Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xo_OD7iDfQdlQ9t5szxUZpNnno8.roa
File: xo_OD7iDfQdlQ9t5szxUZpNnno8.roa (raw, json)
Hash identifier: 8Txbxo+Thvxi7wpx6vS+ZFKCILRFTEF9MuLO3/RAXrc=
Subject key identifier: C6:8F:CE:0F:B8:83:7D:07:65:43:DB:79:B3:3C:54:66:93:67:9E:8F
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D8534F0B326CC09AB38D09B5DA65DB7C7
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xo_OD7iDfQdlQ9t5szxUZpNnno8.roa
Signing time: Wed 07 Feb 2024 20:14:15 +0000
ROA not before: Wed 07 Feb 2024 20:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.244.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 15:40:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:85:34:f0:b3:26:cc:09:ab:38:d0:9b:5d:a6:5d:b7:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 7 20:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c68fce0fb8837d076543db79b33c546693679e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:45:51:64:23:61:f3:24:10:bc:76:62:7c:85:
15:36:b4:57:52:e0:dd:17:5f:3f:02:d6:32:dd:bc:
42:32:3b:4b:db:68:c1:19:da:aa:32:47:08:80:ec:
43:8e:29:ee:4e:c5:7b:45:23:a7:ac:06:e2:92:e5:
8d:0f:95:5b:10:55:10:86:d9:49:e6:3b:fd:de:0c:
04:52:4a:40:4f:5d:57:35:65:ca:58:6e:5d:2e:19:
7c:f5:44:1c:14:33:d1:0a:16:fd:7f:79:f6:72:54:
4a:18:62:30:6d:a1:58:00:30:93:76:24:4e:a1:dc:
75:3b:d8:1c:40:3b:3a:c3:be:81:70:74:28:9e:33:
84:1d:5f:43:03:a5:0d:dc:41:8e:c7:d5:8e:da:fc:
4e:f8:64:5e:9d:d4:06:86:7e:c9:3e:5e:e2:36:cd:
3e:d6:10:80:69:df:50:2c:61:d5:85:8b:4a:53:66:
0c:b5:9d:05:4f:93:b8:0b:4b:68:9f:79:d6:ae:b1:
3a:f1:d0:50:09:c6:ce:aa:d9:ef:de:2b:8a:cd:9f:
66:f2:23:b5:2b:a6:0f:dd:55:ce:61:fd:b0:34:0f:
83:03:72:24:56:de:49:b7:44:8c:d8:c2:b1:98:35:
17:38:41:38:35:9e:18:c1:fb:95:ca:f5:79:2f:52:
b7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8F:CE:0F:B8:83:7D:07:65:43:DB:79:B3:3C:54:66:93:67:9E:8F
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xo_OD7iDfQdlQ9t5szxUZpNnno8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.204.0/22
91.186.216.0/22
94.241.164.0/23
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
17:2e:dd:c7:4a:31:40:bd:a5:66:fd:71:ea:bc:69:b6:49:91:
88:3f:ba:c7:15:fc:f9:b0:b0:49:d9:26:83:b4:5d:f4:21:21:
b5:97:4f:2d:52:85:07:c4:80:b8:77:47:d8:8c:6c:9c:29:cd:
8a:b9:8d:bf:27:33:ac:96:9f:e7:98:48:b9:28:aa:53:92:cf:
ec:e4:67:67:5e:36:dc:a1:7f:70:a7:72:14:7e:af:e2:fa:d2:
0b:c1:78:4a:1e:fe:5b:1b:9a:3f:39:9d:a7:53:f3:9d:88:0c:
7c:c7:24:f9:02:f2:de:08:64:be:57:8e:58:36:c5:07:87:a1:
3a:d8:b7:0c:0a:76:eb:ea:de:5d:f2:2c:ff:25:41:d9:ef:24:
20:4c:a6:4e:f2:cd:3f:09:6c:39:d3:8e:14:33:c0:a8:31:18:
72:41:96:28:b4:22:88:a7:8f:b9:53:35:d4:a6:e5:07:7a:5e:
8b:b5:70:45:a6:c0:fe:f8:13:c8:08:16:a5:6d:58:e8:2e:d7:
bf:f1:be:99:ed:03:cb:ff:83:e9:4a:dd:66:2c:66:e0:1d:b8:
91:dc:8c:76:a9:bd:7d:48:e8:36:89:e8:c1:3e:90:93:c5:99:
1d:34:8f:8c:95:0b:2f:a4:34:15:32:db:01:ad:ad:c5:9b:47:
01:bb:20:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2FNPCzJswJqzjQm12mXbfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMjA3MjAxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjhmY2UwZmI4ODM3ZDA3NjU0M2RiNzliMzNjNTQ2NjkzNjc5ZThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUVRZCNh8yQQvHZifIUVNrRXUuDd
F18/AtYy3bxCMjtL22jBGdqqMkcIgOxDjinuTsV7RSOnrAbikuWND5VbEFUQhtlJ
5jv93gwEUkpAT11XNWXKWG5dLhl89UQcFDPRChb9f3n2clRKGGIwbaFYADCTdiRO
odx1O9gcQDs6w76BcHQonjOEHV9DA6UN3EGOx9WO2vxO+GRendQGhn7JPl7iNs0+
1hCAad9QLGHVhYtKU2YMtZ0FT5O4C0ton3nWrrE68dBQCcbOqtnv3iuKzZ9m8iO1
K6YP3VXOYf2wNA+DA3IkVt5Jt0SM2MKxmDUXOEE4NZ4YwfuVyvV5L1K3oQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMaPzg+4g30HZUPbebM8VGaTZ56PMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEveG9fT0Q3aURmUWRsUTl0NXN6eFVacE5ubm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
W7rMAwQCW7rYAwQBXvGkAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAXLt3HSjFA
vaVm/XHqvGm2SZGIP7rHFfz5sLBJ2SaDtF30ISG1l08tUoUHxIC4d0fYjGycKc2K
uY2/JzOslp/nmEi5KKpTks/s5GdnXjbcoX9wp3IUfq/i+tILwXhKHv5bG5o/OZ2n
U/OdiAx8xyT5AvLeCGS+V45YNsUHh6E62LcMCnbr6t5d8iz/JUHZ7yQgTKZO8s0/
CWw5044UM8CoMRhyQZYotCKIp4+5UzXUpuUHel6LtXBFpsD++BPICBalbVjoLte/
8b6Z7QPL/4PpSt1mLGbgHbiR3Ix2qb19SOg2iejBPpCTxZkdNI+MlQsvpDQVMtsB
ra3Fm0cBuyAE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:20 2024 by rpki-client on console-ams.rpki-client.org