Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XZ5OyIj6EOmA4s1wJG-lfkIWXyE.roa
File: XZ5OyIj6EOmA4s1wJG-lfkIWXyE.roa (raw, json)
Hash identifier: AWIgapP4EujD8yAHHSsbgCsZPuIRmwRUQkOr2JTL8VQ=
Subject key identifier: 5D:9E:4E:C8:88:FA:10:E9:80:E2:CD:70:24:6F:A5:7E:42:16:5F:21
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01879DE5E3C379131EDB65A27D72EA6730C0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XZ5OyIj6EOmA4s1wJG-lfkIWXyE.roa
Signing time: Thu 20 Apr 2023 09:01:41 +0000
ROA not before: Thu 20 Apr 2023 09:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200131
IP address blocks: 85.209.163.0/24 maxlen: 24
45.8.200.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 May 2023 09:27:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:e5:e3:c3:79:13:1e:db:65:a2:7d:72:ea:67:30:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 20 09:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d9e4ec888fa10e980e2cd70246fa57e42165f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:cd:80:8b:ad:c4:c4:87:db:8e:77:31:c1:
0b:06:d7:52:02:d1:43:6a:1c:39:cb:a9:af:cf:23:
5a:71:d9:9e:19:75:be:ed:9c:07:06:1e:bb:6f:08:
31:8a:18:d8:44:b1:c0:b0:89:f0:d9:a1:fd:dd:f9:
8b:27:c5:56:79:ee:cd:88:48:84:0f:85:17:bd:1f:
8f:07:b5:f9:48:df:54:62:ae:29:1d:44:c9:8d:6f:
72:01:bb:3a:4d:3c:02:07:28:33:e1:42:c5:ef:06:
42:50:a7:46:8e:5a:84:cf:6e:3c:bc:ed:3c:2d:b1:
62:ad:02:c6:a9:f2:36:df:9b:81:19:64:44:8e:c7:
24:c9:bb:55:27:09:dc:89:c7:97:4a:20:3a:d8:67:
3d:7d:f1:c9:b4:b0:21:07:c2:7b:bd:e0:23:2f:93:
5b:a3:a3:8f:11:46:38:51:b2:dc:38:95:38:71:38:
89:39:dd:73:44:fe:9b:dc:c2:50:b4:6e:b9:20:e4:
4c:8d:0e:3f:4c:e8:e6:e5:c8:33:99:cb:fb:ab:b0:
c3:03:e5:2f:d3:7c:4c:1a:50:13:62:aa:25:c9:16:
77:7b:3d:6e:c1:7f:30:00:ec:81:d3:1f:fb:20:43:
a5:26:e9:87:cb:9c:9c:ac:d3:b3:4b:7d:75:e8:98:
32:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9E:4E:C8:88:FA:10:E9:80:E2:CD:70:24:6F:A5:7E:42:16:5F:21
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XZ5OyIj6EOmA4s1wJG-lfkIWXyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.48.0/24
45.8.200.0/24
85.209.163.0/24
Signature Algorithm: sha256WithRSAEncryption
09:38:5c:38:f4:78:8d:6b:bf:7e:6a:3d:04:42:2d:ce:e2:2c:
0c:b9:62:67:72:1e:e2:1d:b3:b3:a6:79:44:f6:fb:38:e2:42:
64:a9:d7:1d:b7:bf:94:c8:a3:10:1d:e5:f6:e4:21:a0:67:ec:
bd:35:b0:e6:83:dd:6e:38:67:a0:6c:95:ea:c9:fa:ba:bc:e9:
e8:b2:14:01:6b:4d:1a:34:0a:e1:07:6a:97:4a:1a:e0:4a:24:
f6:3a:c5:28:e6:03:2e:19:b0:57:37:c5:d2:31:a1:05:a3:18:
6f:26:c7:e3:5e:fd:fa:6b:79:6f:41:87:d8:6d:80:99:66:de:
f7:79:73:2e:98:4c:a3:da:7d:aa:2a:ac:c4:d5:f4:f6:f7:00:
83:82:54:8c:61:49:36:c7:68:01:13:e9:d4:04:73:69:a8:1e:
04:5b:07:2a:cc:ae:76:03:6b:21:8e:25:da:d6:a7:c3:7e:57:
67:21:19:e6:62:04:ef:82:09:89:cf:4c:0a:d7:4f:9a:6c:2c:
90:c6:96:5a:2c:19:96:9b:d9:a6:56:e1:99:ee:13:a7:87:65:
a5:04:70:ee:6e:f9:e7:01:ef:3e:ce:f5:4a:c4:f4:19:5a:b2:
fc:39:6b:a0:5a:b5:23:04:68:7e:d4:7e:28:c6:68:14:da:82:
28:b2:4e:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYed5ePDeRMe22WifXLqZzDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDIwMDkwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDllNGVjODg4ZmExMGU5ODBlMmNkNzAyNDZmYTU3ZTQyMTY1ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbDNgIutxMSH2453McELBtdSAtFD
ahw5y6mvzyNacdmeGXW+7ZwHBh67bwgxihjYRLHAsInw2aH93fmLJ8VWee7NiEiE
D4UXvR+PB7X5SN9UYq4pHUTJjW9yAbs6TTwCBygz4ULF7wZCUKdGjlqEz248vO08
LbFirQLGqfI235uBGWREjsckybtVJwnciceXSiA62Gc9ffHJtLAhB8J7veAjL5Nb
o6OPEUY4UbLcOJU4cTiJOd1zRP6b3MJQtG65IORMjQ4/TOjm5cgzmcv7q7DDA+Uv
03xMGlATYqolyRZ3ez1uwX8wAOyB0x/7IEOlJumHy5ycrNOzS3116JgyMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF2eTsiI+hDpgOLNcCRvpX5CFl8hMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWFo1T3lJajZFT21BNHMxd0pHLWxma0lXWHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbQwAwQA
LQjIAwQAVdGjMA0GCSqGSIb3DQEBCwUAA4IBAQAJOFw49HiNa79+aj0EQi3O4iwM
uWJnch7iHbOzpnlE9vs44kJkqdcdt7+UyKMQHeX25CGgZ+y9NbDmg91uOGegbJXq
yfq6vOnoshQBa00aNArhB2qXShrgSiT2OsUo5gMuGbBXN8XSMaEFoxhvJsfjXv36
a3lvQYfYbYCZZt73eXMumEyj2n2qKqzE1fT29wCDglSMYUk2x2gBE+nUBHNpqB4E
WwcqzK52A2shjiXa1qfDfldnIRnmYgTvggmJz0wK10+abCyQxpZaLBmWm9mmVuGZ
7hOnh2WlBHDubvnnAe8+zvVKxPQZWrL8OWugWrUjBGh+1H4oxmgU2oIosk4R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org