Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/Q13kQ2m0UA2Fz6Wrj0YIO9lTBYY.roa
File: Q13kQ2m0UA2Fz6Wrj0YIO9lTBYY.roa (raw, json)
Hash identifier: LV3shwp8y09wkCYmE9yiM0eI79ayRc8wOQz+9g4aQX4=
Subject key identifier: 43:5D:E4:43:69:B4:50:0D:85:CF:A5:AB:8F:46:08:3B:D9:53:05:86
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 01880F98C2F37A2CE732EC7DE4387E5BEAB7
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/Q13kQ2m0UA2Fz6Wrj0YIO9lTBYY.roa
Signing time: Fri 12 May 2023 10:54:09 +0000
ROA not before: Fri 12 May 2023 10:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206894
IP address blocks: 185.215.96.0/22 maxlen: 22
45.89.132.0/22 maxlen: 22
193.142.154.0/23 maxlen: 23
185.219.192.0/22 maxlen: 22
185.192.104.0/22 maxlen: 22
185.38.88.0/22 maxlen: 22
2a0a:2bc0::/32 maxlen: 32
2a0b:a840::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:98:c2:f3:7a:2c:e7:32:ec:7d:e4:38:7e:5b:ea:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: May 12 10:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=435de44369b4500d85cfa5ab8f46083bd9530586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:52:88:99:aa:c2:f2:67:69:60:f9:ef:ce:
4e:26:c8:f6:d3:da:f9:ee:2e:91:b9:1c:0b:5a:4b:
7e:54:7f:85:0f:4a:d6:88:4c:15:a2:26:66:e2:60:
1b:0f:9f:c6:b0:d6:b8:09:64:0b:de:bf:b3:12:57:
09:20:cb:f8:ab:3f:4c:d2:c7:83:ab:dd:ce:db:d6:
94:4d:12:c1:45:4d:f0:59:6a:9a:ab:7a:96:04:38:
9b:0d:b9:ea:ec:10:fd:50:49:a2:99:ad:fa:51:55:
67:ae:f6:08:7c:84:8a:bc:9e:94:31:3d:7b:bc:90:
cb:d3:f8:aa:2d:17:85:c8:d5:01:d7:af:33:61:0f:
a1:d6:2b:bf:8f:0b:ec:19:5a:12:50:42:0a:49:17:
97:51:f0:a2:be:2a:a5:85:3d:8a:b5:04:6c:ad:f8:
b9:09:b5:98:1b:06:20:77:1c:de:82:fe:49:ba:c4:
bd:68:65:dd:b9:98:b0:18:ef:5a:bb:09:7d:bc:50:
14:f1:57:42:25:fa:68:44:5a:2a:50:60:ce:0d:fe:
b6:47:32:6b:4f:8b:80:ea:f6:d7:2d:5a:23:7d:52:
22:8c:ce:ee:14:be:a3:d1:9a:a6:e4:a0:06:28:8d:
dc:be:e6:e6:e3:26:c3:93:9d:f7:a0:a5:af:56:2d:
d9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5D:E4:43:69:B4:50:0D:85:CF:A5:AB:8F:46:08:3B:D9:53:05:86
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/Q13kQ2m0UA2Fz6Wrj0YIO9lTBYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
185.38.88.0/22
185.192.104.0/22
185.215.96.0/22
185.219.192.0/22
193.142.154.0/23
IPv6:
2a0a:2bc0::/32
2a0b:a840::/32
Signature Algorithm: sha256WithRSAEncryption
a4:28:51:39:4d:62:62:7c:23:57:8a:81:4f:9b:45:80:47:c7:
54:49:6f:2b:24:be:db:ad:4a:28:da:3b:6f:d5:84:99:4c:ab:
26:32:1d:06:79:de:2b:70:ab:c3:69:bf:2c:24:a3:ad:6b:68:
94:43:b5:98:a9:78:ba:12:1d:82:5c:4f:42:08:97:01:08:87:
63:16:84:a4:88:ab:c3:4c:8a:8a:f0:8f:dd:82:42:9b:73:fe:
8a:48:1e:ce:58:cc:42:28:54:7c:33:80:a6:63:bf:57:ec:00:
47:69:b4:6e:04:48:6c:16:c4:ac:75:ff:8c:63:42:f3:5f:6f:
dc:89:63:46:f2:a7:4d:30:b7:e1:ac:a8:3c:0a:64:5e:82:89:
5e:6b:ce:ff:28:66:3b:7b:a3:9d:4c:ca:e6:d8:f6:de:ef:a8:
be:9d:6e:54:0c:de:78:68:4a:e2:f0:06:7b:12:ed:78:5a:53:
c8:d0:cf:46:ed:2e:60:08:f2:b5:59:19:c6:fb:c4:d0:53:26:
4b:a3:fb:08:a6:20:c4:f3:8c:db:37:51:2b:62:25:cf:d1:06:
53:d2:e7:03:2a:fa:a6:aa:13:77:81:52:e2:3d:af:ca:5e:ac:
ad:18:77:d4:1d:d5:2c:06:dd:ad:d0:9c:ba:89:7f:e5:fd:c3:
0c:24:52:70
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYgPmMLzeiznMux95Dh+W+q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjMwNTEyMTA1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzVkZTQ0MzY5YjQ1MDBkODVjZmE1YWI4ZjQ2MDgzYmQ5NTMwNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp5SiJmqwvJnaWD5785OJsj209r5
7i6RuRwLWkt+VH+FD0rWiEwVoiZm4mAbD5/GsNa4CWQL3r+zElcJIMv4qz9M0seD
q93O29aUTRLBRU3wWWqaq3qWBDibDbnq7BD9UEmima36UVVnrvYIfISKvJ6UMT17
vJDL0/iqLReFyNUB168zYQ+h1iu/jwvsGVoSUEIKSReXUfCiviqlhT2KtQRsrfi5
CbWYGwYgdxzegv5JusS9aGXduZiwGO9auwl9vFAU8VdCJfpoRFoqUGDODf62RzJr
T4uA6vbXLVojfVIijM7uFL6j0Zqm5KAGKI3cvubm4ybDk533oKWvVi3ZkwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFENd5ENptFANhc+lq49GCDvZUwWGMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvUTEza1EybTBVQTJGejZXcmowWUlPOWxUQllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLVmEAwQC
uSZYAwQCucBoAwQCuddgAwQCudvAAwQBwY6aMBQEAgACMA4DBQAqCivAAwUAKguo
QDANBgkqhkiG9w0BAQsFAAOCAQEApChROU1iYnwjV4qBT5tFgEfHVElvKyS+261K
KNo7b9WEmUyrJjIdBnneK3Crw2m/LCSjrWtolEO1mKl4uhIdglxPQgiXAQiHYxaE
pIirw0yKivCP3YJCm3P+ikgezljMQihUfDOApmO/V+wAR2m0bgRIbBbErHX/jGNC
819v3IljRvKnTTC34ayoPApkXoKJXmvO/yhmO3ujnUzK5tj23u+ovp1uVAzeeGhK
4vAGexLteFpTyNDPRu0uYAjytVkZxvvE0FMmS6P7CKYgxPOM2zdRK2Ilz9EGU9Ln
Ayr6pqoTd4FS4j2vyl6srRh31B3VLAbdrdCcuol/5f3DDCRScA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org