Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/xSy7cDPR_tHU-nPb-L-P_c250Hc.roa
File: xSy7cDPR_tHU-nPb-L-P_c250Hc.roa (raw, json)
Hash identifier: oV4DhTu7ggh/sVhlzwBWZTz7Xziy0HshI9U3WgLlPQs=
Subject key identifier: C5:2C:BB:70:33:D1:FE:D1:D4:FA:73:DB:F8:BF:8F:FD:CD:B9:D0:77
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 01856CEF42C50AAB2C8BB1DF9CEEBF7052B0
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/xSy7cDPR_tHU-nPb-L-P_c250Hc.roa
Signing time: Sun 01 Jan 2023 10:44:57 +0000
ROA not before: Sun 01 Jan 2023 10:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48095
IP address blocks: 193.228.12.0/22 maxlen: 22
91.132.248.0/23 maxlen: 23
194.76.32.0/22 maxlen: 22
91.132.250.0/23 maxlen: 23
109.196.170.0/23 maxlen: 23
109.196.168.0/23 maxlen: 23
185.245.245.0/24 maxlen: 24
192.144.24.0/23 maxlen: 23
91.197.36.0/22 maxlen: 22
192.144.26.0/23 maxlen: 23
185.249.0.0/22 maxlen: 22
193.39.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:42:c5:0a:ab:2c:8b:b1:df:9c:ee:bf:70:52:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jan 1 10:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c52cbb7033d1fed1d4fa73dbf8bf8ffdcdb9d077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9a:63:a7:83:0b:47:58:68:c4:2c:f8:55:14:
e3:a9:35:84:d1:c3:b1:dd:9a:6d:16:74:09:81:57:
b4:7b:32:49:a4:c7:e4:9a:e2:0b:5a:d9:20:6c:f9:
6e:1e:c2:5a:35:03:ce:90:57:82:32:e5:32:70:5f:
3e:b4:ef:b4:98:c5:83:05:fb:72:0f:43:ad:2e:ce:
25:07:fc:be:77:b3:e8:dc:b7:33:c3:06:fc:fb:b0:
f1:81:3b:29:3d:28:2a:aa:41:ba:ce:6c:4c:df:4f:
88:a7:c3:8c:62:59:3d:26:4c:5f:36:67:5a:b0:43:
0d:88:03:e3:a9:a9:77:ca:59:27:56:70:bf:b4:6b:
ec:1f:5b:7c:c0:a6:b6:d3:85:7d:79:59:0f:5b:81:
86:cf:a7:7f:2c:49:dd:90:29:72:de:6e:e8:25:d3:
a8:9a:b1:c7:eb:01:9d:6b:dc:96:02:36:91:12:21:
8e:65:7a:26:31:6c:6e:01:9c:5c:13:b2:b4:b1:4e:
88:f9:6e:27:38:8b:62:02:77:c2:9d:6a:7b:18:e6:
bf:44:fa:c4:fa:1d:47:8a:e0:d9:16:5b:27:8b:2b:
75:91:86:63:b6:85:02:d3:7b:9a:d9:84:77:da:64:
71:ac:02:60:a7:f8:05:b6:2d:34:63:60:2a:b5:6b:
7a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:2C:BB:70:33:D1:FE:D1:D4:FA:73:DB:F8:BF:8F:FD:CD:B9:D0:77
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/xSy7cDPR_tHU-nPb-L-P_c250Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.248.0/22
91.197.36.0/22
109.196.168.0/22
185.245.245.0/24
185.249.0.0/22
192.144.24.0/22
193.39.88.0/22
193.228.12.0/22
194.76.32.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:e0:24:60:1d:50:6f:f3:83:7b:0d:4b:a4:fb:cb:2e:ea:0b:
f6:09:16:36:9b:7f:a0:11:45:7e:4c:47:8f:0f:00:64:33:92:
44:7f:af:cf:f4:fa:87:89:77:83:30:8a:69:d2:73:5c:29:58:
1e:6d:13:2f:9d:86:85:1c:a6:e3:e9:ee:cb:90:dd:5c:78:3e:
1d:67:86:11:f7:3d:24:02:b7:bf:ea:22:3d:e2:4c:c5:0c:4b:
2f:ee:2d:4c:ce:9c:ce:6e:c0:9b:cf:32:3f:c4:a7:fb:02:ab:
68:91:9c:ab:28:5c:8e:fd:39:91:38:d5:0a:c6:b9:0e:b3:6f:
4a:67:ff:09:15:1c:94:cf:a4:26:ad:0b:09:5a:40:0d:0e:d3:
ad:49:7e:78:78:9d:8f:14:fa:a6:cd:97:12:f2:39:9a:b9:6f:
f9:52:bb:5b:ed:a7:65:2e:b7:b2:69:fa:7d:01:bb:ac:b7:55:
bd:53:9d:ea:20:4d:22:42:83:b4:d8:c7:2e:4f:db:d1:13:da:
56:16:b5:a5:f5:e4:ad:c0:e1:f7:21:ac:7f:40:a1:2f:2e:cf:
05:72:7f:94:b4:7c:8c:f0:e3:b8:f3:ec:32:5b:f9:9c:9e:eb:
63:f4:03:6c:1b:af:df:ad:ed:67:10:53:24:10:7b:46:42:ca:
23:ee:8c:a7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVs70LFCqssi7HfnO6/cFKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjMwMTAxMTA0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTJjYmI3MDMzZDFmZWQxZDRmYTczZGJmOGJmOGZmZGNkYjlkMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlppjp4MLR1hoxCz4VRTjqTWE0cOx
3ZptFnQJgVe0ezJJpMfkmuILWtkgbPluHsJaNQPOkFeCMuUycF8+tO+0mMWDBfty
D0OtLs4lB/y+d7Po3Lczwwb8+7DxgTspPSgqqkG6zmxM30+Ip8OMYlk9JkxfNmda
sEMNiAPjqal3ylknVnC/tGvsH1t8wKa204V9eVkPW4GGz6d/LEndkCly3m7oJdOo
mrHH6wGda9yWAjaREiGOZXomMWxuAZxcE7K0sU6I+W4nOItiAnfCnWp7GOa/RPrE
+h1HiuDZFlsniyt1kYZjtoUC03ua2YR32mRxrAJgp/gFti00Y2AqtWt6DQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMUsu3Az0f7R1Ppz2/i/j/3NudB3MB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEveFN5N2NEUFJfdEhVLW5QYi1MLVBfYzI1MEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCW4T4AwQC
W8UkAwQCbcSoAwQAufX1AwQCufkAAwQCwJAYAwQCwSdYAwQCweQMAwQCwkwgMA0G
CSqGSIb3DQEBCwUAA4IBAQCe4CRgHVBv84N7DUuk+8su6gv2CRY2m3+gEUV+TEeP
DwBkM5JEf6/P9PqHiXeDMIpp0nNcKVgebRMvnYaFHKbj6e7LkN1ceD4dZ4YR9z0k
Are/6iI94kzFDEsv7i1MzpzObsCbzzI/xKf7AqtokZyrKFyO/TmRONUKxrkOs29K
Z/8JFRyUz6QmrQsJWkANDtOtSX54eJ2PFPqmzZcS8jmauW/5Urtb7adlLreyafp9
Abust1W9U53qIE0iQoO02McuT9vRE9pWFrWl9eStwOH3Iax/QKEvLs8Fcn+UtHyM
8OO48+wyW/mcnutj9ANsG6/fre1nEFMkEHtGQsoj7oyn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:34 2024 by rpki-client on console-fra.rpki-client.org