Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/xblBxkaxdNrWdCwCsfvHdeVpwBU.roa
File: xblBxkaxdNrWdCwCsfvHdeVpwBU.roa (raw, json)
Hash identifier: OjMMW5nQSKiQf45bbXLfdWhbVfGyJ9xxjboDMRj/y8Q=
Subject key identifier: C5:B9:41:C6:46:B1:74:DA:D6:74:2C:02:B1:FB:C7:75:E5:69:C0:15
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802C874912469E867C292832C29B448
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/xblBxkaxdNrWdCwCsfvHdeVpwBU.roa
Signing time: Tue 02 Jan 2024 02:31:14 +0000
ROA not before: Tue 02 Jan 2024 02:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44220
IP address blocks: 85.204.246.0/24 maxlen: 24
188.213.134.0/24 maxlen: 24
188.213.49.0/24 maxlen: 24
89.45.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 14:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:c8:74:91:24:69:e8:67:c2:92:83:2c:29:b4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5b941c646b174dad6742c02b1fbc775e569c015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:34:0d:5a:3b:14:b9:e9:4d:28:a1:0b:ad:60:
fe:38:7f:32:03:1b:88:bf:00:92:5d:21:a9:ee:e9:
98:42:d3:69:3b:ba:18:be:38:05:a2:ff:91:ef:c2:
b1:68:20:eb:27:12:bf:12:a1:ab:a2:8f:b2:b9:b0:
bf:2d:03:58:44:fd:44:20:cf:19:b3:8e:16:8e:9b:
8d:30:c3:10:b8:b3:e2:00:f8:79:ee:0e:9a:ad:8e:
58:57:74:99:71:60:94:9e:e2:76:dd:ec:c9:81:46:
5e:35:e8:3b:1a:cc:59:e4:d4:c4:f8:33:c5:d7:24:
0d:87:c7:89:6f:2c:68:b0:12:6a:f6:d1:2a:15:4d:
a3:bb:5a:4e:e6:2d:c7:61:95:9a:b4:0f:74:d4:57:
db:c3:55:a0:44:36:57:27:33:66:05:99:ce:24:25:
12:78:61:b0:83:48:12:85:c5:f0:0f:1d:33:97:c1:
36:20:3e:f5:dd:79:ea:be:33:b1:72:7e:2f:ce:93:
cb:07:6f:3d:37:28:0d:8e:71:ea:48:58:de:24:66:
45:f2:3f:71:6c:b2:b4:4f:0a:e1:d1:69:52:00:b0:
b4:88:c6:15:80:19:4c:cd:1a:ed:52:0b:55:e1:82:
c2:31:75:90:6c:c4:30:33:94:3f:2a:2d:ae:17:7f:
95:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B9:41:C6:46:B1:74:DA:D6:74:2C:02:B1:FB:C7:75:E5:69:C0:15
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/xblBxkaxdNrWdCwCsfvHdeVpwBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.246.0/24
89.45.46.0/24
188.213.49.0/24
188.213.134.0/24
Signature Algorithm: sha256WithRSAEncryption
98:99:cb:ee:53:5a:56:23:15:5d:05:4b:b4:75:fa:8b:61:3e:
7f:21:c9:75:28:1e:e4:7f:f9:5a:84:d6:c5:a4:85:99:e1:91:
b4:db:a7:60:fd:6c:b2:fa:54:1e:e6:31:dc:d2:50:76:4f:08:
c3:3d:93:24:a6:1a:57:7f:d8:d5:d1:c2:1d:89:dd:7b:c2:98:
c8:68:b5:8c:85:b9:2a:92:6f:36:2c:22:f7:78:65:35:0b:41:
a3:8f:02:96:25:8a:c2:60:ec:bf:1e:3f:e8:3d:f8:06:40:0e:
61:08:03:41:60:00:6f:7a:89:3f:0b:14:98:d7:9b:cb:0c:6b:
16:8c:be:24:72:ac:9d:76:57:94:8f:dd:18:ab:b7:55:59:82:
e5:0f:9d:6c:e9:d0:a1:1d:79:9a:f4:11:c0:68:e7:d5:7d:02:
12:8b:20:77:5a:5c:b3:31:18:83:ab:92:f1:ce:e4:97:31:28:
2a:2b:24:a1:56:77:e7:c0:7e:6c:b2:26:4a:07:8a:62:7e:38:
9f:a3:43:80:18:c9:2c:3f:45:f6:6b:98:eb:2d:a4:a0:7e:56:
62:7e:40:4c:27:34:31:bf:da:61:fa:b5:dd:f0:e6:40:27:27:
72:0c:3d:10:ab:ff:86:22:64:fa:30:a5:7a:8b:59:d0:15:bc:
80:e4:17:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAsh0kSRp6GfCkoMsKbRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWI5NDFjNjQ2YjE3NGRhZDY3NDJjMDJiMWZiYzc3NWU1NjljMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjQNWjsUuelNKKELrWD+OH8yAxuI
vwCSXSGp7umYQtNpO7oYvjgFov+R78KxaCDrJxK/EqGroo+yubC/LQNYRP1EIM8Z
s44WjpuNMMMQuLPiAPh57g6arY5YV3SZcWCUnuJ23ezJgUZeNeg7GsxZ5NTE+DPF
1yQNh8eJbyxosBJq9tEqFU2ju1pO5i3HYZWatA901Ffbw1WgRDZXJzNmBZnOJCUS
eGGwg0gShcXwDx0zl8E2ID713XnqvjOxcn4vzpPLB289NygNjnHqSFjeJGZF8j9x
bLK0Twrh0WlSALC0iMYVgBlMzRrtUgtV4YLCMXWQbMQwM5Q/Ki2uF3+VxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMW5QcZGsXTa1nQsArH7x3XlacAVMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEveGJsQnhrYXhkTnJXZEN3Q3NmdkhkZVZwd0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcz2AwQA
WS0uAwQAvNUxAwQAvNWGMA0GCSqGSIb3DQEBCwUAA4IBAQCYmcvuU1pWIxVdBUu0
dfqLYT5/Icl1KB7kf/lahNbFpIWZ4ZG026dg/Wyy+lQe5jHc0lB2TwjDPZMkphpX
f9jV0cIdid17wpjIaLWMhbkqkm82LCL3eGU1C0GjjwKWJYrCYOy/Hj/oPfgGQA5h
CANBYABveok/CxSY15vLDGsWjL4kcqyddleUj90Yq7dVWYLlD51s6dChHXma9BHA
aOfVfQISiyB3WlyzMRiDq5LxzuSXMSgqKyShVnfnwH5ssiZKB4pifjifo0OAGMks
P0X2a5jrLaSgflZifkBMJzQxv9ph+rXd8OZAJydyDD0Qq/+GImT6MKV6i1nQFbyA
5BdT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:41 2024 by rpki-client on console-ams.rpki-client.org