Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Xxiuv3kjPET-aV653hpWcoRnqAQ.roa
File: Xxiuv3kjPET-aV653hpWcoRnqAQ.roa (raw, json)
Hash identifier: kwfKhS6viZbJBBoOensNWgeTLuB+WWabwunkp/p9ndk=
Subject key identifier: 5F:18:AE:BF:79:23:3C:44:FE:69:5E:B9:DE:1A:56:72:84:67:A8:04
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 018B049E480923ABFCA3F53EBEBAE2E11D0D
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Xxiuv3kjPET-aV653hpWcoRnqAQ.roa
Signing time: Fri 06 Oct 2023 10:52:43 +0000
ROA not before: Fri 06 Oct 2023 10:52:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 92.240.201.0/24 maxlen: 24
92.240.205.0/24 maxlen: 24
92.240.216.0/24 maxlen: 24
92.240.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:9e:48:09:23:ab:fc:a3:f5:3e:be:ba:e2:e1:1d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Oct 6 10:52:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f18aebf79233c44fe695eb9de1a56728467a804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:42:11:af:e3:9e:e9:d5:36:fa:93:db:d9:14:
f0:01:08:8e:83:b3:47:1e:c2:13:4a:09:d6:94:70:
67:9d:73:d9:0e:b4:06:69:6a:c1:9e:55:53:81:18:
c1:9b:2d:15:5d:4b:69:99:2f:3d:58:02:6d:ef:35:
91:55:16:4f:3e:b4:b3:41:fb:82:f2:ae:78:c0:da:
cd:29:3e:56:09:c3:d4:3f:c9:2a:e9:48:39:55:74:
ee:62:6a:45:e7:26:4f:d0:71:bc:1b:c2:06:bf:68:
16:44:f1:3e:9e:46:64:80:ce:b3:ee:5f:81:bf:9c:
25:db:a4:6f:67:78:32:5f:0d:2e:be:32:c1:ad:1a:
5b:92:27:ff:ae:24:bd:45:a4:4b:bc:ab:23:02:e3:
9b:3b:ae:19:48:0f:a0:62:87:3c:4b:86:52:15:9d:
86:bd:d2:f0:d5:c5:ec:0e:b5:56:04:68:45:e5:52:
8c:10:30:a3:61:09:6f:35:08:bc:87:63:23:38:1a:
74:d7:3d:ec:e9:c9:62:54:c4:fe:14:46:f6:bd:cb:
90:31:20:d0:04:ef:71:25:73:ad:a7:93:89:94:f8:
cb:b4:ef:0d:1d:30:5a:75:97:96:94:92:31:4e:f7:
11:34:ef:79:4a:ee:50:16:58:5d:b0:15:2e:29:36:
ac:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:18:AE:BF:79:23:3C:44:FE:69:5E:B9:DE:1A:56:72:84:67:A8:04
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Xxiuv3kjPET-aV653hpWcoRnqAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.240.201.0/24
92.240.205.0/24
92.240.214.0/24
92.240.216.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f7:cf:8b:a1:d6:72:e7:87:09:37:60:2c:8f:8e:45:8b:75:
80:f5:8e:59:be:f6:7e:39:f3:ea:05:10:37:9b:ef:1d:8e:4d:
6f:50:74:9c:6d:b4:21:16:b9:d2:46:a0:ce:dd:3e:4c:2c:5b:
6d:38:f1:de:e2:02:6e:b9:a9:e1:3e:69:71:f5:49:85:3e:82:
b2:8a:a9:bd:c5:87:55:57:0e:0b:4f:f4:cb:18:c7:93:c2:6d:
1f:81:da:ac:28:76:11:0c:f9:69:39:75:f9:3b:c8:7a:f4:dc:
3e:41:ac:23:12:38:b3:ad:a7:3e:39:8d:1e:98:f3:2e:c2:53:
67:ef:ff:89:17:95:eb:81:b7:d7:e9:a5:53:61:21:ce:ff:20:
5c:fc:75:e5:ab:ec:18:09:c1:6f:89:9e:42:c8:b6:5a:ed:a9:
fc:1a:65:78:b5:59:97:42:46:1d:9f:76:3c:b5:d7:05:f7:f5:
1c:ff:80:81:df:6c:98:af:9d:78:0f:63:b7:ae:cf:f6:5e:b4:
d9:da:cc:d1:28:ff:8a:80:bf:ba:39:65:89:3b:2c:82:8b:ba:
ed:bc:d8:1d:7e:57:75:c7:91:17:29:97:68:a2:f2:bf:48:3e:
23:c6:1a:ac:37:ab:05:16:a7:9a:17:d1:e9:de:a6:df:08:26:
b0:8a:da:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsEnkgJI6v8o/U+vrri4R0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjMxMDA2MTA1MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjE4YWViZjc5MjMzYzQ0ZmU2OTVlYjlkZTFhNTY3Mjg0NjdhODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUIRr+Oe6dU2+pPb2RTwAQiOg7NH
HsITSgnWlHBnnXPZDrQGaWrBnlVTgRjBmy0VXUtpmS89WAJt7zWRVRZPPrSzQfuC
8q54wNrNKT5WCcPUP8kq6Ug5VXTuYmpF5yZP0HG8G8IGv2gWRPE+nkZkgM6z7l+B
v5wl26RvZ3gyXw0uvjLBrRpbkif/riS9RaRLvKsjAuObO64ZSA+gYoc8S4ZSFZ2G
vdLw1cXsDrVWBGhF5VKMEDCjYQlvNQi8h2MjOBp01z3s6cliVMT+FEb2vcuQMSDQ
BO9xJXOtp5OJlPjLtO8NHTBadZeWlJIxTvcRNO95Su5QFlhdsBUuKTas+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF8Yrr95IzxE/mleud4aVnKEZ6gEMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvWHhpdXYza2pQRVQtYVY2NTNocFdjb1JucUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXPDJAwQA
XPDNAwQAXPDWAwQAXPDYMA0GCSqGSIb3DQEBCwUAA4IBAQAn98+LodZy54cJN2As
j45Fi3WA9Y5ZvvZ+OfPqBRA3m+8djk1vUHScbbQhFrnSRqDO3T5MLFttOPHe4gJu
uanhPmlx9UmFPoKyiqm9xYdVVw4LT/TLGMeTwm0fgdqsKHYRDPlpOXX5O8h69Nw+
QawjEjizrac+OY0emPMuwlNn7/+JF5XrgbfX6aVTYSHO/yBc/HXlq+wYCcFviZ5C
yLZa7an8GmV4tVmXQkYdn3Y8tdcF9/Uc/4CB32yYr514D2O3rs/2XrTZ2szRKP+K
gL+6OWWJOyyCi7rtvNgdfld1x5EXKZdoovK/SD4jxhqsN6sFFqeaF9Hp3qbfCCaw
itqB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:18 2024 by rpki-client on console-ams.rpki-client.org