Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/xK3ngXWZX8TiQQ2kexflLUjfwes.roa
File: xK3ngXWZX8TiQQ2kexflLUjfwes.roa (raw, json)
Hash identifier: tayi4jtsWHKH8LOE0Ion/MRqSkPjeyywSnOVgFtIEkE=
Subject key identifier: C4:AD:E7:81:75:99:5F:C4:E2:41:0D:A4:7B:17:E5:2D:48:DF:C1:EB
Certificate issuer: /CN=409bd71ccea37ed9a798d5a069b2169cf4d4e592
Certificate serial: 018CC5DBFCD4298770A5836E47D2899487A9
Authority key identifier: 40:9B:D7:1C:CE:A3:7E:D9:A7:98:D5:A0:69:B2:16:9C:F4:D4:E5:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QJvXHM6jftmnmNWgabIWnPTU5ZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/xK3ngXWZX8TiQQ2kexflLUjfwes.roa
Signing time: Mon 01 Jan 2024 16:29:37 +0000
ROA not before: Mon 01 Jan 2024 16:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211993
IP address blocks: 185.233.34.0/24 maxlen: 24
2a10:de80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Jan 2024 16:51:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fc:d4:29:87:70:a5:83:6e:47:d2:89:94:87:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=409bd71ccea37ed9a798d5a069b2169cf4d4e592
Validity
Not Before: Jan 1 16:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4ade78175995fc4e2410da47b17e52d48dfc1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:03:21:32:01:d6:33:f0:1a:a4:9a:62:ab:f6:
2a:3a:78:16:72:38:e2:af:2b:e5:bf:f8:73:19:be:
cf:dd:a0:98:11:70:f3:12:85:0b:d8:ad:7d:8b:e5:
27:89:3b:bc:1a:3f:c3:9b:b9:1d:d6:24:60:ab:0d:
b6:7f:42:cf:f6:9a:29:68:80:17:69:db:25:44:96:
d0:50:97:6a:94:2b:fd:57:c5:f7:63:83:80:07:95:
71:47:3e:c2:f9:8d:1a:f7:5e:e2:ad:cd:47:89:bb:
a9:81:ea:e6:cc:e2:58:84:7d:29:48:14:19:3c:e6:
28:64:a4:e7:4a:2c:9e:5a:29:92:50:87:36:6e:f0:
a4:8f:72:90:9b:96:53:82:02:6d:ce:00:be:a7:cd:
8f:4b:25:f3:bb:b9:a8:17:27:0e:2b:19:12:05:45:
9e:a0:5b:92:49:60:41:f2:cd:25:d0:37:4a:5d:fa:
c7:fc:68:d2:95:2e:52:a7:6b:f1:ab:bd:20:21:a3:
67:a1:67:e1:5a:0a:a7:4f:5b:78:43:f2:2b:d1:71:
50:49:c1:4e:20:e9:79:b9:a7:39:9d:67:34:1f:e5:
78:d1:ce:5c:b7:5e:ff:f4:5a:08:40:ec:ae:68:5e:
b0:b7:7f:ba:0a:a5:48:b7:ed:96:9e:f7:99:f8:a0:
cf:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AD:E7:81:75:99:5F:C4:E2:41:0D:A4:7B:17:E5:2D:48:DF:C1:EB
X509v3 Authority Key Identifier:
keyid:40:9B:D7:1C:CE:A3:7E:D9:A7:98:D5:A0:69:B2:16:9C:F4:D4:E5:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QJvXHM6jftmnmNWgabIWnPTU5ZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/xK3ngXWZX8TiQQ2kexflLUjfwes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/222399-ecf0-4360-ad34-2bf874a671e8/1/QJvXHM6jftmnmNWgabIWnPTU5ZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.34.0/24
IPv6:
2a10:de80::/32
Signature Algorithm: sha256WithRSAEncryption
5a:d2:b9:a8:05:16:59:3f:b7:82:37:62:d3:a4:e9:ab:8e:13:
9c:53:04:f8:b0:7a:ef:97:a4:20:b6:96:97:9f:03:6c:7e:17:
eb:af:95:88:49:fe:ce:b5:6b:25:17:48:5b:70:c3:6a:34:b5:
ec:a9:09:c4:fa:75:98:aa:61:76:bb:42:91:2d:03:d1:c8:f7:
7b:ce:7e:38:0f:c6:45:79:42:06:73:9f:bc:c3:5d:95:8b:6b:
57:e5:9e:6d:4b:85:a7:80:13:a9:13:53:78:35:d2:2a:94:2b:
1d:be:d4:17:6c:0b:64:ac:77:95:3a:b5:8b:b5:ef:66:1b:3e:
64:bb:77:c6:56:f6:ef:f2:38:f8:a4:36:d5:ec:56:a0:5f:b4:
be:84:07:69:05:e0:0d:16:f3:28:d8:37:12:15:16:b0:d0:06:
a3:c0:b0:0f:b0:de:bd:2c:a2:19:6f:7a:26:15:8d:d3:39:ce:
a7:0a:cc:03:08:cb:ab:66:91:0e:94:77:b9:4b:c7:a6:25:a2:
d6:bb:65:4e:ab:02:21:71:8f:a6:ab:45:e3:5f:88:36:e3:99:
bf:b2:5b:fc:2e:c6:d8:bf:69:54:3c:e7:24:0a:5c:1d:3f:75:
0c:a5:0b:e9:35:22:6a:f1:92:81:ea:43:90:f1:4d:57:bd:bc:
fa:ad:60:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF2/zUKYdwpYNuR9KJlIepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOWJkNzFjY2VhMzdlZDlhNzk4ZDVhMDY5YjIxNjljZjRk
NGU1OTIwHhcNMjQwMTAxMTYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGFkZTc4MTc1OTk1ZmM0ZTI0MTBkYTQ3YjE3ZTUyZDQ4ZGZjMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowMhMgHWM/AapJpiq/YqOngWcjji
ryvlv/hzGb7P3aCYEXDzEoUL2K19i+UniTu8Gj/Dm7kd1iRgqw22f0LP9popaIAX
adslRJbQUJdqlCv9V8X3Y4OAB5VxRz7C+Y0a917irc1HibupgermzOJYhH0pSBQZ
POYoZKTnSiyeWimSUIc2bvCkj3KQm5ZTggJtzgC+p82PSyXzu7moFycOKxkSBUWe
oFuSSWBB8s0l0DdKXfrH/GjSlS5Sp2vxq70gIaNnoWfhWgqnT1t4Q/Ir0XFQScFO
IOl5uac5nWc0H+V40c5ct17/9FoIQOyuaF6wt3+6CqVIt+2WnveZ+KDPWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMSt54F1mV/E4kENpHsX5S1I38HrMB8GA1UdIwQY
MBaAFECb1xzOo37Zp5jVoGmyFpz01OWSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUp2WEhNNmpmdG1ubU5XZ2FiSVduUFRVNVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yMjIzOTktZWNmMC00MzYwLWFkMzQt
MmJmODc0YTY3MWU4LzEveEszbmdYV1pYOFRpUVEya2V4ZmxMVWpmd2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yMjIzOTktZWNmMC00MzYwLWFkMzQtMmJmODc0YTY3MWU4
LzEvUUp2WEhNNmpmdG1ubU5XZ2FiSVduUFRVNVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuekiMA0E
AgACMAcDBQAqEN6AMA0GCSqGSIb3DQEBCwUAA4IBAQBa0rmoBRZZP7eCN2LTpOmr
jhOcUwT4sHrvl6QgtpaXnwNsfhfrr5WISf7OtWslF0hbcMNqNLXsqQnE+nWYqmF2
u0KRLQPRyPd7zn44D8ZFeUIGc5+8w12Vi2tX5Z5tS4WngBOpE1N4NdIqlCsdvtQX
bAtkrHeVOrWLte9mGz5ku3fGVvbv8jj4pDbV7FagX7S+hAdpBeANFvMo2DcSFRaw
0AajwLAPsN69LKIZb3omFY3TOc6nCswDCMurZpEOlHe5S8emJaLWu2VOqwIhcY+m
q0XjX4g245m/slv8LsbYv2lUPOckClwdP3UMpQvpNSJq8ZKB6kOQ8U1Xvbz6rWDp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org