Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1XqmxBws7HrM_4mgZ6Z1fPAW_Ns.roa
File: 1XqmxBws7HrM_4mgZ6Z1fPAW_Ns.roa (raw, json)
Hash identifier: ZZ3OcEyP6XtvLkmy95Lr76IsPW9/+rRI2CuDBJZuiVE=
Subject key identifier: D5:7A:A6:C4:1C:2C:EC:7A:CC:FF:89:A0:67:A6:75:7C:F0:16:FC:DB
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018F301D76DC07E5D6B293086280B5C047C6
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1XqmxBws7HrM_4mgZ6Z1fPAW_Ns.roa
Signing time: Tue 30 Apr 2024 17:46:28 +0000
ROA not before: Tue 30 Apr 2024 17:46:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
5.180.195.0/24 maxlen: 24
45.86.124.0/22 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 May 2024 12:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:1d:76:dc:07:e5:d6:b2:93:08:62:80:b5:c0:47:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Apr 30 17:46:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57aa6c41c2cec7accff89a067a6757cf016fcdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:bb:1b:2a:33:16:18:8b:c5:0e:14:04:b8:
ff:2e:01:da:99:68:18:1b:44:f9:41:13:90:54:79:
28:c1:8c:1e:0e:1e:e4:33:18:50:68:16:d0:88:21:
50:dc:ca:eb:86:a5:b9:e6:84:fc:c0:2c:5d:7e:53:
d7:6a:bf:74:56:52:3d:2b:f7:3f:54:06:c6:bc:94:
a2:e5:03:ec:06:48:04:8a:f4:dd:b6:48:76:e3:97:
45:c5:34:0d:a9:50:9d:e7:89:6b:5e:87:72:06:64:
03:da:3e:ad:35:77:23:e2:94:dd:bc:c1:08:83:62:
ac:2f:73:f3:4b:b9:14:87:b4:30:ee:65:e4:64:bc:
11:6f:59:86:b3:7f:7b:88:61:77:f8:aa:03:05:9b:
d2:30:7e:25:97:3c:e0:67:cd:d8:0f:da:48:86:fe:
0d:b7:4c:6f:bd:a1:d8:93:ef:6c:d6:c5:22:0e:89:
bb:d2:dc:42:b6:d9:7e:52:49:de:a7:f8:33:20:55:
d3:19:26:2a:08:51:ef:0a:5e:16:38:1d:f8:8f:5d:
db:29:dd:6d:57:1b:f1:5c:aa:ca:8b:9e:f1:b1:d8:
4c:d9:1a:b8:9b:e0:5d:20:d7:c7:9a:f0:53:5c:36:
dd:42:61:72:33:fb:5a:67:87:ac:e7:61:61:95:9c:
76:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7A:A6:C4:1C:2C:EC:7A:CC:FF:89:A0:67:A6:75:7C:F0:16:FC:DB
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1XqmxBws7HrM_4mgZ6Z1fPAW_Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
5.180.195.0/24
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
57:a5:ff:89:81:56:79:3a:95:64:50:33:2c:64:14:00:6d:18:
53:62:3d:54:d8:82:6e:ee:6f:74:c5:92:dc:0d:1a:41:9c:7e:
dd:db:e7:b0:7e:7e:74:a4:86:a1:f9:a4:44:8a:86:e0:0c:c1:
3d:f5:0a:ad:2b:7c:f1:b4:4e:0b:78:00:d2:af:0e:82:08:76:
33:78:76:b0:c1:5d:e0:b3:de:3e:49:f9:33:ae:19:c7:75:ca:
f6:d1:db:d0:4a:75:3f:28:dc:7d:96:eb:a4:2f:c6:7f:a3:24:
53:17:50:65:1f:54:01:65:6a:3a:c2:61:ce:e4:a3:91:29:a8:
12:ff:cd:62:95:e5:ce:e7:5c:d6:dc:a0:07:b3:cc:79:69:09:
a6:e8:78:21:c1:13:13:5b:fc:3d:66:c5:ce:40:1e:ff:f3:bb:
ea:c6:b3:1e:8b:0a:22:a0:25:3b:94:c4:14:9b:23:64:07:36:
ed:d7:0e:af:e4:fd:57:89:a1:1d:6f:61:fe:0a:d5:cb:dd:77:
5e:17:82:18:0b:63:f4:b3:2e:20:57:a7:2a:69:81:35:5a:1c:
cc:b1:37:31:c9:9a:2f:21:c3:df:87:4d:29:4f:e5:9d:c4:60:
ab:27:8d:59:7e:7d:f6:26:49:a0:0a:91:f8:de:ca:a0:16:b6:
45:9c:c5:7b
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY8wHXbcB+XWspMIYoC1wEfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNDMwMTc0NjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdhYTZjNDFjMmNlYzdhY2NmZjg5YTA2N2E2NzU3Y2YwMTZmY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvK7GyozFhiLxQ4UBLj/LgHamWgY
G0T5QROQVHkowYweDh7kMxhQaBbQiCFQ3MrrhqW55oT8wCxdflPXar90VlI9K/c/
VAbGvJSi5QPsBkgEivTdtkh245dFxTQNqVCd54lrXodyBmQD2j6tNXcj4pTdvMEI
g2KsL3PzS7kUh7Qw7mXkZLwRb1mGs397iGF3+KoDBZvSMH4llzzgZ83YD9pIhv4N
t0xvvaHYk+9s1sUiDom70txCttl+Uknep/gzIFXTGSYqCFHvCl4WOB34j13bKd1t
VxvxXKrKi57xsdhM2Rq4m+BdINfHmvBTXDbdQmFyM/taZ4es52FhlZx2gQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFNV6psQcLOx6zP+JoGemdXzwFvzbMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMVhxbXhCd3M3SHJNXzRtZ1o2WjFmUEFXX05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQABbTDAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAFel/4mBVnk6
lWRQMyxkFABtGFNiPVTYgm7ub3TFktwNGkGcft3b57B+fnSkhqH5pESKhuAMwT31
Cq0rfPG0Tgt4ANKvDoIIdjN4drDBXeCz3j5J+TOuGcd1yvbR29BKdT8o3H2W66Qv
xn+jJFMXUGUfVAFlajrCYc7ko5EpqBL/zWKV5c7nXNbcoAezzHlpCaboeCHBExNb
/D1mxc5AHv/zu+rGsx6LCiKgJTuUxBSbI2QHNu3XDq/k/VeJoR1vYf4K1cvdd14X
ghgLY/SzLiBXpyppgTVaHMyxNzHJmi8hw9+HTSlP5Z3EYKsnjVl+ffYmSaAKkfje
yqAWtkWcxXs=
-----END CERTIFICATE-----
Generated at Tue May 7 17:27:46 2024 by rpki-client on console-fra.rpki-client.org