Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/XmFV2J6VQcYcnjfJOTEwYB6yab8.roa
File: XmFV2J6VQcYcnjfJOTEwYB6yab8.roa (raw, json)
Hash identifier: EUqinqvBwagLpsEiw+WKmvt/ZPtzbrcGN31lJ5nvPF8=
Subject key identifier: 5E:61:55:D8:9E:95:41:C6:1C:9E:37:C9:39:31:30:60:1E:B2:69:BF
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018B3C653142B2FFC74032139DF094145AED
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/XmFV2J6VQcYcnjfJOTEwYB6yab8.roa
Signing time: Tue 17 Oct 2023 06:49:06 +0000
ROA not before: Tue 17 Oct 2023 06:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
46.175.130.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Oct 2023 08:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:65:31:42:b2:ff:c7:40:32:13:9d:f0:94:14:5a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Oct 17 06:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e6155d89e9541c61c9e37c9393130601eb269bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:46:6f:55:6d:6e:c7:d1:07:2d:c7:7c:3f:a2:
b4:4b:fb:89:55:5d:79:8d:89:8c:89:77:06:85:e3:
e7:e3:a3:cf:9c:90:9d:13:74:39:62:ef:a0:cc:70:
60:54:00:98:e5:85:91:89:ff:ba:1c:a1:d3:5a:6e:
18:f9:56:e5:49:24:d0:47:af:04:d0:63:c3:17:79:
a1:21:1b:14:de:ec:c5:9a:ba:c8:99:df:2b:3a:ed:
90:f3:c4:bb:db:bd:92:2a:68:1f:e6:1b:e0:1f:4a:
44:24:c8:91:8b:e9:dc:c1:ee:45:f2:91:f6:bb:34:
ad:3f:75:35:66:af:a7:c6:14:3e:94:dd:52:b1:61:
50:94:be:c5:50:fc:fa:c1:a6:6a:d8:82:29:0e:01:
45:89:fb:cb:c8:d1:a7:b7:62:b4:5b:42:a6:2e:89:
90:c9:9d:77:e6:49:a7:ea:08:52:55:a4:eb:36:aa:
f9:a7:c0:fa:20:ed:d7:91:61:c0:7f:7d:cf:86:ef:
ac:26:ac:9a:c7:d9:57:b8:fe:70:86:e7:8f:2a:03:
ed:80:7d:53:e5:b7:ec:5d:92:a8:95:03:b6:1c:43:
cc:64:96:da:e5:99:02:63:1c:1b:88:47:15:a7:be:
f5:0b:e6:8b:ad:eb:6b:a2:10:23:57:14:ef:90:e9:
7c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:61:55:D8:9E:95:41:C6:1C:9E:37:C9:39:31:30:60:1E:B2:69:BF
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/XmFV2J6VQcYcnjfJOTEwYB6yab8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/23
141.98.137.0/24
141.98.139.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d7:e5:57:8c:31:4d:d3:1d:80:51:d2:91:ff:9d:6d:11:da:
e8:97:3f:f3:42:89:fd:e4:05:b8:68:1b:3c:9c:e7:c6:fb:2c:
1f:9e:bc:34:cb:db:74:fb:2a:33:87:54:2e:cd:4e:1b:84:cb:
b2:43:3b:d2:31:b9:8b:53:97:fd:76:68:c9:57:98:ba:65:25:
ba:1b:98:00:d0:b2:d9:a4:ff:cc:69:f6:5a:3d:87:7f:6c:ca:
64:1a:0f:32:9c:5c:6d:d8:42:c7:5d:1e:31:5d:cf:05:97:43:
56:71:a7:b5:0f:20:d0:1f:27:71:7a:7a:0d:e1:1b:b8:de:ef:
85:d8:0c:35:12:dd:fb:28:3f:7c:f6:50:af:87:4c:d7:14:d6:
88:86:c8:8e:53:cb:8d:16:7f:16:b7:3b:44:78:24:26:1d:c1:
15:9d:7e:92:42:31:a6:49:96:8f:51:d9:59:94:44:00:5c:0c:
ed:9e:95:5b:11:60:f8:ab:20:e4:8c:94:fe:4b:e3:d0:61:24:
12:29:ca:ba:33:ec:5f:e8:fd:17:6e:2a:b1:fa:c9:77:48:93:
ba:ca:ce:ab:a7:d0:db:92:6f:02:1f:f2:0f:00:85:c6:c5:3c:
3a:c8:8e:09:f2:43:a0:4e:ba:5b:3a:a5:13:56:bd:97:87:43:
04:88:dc:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYs8ZTFCsv/HQDITnfCUFFrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMxMDE3MDY0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTYxNTVkODllOTU0MWM2MWM5ZTM3YzkzOTMxMzA2MDFlYjI2OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkZvVW1ux9EHLcd8P6K0S/uJVV15
jYmMiXcGhePn46PPnJCdE3Q5Yu+gzHBgVACY5YWRif+6HKHTWm4Y+VblSSTQR68E
0GPDF3mhIRsU3uzFmrrImd8rOu2Q88S7272SKmgf5hvgH0pEJMiRi+ncwe5F8pH2
uzStP3U1Zq+nxhQ+lN1SsWFQlL7FUPz6waZq2IIpDgFFifvLyNGnt2K0W0KmLomQ
yZ135kmn6ghSVaTrNqr5p8D6IO3XkWHAf33Phu+sJqyax9lXuP5whuePKgPtgH1T
5bfsXZKolQO2HEPMZJba5ZkCYxwbiEcVp771C+aLretrohAjVxTvkOl8ewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF5hVdielUHGHJ43yTkxMGAesmm/MB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvWG1GVjJKNlZRY1ljbmpmSk9URXdZQjZ5YWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALq+CAwQB
e/3UAwQAjWKJAwQAjWKLMA0GCSqGSIb3DQEBCwUAA4IBAQCL1+VXjDFN0x2AUdKR
/51tEdrolz/zQon95AW4aBs8nOfG+ywfnrw0y9t0+yozh1QuzU4bhMuyQzvSMbmL
U5f9dmjJV5i6ZSW6G5gA0LLZpP/MafZaPYd/bMpkGg8ynFxt2ELHXR4xXc8Fl0NW
cae1DyDQHydxenoN4Ru43u+F2Aw1Et37KD989lCvh0zXFNaIhsiOU8uNFn8WtztE
eCQmHcEVnX6SQjGmSZaPUdlZlEQAXAztnpVbEWD4qyDkjJT+S+PQYSQSKcq6M+xf
6P0Xbiqx+sl3SJO6ys6rp9Dbkm8CH/IPAIXGxTw6yI4J8kOgTrpbOqUTVr2Xh0ME
iNz3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org