Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/XRrFxKxYEiEBorkiqXvB-dKVO3E.roa
File: XRrFxKxYEiEBorkiqXvB-dKVO3E.roa (raw, json)
Hash identifier: ZZOjTzHSb1RHXs0FtAKEG+x34k1btpLMkERz7yHLzWo=
Subject key identifier: 5D:1A:C5:C4:AC:58:12:21:01:A2:B9:22:A9:7B:C1:F9:D2:95:3B:71
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC296A067A8B11DAE1D84450D368F
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/XRrFxKxYEiEBorkiqXvB-dKVO3E.roa
Signing time: Mon 02 Jan 2023 17:15:03 +0000
ROA not before: Mon 02 Jan 2023 17:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48990
IP address blocks: 185.210.88.0/22 maxlen: 24
185.235.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c2:96:a0:67:a8:b1:1d:ae:1d:84:45:0d:36:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d1ac5c4ac58122101a2b922a97bc1f9d2953b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ab:5d:41:aa:d5:55:b9:35:b4:10:ed:99:d1:
57:24:86:6a:58:1b:61:22:93:dc:29:04:cc:82:a6:
13:ab:59:4c:70:ce:e0:7b:4e:e0:0d:16:b9:b6:88:
b2:6b:01:df:dd:c8:8d:fc:39:6d:46:ad:10:a3:8b:
e3:5a:2e:f1:7f:bd:63:d8:d9:71:8a:4b:f5:94:eb:
d6:7a:6d:bd:12:cb:1a:01:77:e7:95:c3:99:3c:20:
27:ab:4f:ec:fc:ab:b5:53:7c:3e:a6:30:7f:35:8a:
48:6e:f8:58:50:28:b9:56:12:de:59:7b:80:2b:73:
44:94:07:21:7e:09:75:be:71:b7:2d:65:96:24:ba:
04:2b:5d:a1:b4:e8:28:1e:1a:dc:31:22:46:16:92:
99:b9:b1:5c:59:99:5e:96:98:d4:8c:ad:80:4e:e4:
f8:1c:a3:01:cb:3a:b7:35:93:2e:5a:b2:62:77:0c:
3f:6c:fd:9d:8f:02:6c:e1:aa:38:9a:3a:45:3f:5d:
70:a2:e4:ed:ad:90:38:b8:1b:f8:e5:d8:87:f5:c8:
6b:fc:c8:27:56:57:a7:49:fb:a7:60:71:b8:6e:79:
94:36:c2:1b:0e:ed:82:4e:96:1b:f4:37:d4:02:75:
ab:5e:0d:ad:01:5d:24:83:3d:9d:d9:8c:18:a8:7b:
f1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1A:C5:C4:AC:58:12:21:01:A2:B9:22:A9:7B:C1:F9:D2:95:3B:71
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/XRrFxKxYEiEBorkiqXvB-dKVO3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.88.0/22
185.235.100.0/22
Signature Algorithm: sha256WithRSAEncryption
04:7a:80:e5:32:b3:00:ca:79:e0:b2:88:37:46:c8:49:eb:65:
38:f1:9c:30:d4:3d:8f:af:ff:c5:85:58:e6:44:a9:00:04:ee:
7a:ed:81:2a:29:72:ef:19:25:66:93:50:ac:31:a8:91:6a:cd:
11:49:ac:b6:7b:c9:b2:bf:3c:f5:25:3d:77:91:b1:a5:09:c6:
e0:61:cc:6c:ed:c6:c3:82:c0:d8:54:cf:c6:79:bb:48:4b:c4:
b5:59:08:c1:32:da:f1:82:df:73:ca:57:a2:2c:8a:15:9f:a6:
7f:36:de:af:ef:60:85:91:46:91:e7:e3:5b:cb:4a:80:5b:a7:
16:a4:05:ee:f5:74:50:7e:dd:52:24:d2:4e:14:9d:0d:81:03:
fc:35:9c:c7:83:7c:fe:37:46:93:4b:3e:71:6b:63:b2:f3:25:
c2:c1:dc:a2:98:3f:7c:e9:dc:66:c7:a5:2e:fe:64:0c:54:d2:
7d:14:97:e6:1e:08:7e:e3:82:76:75:3d:0c:8e:31:81:12:84:
a8:30:03:28:42:72:3e:93:78:4e:c6:f8:d1:29:27:b1:bb:6e:
c9:d9:ae:dc:bc:d5:73:82:dd:28:3d:1c:df:b8:0c:f0:78:79:
24:1a:53:55:2b:53:70:01:a4:8c:34:6b:56:cd:42:fb:84:d4:
3b:a8:f1:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzesKWoGeosR2uHYRFDTaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDFhYzVjNGFjNTgxMjIxMDFhMmI5MjJhOTdiYzFmOWQyOTUzYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqtdQarVVbk1tBDtmdFXJIZqWBth
IpPcKQTMgqYTq1lMcM7ge07gDRa5toiyawHf3ciN/DltRq0Qo4vjWi7xf71j2Nlx
ikv1lOvWem29EssaAXfnlcOZPCAnq0/s/Ku1U3w+pjB/NYpIbvhYUCi5VhLeWXuA
K3NElAchfgl1vnG3LWWWJLoEK12htOgoHhrcMSJGFpKZubFcWZlelpjUjK2ATuT4
HKMByzq3NZMuWrJidww/bP2djwJs4ao4mjpFP11wouTtrZA4uBv45diH9chr/Mgn
VlenSfunYHG4bnmUNsIbDu2CTpYb9DfUAnWrXg2tAV0kgz2d2YwYqHvxZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF0axcSsWBIhAaK5Iql7wfnSlTtxMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWFJyRnhLeFlFaUVCb3JraXFYdkItZEtWTzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudJYAwQC
uetkMA0GCSqGSIb3DQEBCwUAA4IBAQAEeoDlMrMAynngsog3RshJ62U48Zww1D2P
r//FhVjmRKkABO567YEqKXLvGSVmk1CsMaiRas0RSay2e8myvzz1JT13kbGlCcbg
Ycxs7cbDgsDYVM/GebtIS8S1WQjBMtrxgt9zyleiLIoVn6Z/Nt6v72CFkUaR5+Nb
y0qAW6cWpAXu9XRQft1SJNJOFJ0NgQP8NZzHg3z+N0aTSz5xa2Oy8yXCwdyimD98
6dxmx6Uu/mQMVNJ9FJfmHgh+44J2dT0MjjGBEoSoMAMoQnI+k3hOxvjRKSexu27J
2a7cvNVzgt0oPRzfuAzweHkkGlNVK1NwAaSMNGtWzUL7hNQ7qPHX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org