Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/XkoYONCI7QrZNsko7Nhq3LHEQiM.roa
File: XkoYONCI7QrZNsko7Nhq3LHEQiM.roa (raw, json)
Hash identifier: 4wb6gvwqKowwYMZYdTnPrawiEG1R0nJ5WqLH9qyIREc=
Subject key identifier: 5E:4A:18:38:D0:88:ED:0A:D9:36:C9:28:EC:D8:6A:DC:B1:C4:42:23
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F8F79490A7E46C8E44475B552E86
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/XkoYONCI7QrZNsko7Nhq3LHEQiM.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57237
IP address blocks: 194.12.235.0/24 maxlen: 24
194.12.236.0/24 maxlen: 24
194.12.243.0/24 maxlen: 24
194.12.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f8:f7:94:90:a7:e4:6c:8e:44:47:5b:55:2e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e4a1838d088ed0ad936c928ecd86adcb1c44223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:56:07:b3:d3:79:8c:07:5b:2f:0e:f4:90:47:
dc:8c:72:92:b1:0e:04:f6:d3:57:44:2d:12:1d:93:
31:61:7b:6c:4a:c4:f0:07:c4:96:dd:df:ba:52:84:
1b:2a:30:89:f9:49:9f:48:97:7e:70:88:56:15:b3:
75:46:7a:40:db:14:1a:f9:4f:74:52:89:1f:e6:81:
ef:65:72:88:31:a6:16:de:48:c8:8f:65:ff:e1:62:
6e:66:3c:12:be:e0:15:87:13:fc:5c:7e:fb:6c:9b:
24:8c:69:88:f1:7b:bc:74:30:ba:06:48:87:9a:8c:
28:f6:cf:de:6c:28:cf:40:0a:cb:ff:1c:92:9e:d5:
4b:97:6c:31:33:f5:64:06:2b:88:7e:30:3c:3e:5a:
97:cd:2a:5f:6b:3e:c5:c8:8f:d5:2d:e7:9a:0f:41:
5c:3a:ae:b7:fa:da:cf:47:3b:02:43:08:8b:d0:97:
06:02:16:38:d3:f7:eb:44:96:8b:20:48:91:10:62:
12:78:ad:6f:50:13:a3:6d:c9:65:3d:8b:7f:3c:86:
59:e7:7f:8e:24:5e:c1:97:8e:f9:8b:f6:4e:8d:cd:
cd:49:0d:45:b9:d3:4a:68:7e:a5:da:d9:9b:60:4a:
da:e0:4a:6a:3e:77:70:36:b4:30:8b:19:f5:4e:62:
2d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4A:18:38:D0:88:ED:0A:D9:36:C9:28:EC:D8:6A:DC:B1:C4:42:23
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/XkoYONCI7QrZNsko7Nhq3LHEQiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.12.235.0-194.12.236.255
194.12.243.0/24
194.12.252.0/24
Signature Algorithm: sha256WithRSAEncryption
99:b5:cb:9d:39:0d:bc:fa:47:e6:78:8f:e0:f6:32:fa:7f:9d:
e0:d8:3b:e5:ec:68:f0:2e:71:91:8d:2a:4e:33:60:c3:33:be:
39:74:09:0b:a4:dc:9c:f3:d9:f5:56:f1:5e:a2:ff:4c:e8:39:
76:50:e7:52:92:82:72:cd:19:b3:b2:a7:fe:3e:fb:d7:c5:88:
eb:8f:03:46:af:0c:80:23:c1:d2:e1:75:9b:59:87:fc:86:6c:
d8:45:02:2b:83:11:35:5d:5c:47:e3:11:52:c5:cb:ea:4d:9e:
92:34:b6:5c:73:ac:48:32:69:c6:c6:6f:24:e3:94:b1:7f:30:
0a:e4:0d:77:56:07:b2:26:22:48:a7:5d:c9:f0:1b:3d:83:5c:
4a:8f:b8:e1:b6:3f:5d:af:94:cc:b9:da:ff:59:95:e7:75:4b:
56:04:f6:8b:5c:a5:a2:7b:51:07:5a:37:7c:06:2a:fd:02:b7:
66:bd:1e:64:47:aa:de:37:1d:d8:94:8f:8b:5d:4f:9e:b7:11:
c6:a1:72:4a:b4:23:bd:8e:b5:c4:5e:94:81:d0:1c:14:3f:68:
66:70:1e:39:da:72:cf:e4:55:86:ae:cc:7c:c5:d9:14:b1:20:
ef:20:f0:22:c8:a8:ae:ac:66:8f:b3:a2:ab:e6:3d:e6:af:f8:
78:08:9f:ad
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVzFfj3lJCn5GyOREdbVS6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRhMTgzOGQwODhlZDBhZDkzNmM5MjhlY2Q4NmFkY2IxYzQ0MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFYHs9N5jAdbLw70kEfcjHKSsQ4E
9tNXRC0SHZMxYXtsSsTwB8SW3d+6UoQbKjCJ+UmfSJd+cIhWFbN1RnpA2xQa+U90
Uokf5oHvZXKIMaYW3kjIj2X/4WJuZjwSvuAVhxP8XH77bJskjGmI8Xu8dDC6BkiH
mowo9s/ebCjPQArL/xySntVLl2wxM/VkBiuIfjA8PlqXzSpfaz7FyI/VLeeaD0Fc
Oq63+trPRzsCQwiL0JcGAhY40/frRJaLIEiREGISeK1vUBOjbcllPYt/PIZZ53+O
JF7Bl475i/ZOjc3NSQ1FudNKaH6l2tmbYEra4EpqPndwNrQwixn1TmItuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF5KGDjQiO0K2TbJKOzYatyxxEIjMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvWGtvWU9OQ0k3UXJaTnNrbzdOaHEzTEhFUWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADCDOsD
BADCDOwDBADCDPMDBADCDPwwDQYJKoZIhvcNAQELBQADggEBAJm1y505Dbz6R+Z4
j+D2Mvp/neDYO+XsaPAucZGNKk4zYMMzvjl0CQuk3Jzz2fVW8V6i/0zoOXZQ51KS
gnLNGbOyp/4++9fFiOuPA0avDIAjwdLhdZtZh/yGbNhFAiuDETVdXEfjEVLFy+pN
npI0tlxzrEgyacbGbyTjlLF/MArkDXdWB7ImIkinXcnwGz2DXEqPuOG2P12vlMy5
2v9Zled1S1YE9otcpaJ7UQdaN3wGKv0Ct2a9HmRHqt43HdiUj4tdT563Ecahckq0
I72OtcRelIHQHBQ/aGZwHjnacs/kVYauzHzF2RSxIO8g8CLIqK6sZo+zoqvmPeav
+HgIn60=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org