Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/XlgHJ1i-_HN7kauoTlWiim89j4g.roa
File: XlgHJ1i-_HN7kauoTlWiim89j4g.roa (raw, json)
Hash identifier: L1l65Fu9Z7g/9grX8xclCwRJ7hGHjmW5vqOJEO4j6K8=
Subject key identifier: 5E:58:07:27:58:BE:FC:73:7B:91:AB:A8:4E:55:A2:8A:6F:3D:8F:88
Certificate issuer: /CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Certificate serial: 018A8D16B513386171B0AF5EE0E836C95748
Authority key identifier: E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/XlgHJ1i-_HN7kauoTlWiim89j4g.roa
Signing time: Wed 13 Sep 2023 05:49:50 +0000
ROA not before: Wed 13 Sep 2023 05:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51248
IP address blocks: 185.8.56.0/22 maxlen: 24
176.74.216.0/21 maxlen: 24
158.255.32.0/21 maxlen: 24
188.124.56.0/21 maxlen: 24
158.255.39.0/24 maxlen: 24
193.161.84.0/22 maxlen: 24
5.43.224.0/21 maxlen: 24
2a03:1840:1::/48 maxlen: 64
2a03:1840:2::/48 maxlen: 64
2a03:1840::/48 maxlen: 64
2a03:1840:3::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:16:b5:13:38:61:71:b0:af:5e:e0:e8:36:c9:57:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9e4dc968ed52935a04dee3b229c21ca9bfdbd7e
Validity
Not Before: Sep 13 05:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e58072758befc737b91aba84e55a28a6f3d8f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2a:f5:7d:1c:e4:51:1b:ee:94:63:a7:bd:f8:
8e:8d:89:fb:cc:30:2e:db:be:31:b4:ae:c8:a5:35:
c1:e7:32:3f:a8:0f:92:80:bf:5a:eb:db:86:e2:39:
e1:37:5f:82:dd:e4:fc:b7:be:fe:e3:00:43:f8:ba:
86:e3:7b:4f:23:59:95:72:59:8d:af:54:78:20:4b:
be:af:56:f6:30:17:0e:51:c4:46:e5:70:b9:a6:7a:
6a:67:19:ef:2f:e2:e8:0c:50:25:53:14:b8:49:9a:
0e:fb:1a:7b:e3:70:98:4c:6c:75:b7:60:b8:0c:c1:
93:7b:ea:17:b0:8e:9e:7c:44:2e:2c:47:e0:90:be:
07:51:15:24:c6:59:e3:88:64:0d:bd:de:d5:af:49:
7b:66:d7:70:da:c9:4b:1d:2a:7e:ad:f6:d8:0c:d7:
46:b9:a6:72:2a:d6:fa:ee:e7:59:b7:78:c9:2a:da:
fa:ae:e3:da:80:ad:e4:e9:01:e0:49:c1:cb:08:9d:
c6:7e:c8:0c:d7:be:1a:f3:fe:a9:a9:60:fb:ab:e8:
67:48:d2:27:72:b1:66:a7:5f:3d:60:0c:6a:10:bb:
e4:f8:27:df:1d:43:15:c3:39:89:e5:0c:f9:25:44:
0e:02:9f:59:a4:a7:51:b1:13:2f:a6:8b:5e:06:35:
bb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:58:07:27:58:BE:FC:73:7B:91:AB:A8:4E:55:A2:8A:6F:3D:8F:88
X509v3 Authority Key Identifier:
keyid:E9:E4:DC:96:8E:D5:29:35:A0:4D:EE:3B:22:9C:21:CA:9B:FD:BD:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6eTclo7VKTWgTe47Ipwhypv9vX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/XlgHJ1i-_HN7kauoTlWiim89j4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/1a134f-030a-43e7-b041-6c7856ef7b31/1/6eTclo7VKTWgTe47Ipwhypv9vX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.43.224.0/21
158.255.32.0/21
176.74.216.0/21
185.8.56.0/22
188.124.56.0/21
193.161.84.0/22
IPv6:
2a03:1840::/46
Signature Algorithm: sha256WithRSAEncryption
5d:72:e0:60:9d:31:44:ed:d2:dd:a6:24:09:db:fb:a6:d2:2e:
24:0c:8f:00:82:8f:c4:23:0d:e6:96:8c:4b:f3:1a:18:78:1d:
5e:67:7c:7f:4b:30:2d:24:54:0b:b8:05:0b:e7:94:3b:73:61:
ac:56:eb:1a:56:78:be:f5:21:3e:2e:ca:a9:82:6d:ce:08:7d:
cb:88:c6:69:c5:a5:a1:19:78:ab:dd:ba:ed:2d:49:31:c3:3b:
bf:cc:d4:ef:3f:47:28:61:2f:1e:4d:6a:16:df:58:4f:b2:49:
7c:18:4a:a4:4b:bb:8b:37:d6:c1:13:12:8c:73:83:8c:0d:e2:
59:de:28:9e:01:1c:1b:20:be:85:c4:2c:c7:66:e1:b7:d0:d4:
fa:4b:b1:c8:f2:3e:b7:f7:4d:81:0d:6f:1e:d9:9c:2c:a0:34:
45:96:27:6d:89:f3:c3:1c:74:35:2c:b9:de:df:30:b5:83:bc:
7b:3f:85:4a:50:6d:2f:54:bc:cb:7f:60:7e:24:3a:45:5b:c2:
ff:64:c5:60:e6:c8:06:51:3e:84:e1:21:65:df:28:cf:d8:bb:
99:80:44:9b:37:8f:1f:f2:94:83:d1:a0:c7:89:a5:12:3f:6c:
ee:70:8f:78:8a:95:dc:d4:51:9f:78:b6:b6:52:03:67:e5:35:
84:47:34:7c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYqNFrUTOGFxsK9e4Og2yVdIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZTRkYzk2OGVkNTI5MzVhMDRkZWUzYjIyOWMyMWNhOWJm
ZGJkN2UwHhcNMjMwOTEzMDU0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU4MDcyNzU4YmVmYzczN2I5MWFiYTg0ZTU1YTI4YTZmM2Q4Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yr1fRzkURvulGOnvfiOjYn7zDAu
274xtK7IpTXB5zI/qA+SgL9a69uG4jnhN1+C3eT8t77+4wBD+LqG43tPI1mVclmN
r1R4IEu+r1b2MBcOUcRG5XC5pnpqZxnvL+LoDFAlUxS4SZoO+xp743CYTGx1t2C4
DMGTe+oXsI6efEQuLEfgkL4HURUkxlnjiGQNvd7Vr0l7Ztdw2slLHSp+rfbYDNdG
uaZyKtb67udZt3jJKtr6ruPagK3k6QHgScHLCJ3GfsgM174a8/6pqWD7q+hnSNIn
crFmp189YAxqELvk+CffHUMVwzmJ5Qz5JUQOAp9ZpKdRsRMvpoteBjW7mQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFF5YBydYvvxze5GrqE5VoopvPY+IMB8GA1UdIwQY
MBaAFOnk3JaO1Sk1oE3uOyKcIcqb/b1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEt
NmM3ODU2ZWY3YjMxLzEvWGxnSEoxaS1fSE43a2F1b1RsV2lpbTg5ajRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8xYTEzNGYtMDMwYS00M2U3LWIwNDEtNmM3ODU2ZWY3YjMx
LzEvNmVUY2xvN1ZLVFdnVGU0N0lwd2h5cHY5dlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQDBSvgAwQD
nv8gAwQDsErYAwQCuQg4AwQDvHw4AwQCwaFUMA8EAgACMAkDBwIqAxhAAAAwDQYJ
KoZIhvcNAQELBQADggEBAF1y4GCdMUTt0t2mJAnb+6bSLiQMjwCCj8QjDeaWjEvz
Ghh4HV5nfH9LMC0kVAu4BQvnlDtzYaxW6xpWeL71IT4uyqmCbc4IfcuIxmnFpaEZ
eKvduu0tSTHDO7/M1O8/RyhhLx5NahbfWE+ySXwYSqRLu4s31sETEoxzg4wN4lne
KJ4BHBsgvoXELMdm4bfQ1PpLscjyPrf3TYENbx7ZnCygNEWWJ22J88McdDUsud7f
MLWDvHs/hUpQbS9UvMt/YH4kOkVbwv9kxWDmyAZRPoThIWXfKM/Yu5mARJs3jx/y
lIPRoMeJpRI/bO5wj3iKldzUUZ94trZSA2flNYRHNHw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:51 2024 by rpki-client on console-ams.rpki-client.org