Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/XPJMrn4QcVpz6367_dcC6pJbZnQ.roa
File: XPJMrn4QcVpz6367_dcC6pJbZnQ.roa (raw, json)
Hash identifier: 31PK19I0R0aYREL10P8DZspqLzpCO7Q35p+WvZusy3Y=
Subject key identifier: 5C:F2:4C:AE:7E:10:71:5A:73:EB:7E:BB:FD:D7:02:EA:92:5B:66:74
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F288B39553410D57B12A61C67731
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/XPJMrn4QcVpz6367_dcC6pJbZnQ.roa
Signing time: Mon 02 Jan 2023 15:24:56 +0000
ROA not before: Mon 02 Jan 2023 15:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35014
IP address blocks: 89.252.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f2:88:b3:95:53:41:0d:57:b1:2a:61:c6:77:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf24cae7e10715a73eb7ebbfdd702ea925b6674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:da:2d:4c:ea:31:4e:ff:5e:33:df:cd:e2:
dd:b1:da:39:94:21:2f:72:e6:c7:f2:58:9b:10:ea:
35:85:f0:5a:47:c7:a6:af:21:a1:3b:23:18:7f:b2:
d1:1f:91:3d:d2:2f:67:df:8e:5d:53:03:4b:b7:79:
c0:e4:1c:1a:04:9b:43:76:e3:d0:66:02:2f:3a:75:
0b:37:30:43:09:00:c3:70:53:25:53:11:bc:8e:ea:
ca:87:03:d9:23:93:da:fc:73:ed:d2:0a:56:dd:1b:
2f:ba:3f:87:b7:70:dd:b9:14:28:bc:e9:3b:e3:5b:
38:aa:b8:4c:ef:be:31:ba:14:24:c2:96:40:ee:8d:
f8:1d:e3:e4:e9:0d:27:74:4c:b3:82:03:b5:bd:d2:
af:6b:4d:ee:76:07:a6:16:9c:73:4c:31:db:88:f6:
81:b5:33:9b:43:43:9b:9f:ae:90:8f:81:6a:df:91:
3e:9b:51:7c:56:37:22:86:5f:44:c2:0c:ac:3d:36:
cb:be:b5:23:35:44:58:93:d8:f9:47:bd:98:92:5c:
cf:02:ff:cd:d5:be:94:d1:54:b4:2a:51:11:5c:b0:
a6:7a:5e:ae:5e:12:f0:d0:ed:94:1d:97:52:07:bb:
cc:1a:f3:0e:96:92:27:29:b6:da:67:94:e7:ff:7e:
3f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F2:4C:AE:7E:10:71:5A:73:EB:7E:BB:FD:D7:02:EA:92:5B:66:74
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/XPJMrn4QcVpz6367_dcC6pJbZnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.197.0/24
Signature Algorithm: sha256WithRSAEncryption
03:80:ef:5c:e1:66:d7:48:b8:5b:50:e6:65:d7:c4:2b:1a:69:
43:5c:e4:a2:45:29:0b:67:9f:d2:79:56:9b:68:a0:50:27:40:
3f:c0:bf:e7:70:8f:c1:d8:fe:3a:6d:06:ec:7e:d1:d7:4d:31:
9b:09:c4:c8:82:c9:9e:d9:c0:3b:52:15:43:bd:c9:c4:51:86:
14:4d:f3:13:f2:e9:19:8a:7c:67:29:64:9a:3c:4a:96:9e:c2:
fb:2a:04:69:14:fe:f9:5c:71:e1:43:89:67:5a:b7:5c:85:ad:
28:0c:e5:8d:b9:00:2c:90:8f:80:9b:75:b7:e8:fd:92:15:4d:
73:0c:1b:0c:01:42:82:f5:d5:3d:80:dd:3e:5d:97:6d:2a:8c:
5f:ef:18:85:34:fc:3a:80:de:d6:f8:67:c6:e8:48:0f:e9:14:
d4:1f:f8:52:40:0d:d4:25:0b:4d:c6:4c:6e:49:66:39:e0:c3:
22:e2:3a:0d:06:f0:02:77:68:38:b2:de:59:ca:88:7f:0f:14:
ef:b7:af:c7:e8:60:13:c9:92:30:5f:20:42:c0:c1:fe:d6:37:
82:9b:d0:7e:e6:bb:cf:7f:ac:a7:96:75:14:4e:41:2c:e4:a4:
a8:ba:55:cf:ac:a6:9c:11:27:c8:6b:dd:b3:6c:d9:1b:67:4a:
f9:e2:57:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfKIs5VTQQ1XsSphxncxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2YyNGNhZTdlMTA3MTVhNzNlYjdlYmJmZGQ3MDJlYTkyNWI2Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgHaLUzqMU7/XjPfzeLdsdo5lCEv
cubH8libEOo1hfBaR8emryGhOyMYf7LRH5E90i9n345dUwNLt3nA5BwaBJtDduPQ
ZgIvOnULNzBDCQDDcFMlUxG8jurKhwPZI5Pa/HPt0gpW3Rsvuj+Ht3DduRQovOk7
41s4qrhM774xuhQkwpZA7o34HePk6Q0ndEyzggO1vdKva03udgemFpxzTDHbiPaB
tTObQ0Obn66Qj4Fq35E+m1F8Vjcihl9EwgysPTbLvrUjNURYk9j5R72YklzPAv/N
1b6U0VS0KlERXLCmel6uXhLw0O2UHZdSB7vMGvMOlpInKbbaZ5Tn/34/RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzyTK5+EHFac+t+u/3XAuqSW2Z0MB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvWFBKTXJuNFFjVnB6NjM2N19kY0M2cEpiWm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfzFMA0G
CSqGSIb3DQEBCwUAA4IBAQADgO9c4WbXSLhbUOZl18QrGmlDXOSiRSkLZ5/SeVab
aKBQJ0A/wL/ncI/B2P46bQbsftHXTTGbCcTIgsme2cA7UhVDvcnEUYYUTfMT8ukZ
inxnKWSaPEqWnsL7KgRpFP75XHHhQ4lnWrdcha0oDOWNuQAskI+Am3W36P2SFU1z
DBsMAUKC9dU9gN0+XZdtKoxf7xiFNPw6gN7W+GfG6EgP6RTUH/hSQA3UJQtNxkxu
SWY54MMi4joNBvACd2g4st5Zyoh/DxTvt6/H6GATyZIwXyBCwMH+1jeCm9B+5rvP
f6ynlnUUTkEs5KSoulXPrKacESfIa92zbNkbZ0r54lc3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org