Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/XnvlAjtiNyzqwKgXjdOJM0QY2Ko.roa
File: XnvlAjtiNyzqwKgXjdOJM0QY2Ko.roa (raw, json)
Hash identifier: HosKZcEWcChRaA1TH8eq1Ilt/F3UvosIR8wvVv+un9Q=
Subject key identifier: 5E:7B:E5:02:3B:62:37:2C:EA:C0:A8:17:8D:D3:89:33:44:18:D8:AA
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AC90ACCE98C433D005CEF460584BB
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/XnvlAjtiNyzqwKgXjdOJM0QY2Ko.roa
Signing time: Mon 02 Jan 2023 17:15:04 +0000
ROA not before: Mon 02 Jan 2023 17:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197077
IP address blocks: 176.98.212.0/22 maxlen: 24
185.137.140.0/22 maxlen: 24
45.13.200.0/23 maxlen: 23
45.13.202.0/23 maxlen: 23
45.13.200.0/22 maxlen: 22
217.198.192.0/20 maxlen: 24
91.220.70.0/24 maxlen: 24
2a04:a450::/31 maxlen: 31
Validation: Failed, certificate revoked on Wed 04 Jan 2023 14:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:c9:0a:cc:e9:8c:43:3d:00:5c:ef:46:05:84:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7be5023b62372ceac0a8178dd389334418d8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:d8:5d:d4:ac:16:c0:f0:18:a7:ff:2f:c0:
ae:40:50:6a:4a:bf:ef:fc:1a:09:12:0e:40:9c:43:
44:2f:a9:e9:27:4e:60:da:7c:e9:74:01:27:dd:8a:
13:cd:70:a8:76:3a:12:05:c3:82:35:88:65:01:16:
1c:4e:55:d0:ac:f9:6a:d9:fe:c6:b6:dc:70:ad:1c:
7a:32:71:4c:6d:e9:a4:57:7d:3e:c0:1d:23:18:3b:
00:50:08:01:a0:ef:fe:77:1d:87:66:01:0d:2f:14:
3a:8b:d9:25:21:57:06:f4:3e:88:f2:7e:8f:68:1a:
01:3b:20:d8:3d:14:bb:94:74:ea:69:30:5b:38:44:
bc:1e:49:e2:6e:be:78:cb:1a:6b:37:58:80:e2:5e:
03:7f:5d:80:bf:54:3a:61:2c:d9:d9:5c:9d:0d:8c:
56:97:84:59:ea:7a:8e:d6:0d:91:8d:82:c4:44:c8:
21:9a:32:0e:a4:3e:aa:16:0f:c4:66:f5:89:52:ca:
6d:92:b6:7e:20:37:bd:aa:96:a1:94:54:aa:31:6e:
8a:79:b7:24:4a:ac:b1:11:17:61:ea:5f:03:4b:2b:
8c:08:c2:44:a2:58:e1:7b:64:53:1e:35:23:8f:f4:
e6:9b:17:38:78:13:af:7d:e4:e1:bd:e1:c9:40:ec:
16:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7B:E5:02:3B:62:37:2C:EA:C0:A8:17:8D:D3:89:33:44:18:D8:AA
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/XnvlAjtiNyzqwKgXjdOJM0QY2Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.200.0/22
91.220.70.0/24
176.98.212.0/22
185.137.140.0/22
217.198.192.0/20
IPv6:
2a04:a450::/31
Signature Algorithm: sha256WithRSAEncryption
99:a7:23:bc:f6:45:69:11:3f:ed:d4:19:68:c9:c5:45:39:c5:
86:43:c4:06:b0:bc:aa:b5:e7:8b:95:15:88:d6:99:f7:43:48:
d1:4d:59:b3:37:4e:d3:e7:09:f7:4c:05:fb:7b:2e:b7:64:14:
27:7a:a6:c8:d4:ce:68:78:d3:71:71:09:9d:63:2e:d0:fb:0e:
28:a0:8b:80:42:42:f7:dd:e7:fb:d6:c1:da:cd:98:f2:ab:85:
a9:3b:38:cb:ce:39:0b:7a:ab:f5:6f:85:26:cd:8d:d9:8d:6d:
d4:b4:1b:3b:4f:58:56:0a:3b:e8:b4:36:6b:86:42:62:23:70:
bf:68:b0:5b:26:ef:ea:39:49:02:1f:8d:29:31:4f:ca:71:28:
d8:81:d2:8d:09:af:ef:0a:87:0a:ea:89:e9:d6:40:e3:dd:cf:
0e:60:34:83:4b:d9:b2:db:2d:5f:40:64:74:ae:b9:a8:a7:8c:
93:d8:1e:53:dc:0c:56:bd:02:6c:ed:df:27:bc:78:60:40:8a:
f7:80:5e:bd:cb:1f:51:52:b6:ea:e1:55:a5:1c:1c:4d:1a:ae:
36:7c:fe:14:21:ef:d2:5b:6d:c2:f2:db:c7:08:30:47:5d:cd:
bc:4d:61:4c:3c:6c:7e:a6:cc:e2:cb:be:e5:36:99:c4:a9:09:
d5:08:2e:06
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVzeskKzOmMQz0AXO9GBYS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdiZTUwMjNiNjIzNzJjZWFjMGE4MTc4ZGQzODkzMzQ0MThkOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuzYXdSsFsDwGKf/L8CuQFBqSr/v
/BoJEg5AnENEL6npJ05g2nzpdAEn3YoTzXCodjoSBcOCNYhlARYcTlXQrPlq2f7G
ttxwrRx6MnFMbemkV30+wB0jGDsAUAgBoO/+dx2HZgENLxQ6i9klIVcG9D6I8n6P
aBoBOyDYPRS7lHTqaTBbOES8Hknibr54yxprN1iA4l4Df12Av1Q6YSzZ2VydDYxW
l4RZ6nqO1g2RjYLERMghmjIOpD6qFg/EZvWJUsptkrZ+IDe9qpahlFSqMW6Kebck
SqyxERdh6l8DSyuMCMJEoljhe2RTHjUjj/Tmmxc4eBOvfeThveHJQOwW4QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF575QI7Yjcs6sCoF43TiTNEGNiqMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWG52bEFqdGlOeXpxd0tnWGpkT0pNMFFZMktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQ3IAwQA
W9xGAwQCsGLUAwQCuYmMAwQE2cbAMA0EAgACMAcDBQEqBKRQMA0GCSqGSIb3DQEB
CwUAA4IBAQCZpyO89kVpET/t1BloycVFOcWGQ8QGsLyqteeLlRWI1pn3Q0jRTVmz
N07T5wn3TAX7ey63ZBQneqbI1M5oeNNxcQmdYy7Q+w4ooIuAQkL33ef71sHazZjy
q4WpOzjLzjkLeqv1b4UmzY3ZjW3UtBs7T1hWCjvotDZrhkJiI3C/aLBbJu/qOUkC
H40pMU/KcSjYgdKNCa/vCocK6onp1kDj3c8OYDSDS9my2y1fQGR0rrmop4yT2B5T
3AxWvQJs7d8nvHhgQIr3gF69yx9RUrbq4VWlHBxNGq42fP4UIe/SW23C8tvHCDBH
Xc28TWFMPGx+psziy77lNpnEqQnVCC4G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org