Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/XsqjI-TYUj53WLhmW-ABniNNxQA.roa
File: XsqjI-TYUj53WLhmW-ABniNNxQA.roa (raw, json)
Hash identifier: DjZOGpzXg6a0ZQdJedCxnT0UbMGRksz2EYM2sD347Xw=
Subject key identifier: 5E:CA:A3:23:E4:D8:52:3E:77:58:B8:66:5B:E0:01:9E:23:4D:C5:00
Certificate issuer: /CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Certificate serial: 018D4C996C5FEB237CE77F3326B79C0FF6C9
Authority key identifier: C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/XsqjI-TYUj53WLhmW-ABniNNxQA.roa
Signing time: Sat 27 Jan 2024 20:25:39 +0000
ROA not before: Sat 27 Jan 2024 20:25:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25145
IP address blocks: 185.203.67.0/24 maxlen: 24
193.163.88.0/24 maxlen: 24
2a10:7cc0::/29 maxlen: 29
2a11:940::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 27 Jan 2024 22:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4c:99:6c:5f:eb:23:7c:e7:7f:33:26:b7:9c:0f:f6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2746ccb7e73a9cc30ef04edd7cf16cc1d946894
Validity
Not Before: Jan 27 20:25:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ecaa323e4d8523e7758b8665be0019e234dc500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a8:ea:a2:b7:33:7c:15:b0:da:ef:2a:bf:a1:
71:19:1b:b4:7d:31:d0:b3:18:95:16:12:2b:8f:94:
cf:aa:df:0b:e0:8a:8c:92:b2:c5:fa:33:a9:a5:5b:
91:ac:12:bf:b8:67:1d:31:bb:0d:f3:9c:f7:83:0d:
72:a4:4b:93:de:2c:50:4f:70:ac:b4:42:ad:73:2c:
cf:e6:db:53:fc:4b:9b:56:30:1b:2d:af:be:76:aa:
7d:57:25:99:7e:02:11:91:9d:f8:57:3a:55:86:e1:
16:a3:b0:9e:ac:c1:94:47:7a:8a:94:49:68:4b:27:
e6:fe:fa:5c:1e:b3:40:e5:98:b3:17:42:64:bd:5f:
f4:52:aa:ec:7e:9b:5a:b7:50:6b:74:e2:6d:4d:87:
ed:6b:53:c6:63:3b:07:49:be:07:03:98:f7:1c:d2:
5a:77:22:e5:bc:3e:5a:b1:cf:66:b5:b7:70:28:ec:
92:af:a9:1c:e2:99:42:0b:e5:ae:f2:1f:d8:9c:f9:
45:b6:63:2d:61:37:cb:f9:6f:00:9b:81:51:ee:72:
8c:3d:7d:52:4c:80:53:a7:17:bd:4c:ee:18:9a:04:
44:15:e7:11:26:65:7d:ca:be:19:33:6f:ab:63:f7:
11:30:ca:ef:e1:58:b5:6f:b3:fa:b7:a2:28:f0:a2:
42:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:CA:A3:23:E4:D8:52:3E:77:58:B8:66:5B:E0:01:9E:23:4D:C5:00
X509v3 Authority Key Identifier:
keyid:C2:74:6C:CB:7E:73:A9:CC:30:EF:04:ED:D7:CF:16:CC:1D:94:68:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnRsy35zqcww7wTt188WzB2UaJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/XsqjI-TYUj53WLhmW-ABniNNxQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/59703f-f003-4845-983a-93e918d10ec5/1/wnRsy35zqcww7wTt188WzB2UaJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.67.0/24
193.163.88.0/24
IPv6:
2a10:7cc0::/29
2a11:940::/29
Signature Algorithm: sha256WithRSAEncryption
3e:d3:c5:5c:da:36:83:ec:8e:84:53:df:97:7b:5d:a6:ce:ba:
df:58:2e:44:2a:e0:55:5e:89:72:f0:31:5a:c4:33:b2:62:42:
48:32:c1:15:13:00:73:4b:46:0f:96:94:a3:0c:b2:6f:de:e3:
dd:5a:a4:46:bd:6f:8a:05:a2:df:40:15:39:09:7d:5b:dc:13:
8d:06:22:02:fb:d2:6d:e1:a6:d7:2b:7a:43:22:8a:23:f4:3d:
86:49:a3:21:8b:f6:99:f9:9f:8c:b4:82:9d:60:da:99:63:98:
e5:73:4e:6b:ca:55:83:97:7a:87:15:70:fd:8f:10:5b:eb:c9:
98:c4:8c:3f:00:2e:cb:29:6f:c7:62:b5:6a:75:b9:24:58:5b:
2d:2f:d4:21:c9:2e:cb:4a:8a:11:60:74:75:ed:03:a6:79:22:
68:38:e5:66:d9:c8:9d:ce:bc:59:9b:1e:2d:c0:44:c3:fe:b3:
64:79:bf:dc:b7:01:b8:13:f1:f3:64:66:94:99:ed:e5:41:6d:
8b:89:be:60:bc:12:f5:83:56:5b:cb:84:55:c3:3c:d8:39:42:
f6:53:32:1f:ff:aa:b2:8e:62:f4:0c:fd:f0:b5:fa:66:18:07:
f1:a6:ee:1a:5f:fc:c9:d6:77:e9:dd:b1:09:f0:40:3a:1c:22:
13:5c:34:21
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY1MmWxf6yN8538zJrecD/bJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzQ2Y2NiN2U3M2E5Y2MzMGVmMDRlZGQ3Y2YxNmNjMWQ5
NDY4OTQwHhcNMjQwMTI3MjAyNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWNhYTMyM2U0ZDg1MjNlNzc1OGI4NjY1YmUwMDE5ZTIzNGRjNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkajqorczfBWw2u8qv6FxGRu0fTHQ
sxiVFhIrj5TPqt8L4IqMkrLF+jOppVuRrBK/uGcdMbsN85z3gw1ypEuT3ixQT3Cs
tEKtcyzP5ttT/EubVjAbLa++dqp9VyWZfgIRkZ34VzpVhuEWo7CerMGUR3qKlElo
Syfm/vpcHrNA5ZizF0JkvV/0Uqrsfptat1BrdOJtTYfta1PGYzsHSb4HA5j3HNJa
dyLlvD5asc9mtbdwKOySr6kc4plCC+Wu8h/YnPlFtmMtYTfL+W8Am4FR7nKMPX1S
TIBTpxe9TO4YmgREFecRJmV9yr4ZM2+rY/cRMMrv4Vi1b7P6t6Io8KJCswIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFF7KoyPk2FI+d1i4ZlvgAZ4jTcUAMB8GA1UdIwQY
MBaAFMJ0bMt+c6nMMO8E7dfPFswdlGiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2Et
OTNlOTE4ZDEwZWM1LzEvWHNxakktVFlVajUzV0xobVctQUJuaU5OeFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81OTcwM2YtZjAwMy00ODQ1LTk4M2EtOTNlOTE4ZDEwZWM1
LzEvd25Sc3kzNXpxY3d3N3dUdDE4OFd6QjJVYUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAuctDAwQA
waNYMBQEAgACMA4DBQMqEHzAAwUDKhEJQDANBgkqhkiG9w0BAQsFAAOCAQEAPtPF
XNo2g+yOhFPfl3tdps6631guRCrgVV6JcvAxWsQzsmJCSDLBFRMAc0tGD5aUowyy
b97j3VqkRr1vigWi30AVOQl9W9wTjQYiAvvSbeGm1yt6QyKKI/Q9hkmjIYv2mfmf
jLSCnWDamWOY5XNOa8pVg5d6hxVw/Y8QW+vJmMSMPwAuyylvx2K1anW5JFhbLS/U
Ickuy0qKEWB0de0DpnkiaDjlZtnInc68WZseLcBEw/6zZHm/3LcBuBPx82RmlJnt
5UFti4m+YLwS9YNWW8uEVcM82DlC9lMyH/+qso5i9Az98LX6ZhgH8abuGl/8ydZ3
6d2xCfBAOhwiE1w0IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:28 2024 by rpki-client on console-fra.rpki-client.org