFjMWU0LzEveENvczliWDNqaWZKYU1lYi1fMnNFaTlWYUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80YjkwOGQtZjQzYS00ODgyLWE2NmYtYjIxNjg0NGFjMWU0
LzEvd2E1alpVbjFiWVNGal9sc2l4WXc2TXVLU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCpQMA0E
AgACMAcDBQMqEI5AMA0GCSqGSIb3DQEBCwUAA4IBAQAWU5bmvaXj3Zy6SWGbtX1L
ADbGXS7u1bPrzE0tx4OKrpH1kI0S9hjRvdJS+O2cTcwqLAUzTTuAMfcMyW4navyb
tJscn2c687OPZ6APMFeR3rt0mOBcygNoeGCwWmgqMKYv46GwSnIN4Wg/RWgWYk+3
ywUEPvI/LKzCZqbxYqqnn2wZjGSUvyOG8CYYhPd18XQ0rUSJli3CxcsjcnvY4SYj
g40xa9IE1nJq/PatpMsbxbaWzFBuXIh/Z7RafYAAqu8KGKOM3UZqONgblHgZXqVE
WPnzx7qF0vzu5D8wIvEfpoDw0QsBdxUnBXesia6motkYBjrk9PXi6GMo+TcssPkg
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:31 2025 by rpki-client