Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XEGwSzTAfLX9O8Ds-0mj0pmNMR8.roa
File: XEGwSzTAfLX9O8Ds-0mj0pmNMR8.roa (raw, json)
Hash identifier: A0tvdQeHArJzLHBLTb5Yswe3E2/afiDzxHNi20w/r9g=
Subject key identifier: 5C:41:B0:4B:34:C0:7C:B5:FD:3B:C0:EC:FB:49:A3:D2:99:8D:31:1F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E762E8B28E7BFE703163ED774E141EF6D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XEGwSzTAfLX9O8Ds-0mj0pmNMR8.roa
Signing time: Mon 25 Mar 2024 15:15:45 +0000
ROA not before: Mon 25 Mar 2024 15:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 271324
IP address blocks: 185.234.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 21:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:2e:8b:28:e7:bf:e7:03:16:3e:d7:74:e1:41:ef:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 25 15:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c41b04b34c07cb5fd3bc0ecfb49a3d2998d311f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:68:fb:ff:f4:ea:25:ba:2d:ee:7b:50:cc:
f8:3a:ae:2d:d0:8c:fc:8c:94:2f:06:36:6a:e2:92:
d9:bd:b4:c8:6b:08:dc:a9:43:db:2a:74:af:cb:f0:
1c:73:25:aa:7c:5a:35:19:40:2d:ca:03:e6:ab:d3:
c2:f3:c0:3a:1b:e5:43:ba:eb:1d:2a:de:14:9f:40:
5f:85:47:f4:b9:12:b1:9e:ea:7f:a4:fd:2f:f6:fb:
22:1a:69:02:84:64:4d:7b:52:96:ed:81:a8:3e:89:
9d:97:ce:80:45:ab:63:14:ab:10:9b:c3:ce:2d:28:
02:84:94:e3:bc:7f:48:cf:61:aa:cf:9b:e4:38:92:
30:9f:a2:a6:88:61:f3:e5:a0:ef:a4:41:b6:95:21:
6a:27:b0:23:50:5c:08:18:28:82:b3:a3:a7:27:95:
e0:44:42:ba:87:88:1f:af:48:e8:2a:a6:8f:c6:c3:
8e:3b:92:52:8f:a9:db:91:45:41:fe:69:8b:61:36:
60:8b:3f:cd:bb:1c:d2:8c:33:7a:eb:ba:4e:e7:bb:
80:43:da:b1:ce:2b:35:84:bc:04:60:cf:d7:a8:cf:
15:c0:0c:c9:b2:fc:5d:a6:b6:cc:46:81:06:cb:bc:
f5:52:fd:db:b9:e1:7b:7a:89:1a:d3:9f:f0:32:e3:
64:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:41:B0:4B:34:C0:7C:B5:FD:3B:C0:EC:FB:49:A3:D2:99:8D:31:1F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XEGwSzTAfLX9O8Ds-0mj0pmNMR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ee:c6:c1:8f:bb:3a:f8:fb:67:aa:f9:9e:f7:27:74:7f:12:
c7:bb:2f:fb:87:9b:4f:41:84:28:7c:b7:cf:d9:06:8b:00:97:
77:bd:23:66:d3:f1:5f:5f:e0:85:99:1b:3e:3c:c8:83:5d:45:
fe:26:7d:7c:47:76:fc:94:ec:97:4f:bf:14:dd:11:bf:69:2e:
7e:5c:cc:c3:e0:30:dd:56:8f:1c:05:86:48:e4:54:9d:51:9d:
b3:ea:4e:62:d3:54:76:46:eb:51:4f:99:62:47:e1:77:c0:96:
89:26:d9:f7:b8:cc:69:9a:d7:81:32:09:f9:dc:8a:b5:f5:f9:
b6:87:10:26:46:3a:65:70:0f:d5:71:b8:b7:12:c4:2b:0c:22:
3f:c6:5e:e5:13:fd:e1:21:c0:70:1d:15:ea:4c:33:a9:43:c4:
49:a8:d8:74:c4:e7:48:c7:cf:e4:20:9e:13:99:8d:41:f7:d3:
1f:25:f6:61:9d:47:63:35:f2:9c:79:8c:fe:ec:ff:b2:02:e7:
77:6d:28:b2:96:29:76:73:fa:3b:26:34:91:3a:4b:37:ce:bc:
19:53:88:80:cd:a1:30:d9:a8:ae:72:95:f3:2b:07:65:89:64:
1d:7f:ff:46:9f:97:84:a4:a7:dd:c9:f5:ae:46:e6:a1:35:9e:
4d:fd:9f:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY52Loso57/nAxY+13ThQe9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzI1MTUxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQxYjA0YjM0YzA3Y2I1ZmQzYmMwZWNmYjQ5YTNkMjk5OGQzMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuRo+//06iW6Le57UMz4Oq4t0Iz8
jJQvBjZq4pLZvbTIawjcqUPbKnSvy/AccyWqfFo1GUAtygPmq9PC88A6G+VDuusd
Kt4Un0BfhUf0uRKxnup/pP0v9vsiGmkChGRNe1KW7YGoPomdl86ARatjFKsQm8PO
LSgChJTjvH9Iz2Gqz5vkOJIwn6KmiGHz5aDvpEG2lSFqJ7AjUFwIGCiCs6OnJ5Xg
REK6h4gfr0joKqaPxsOOO5JSj6nbkUVB/mmLYTZgiz/NuxzSjDN667pO57uAQ9qx
zis1hLwEYM/XqM8VwAzJsvxdprbMRoEGy7z1Uv3bueF7eoka05/wMuNk3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxBsEs0wHy1/TvA7PtJo9KZjTEfMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWEVHd1N6VEFmTFg5TzhEcy0wbWowcG1OTVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueoUMA0G
CSqGSIb3DQEBCwUAA4IBAQCl7sbBj7s6+Ptnqvme9yd0fxLHuy/7h5tPQYQofLfP
2QaLAJd3vSNm0/FfX+CFmRs+PMiDXUX+Jn18R3b8lOyXT78U3RG/aS5+XMzD4DDd
Vo8cBYZI5FSdUZ2z6k5i01R2RutRT5liR+F3wJaJJtn3uMxpmteBMgn53Iq19fm2
hxAmRjplcA/Vcbi3EsQrDCI/xl7lE/3hIcBwHRXqTDOpQ8RJqNh0xOdIx8/kIJ4T
mY1B99MfJfZhnUdjNfKceYz+7P+yAud3bSiylil2c/o7JjSROks3zrwZU4iAzaEw
2aiucpXzKwdliWQdf/9Gn5eEpKfdyfWuRuahNZ5N/Z+A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org