Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/X4w3SaXgDH72trHZOC3LZWuYXlw.roa
File: X4w3SaXgDH72trHZOC3LZWuYXlw.roa (raw, json)
Hash identifier: 36QT3QnZNS5uBQbNhNJBeaGTM7usFuL8dwem87k+3Lc=
Subject key identifier: 5F:8C:37:49:A5:E0:0C:7E:F6:B6:B1:D9:38:2D:CB:65:6B:98:5E:5C
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 01877567D5C14A46083AF863433907DB043F
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/X4w3SaXgDH72trHZOC3LZWuYXlw.roa
Signing time: Wed 12 Apr 2023 12:19:11 +0000
ROA not before: Wed 12 Apr 2023 12:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201086
IP address blocks: 185.86.80.0/24 maxlen: 24
185.205.19.0/24 maxlen: 24
193.36.63.0/24 maxlen: 24
185.254.94.0/24 maxlen: 24
185.254.95.0/24 maxlen: 24
2a0a:fa40::/32 maxlen: 32
2a05:b700::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:67:d5:c1:4a:46:08:3a:f8:63:43:39:07:db:04:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Apr 12 12:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f8c3749a5e00c7ef6b6b1d9382dcb656b985e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8f:0c:e1:c3:4e:d4:89:c6:8d:3c:c7:63:cc:
e0:cf:4f:3b:d5:c1:dd:18:35:1e:e2:57:5f:e2:29:
6d:38:a4:ad:80:a4:0c:ab:a7:c1:37:30:8d:0e:6a:
52:03:d3:5e:51:ff:a5:9b:ec:92:27:a4:f8:51:df:
bc:a3:1e:75:f7:bb:de:6d:5d:3b:67:62:c6:82:46:
e0:e5:01:f6:46:33:d7:40:69:34:cf:1b:b6:21:4b:
d7:95:c3:12:11:fa:1f:2a:be:1e:cd:43:46:b6:4a:
f7:4b:54:29:c9:8c:5d:a0:8b:33:b4:a4:f2:b0:c1:
8c:ae:d6:27:26:43:e3:4d:4c:2b:f5:f9:85:c9:3b:
3a:47:b3:aa:78:cd:e8:03:98:d1:7c:8e:e8:4a:4d:
0c:82:e2:0a:e0:1b:ed:c4:35:31:70:44:e6:c7:39:
a4:14:0e:52:06:57:68:69:d6:cf:ac:da:0a:92:a1:
51:99:4b:2a:f9:a1:5b:ef:a2:cc:e7:80:f0:4b:b7:
e8:a7:c3:d1:15:8a:ed:d6:bf:c6:4f:25:8e:5a:db:
32:24:a5:d6:07:eb:2e:a4:6b:52:1e:d3:4d:25:b4:
40:f0:06:fd:78:65:69:e8:50:3a:bb:6d:53:9d:2c:
b0:a0:b5:88:0e:59:4b:57:61:eb:6e:98:2a:c9:c4:
38:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8C:37:49:A5:E0:0C:7E:F6:B6:B1:D9:38:2D:CB:65:6B:98:5E:5C
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/X4w3SaXgDH72trHZOC3LZWuYXlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.80.0/24
185.205.19.0/24
185.254.94.0/23
193.36.63.0/24
IPv6:
2a05:b700::/29
2a0a:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
0a:c2:8a:1b:42:e4:04:b6:2c:9a:09:38:35:0d:6c:d6:ed:de:
98:84:10:d3:77:d3:41:ed:ad:8f:8e:af:a8:08:10:6e:31:3c:
a3:5d:1c:99:d6:7f:69:fd:ab:24:8c:5a:f7:20:01:32:36:2f:
c0:9c:04:44:ee:be:61:b3:14:af:53:1b:f4:8c:c3:4a:e5:c1:
e1:e6:19:01:11:19:8d:06:67:e5:43:57:ae:6b:68:6a:57:55:
33:36:bd:e9:37:e8:b1:1d:77:fb:c8:4b:79:5d:8e:fc:a5:32:
54:2c:35:1f:c2:8d:e6:47:4e:6a:bd:ff:94:93:dd:c2:b3:07:
7e:ea:d6:f6:8f:e1:6a:e2:fb:28:41:42:cb:cf:17:ef:64:e0:
83:d1:5f:1d:eb:c0:55:00:a0:53:24:d3:2a:84:52:77:6c:5a:
04:23:38:b7:41:82:25:7b:5d:43:8d:a6:b9:95:13:18:75:d7:
e5:70:06:e5:57:06:53:56:f4:43:69:b0:9a:32:10:33:40:7a:
26:ec:5c:c4:13:72:f3:e0:75:0a:11:80:48:73:97:90:76:88:
6a:b9:25:87:51:c7:d5:bf:3c:ff:8b:03:a9:20:6e:a7:5b:cc:
64:38:6b:83:35:86:d7:19:8a:f1:85:29:1f:b1:63:63:c0:71:
39:8f:d9:21
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYd1Z9XBSkYIOvhjQzkH2wQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjMwNDEyMTIxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhjMzc0OWE1ZTAwYzdlZjZiNmIxZDkzODJkY2I2NTZiOTg1ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI8M4cNO1InGjTzHY8zgz0871cHd
GDUe4ldf4iltOKStgKQMq6fBNzCNDmpSA9NeUf+lm+ySJ6T4Ud+8ox5197vebV07
Z2LGgkbg5QH2RjPXQGk0zxu2IUvXlcMSEfofKr4ezUNGtkr3S1QpyYxdoIsztKTy
sMGMrtYnJkPjTUwr9fmFyTs6R7OqeM3oA5jRfI7oSk0MguIK4BvtxDUxcETmxzmk
FA5SBldoadbPrNoKkqFRmUsq+aFb76LM54DwS7fop8PRFYrt1r/GTyWOWtsyJKXW
B+supGtSHtNNJbRA8Ab9eGVp6FA6u21TnSywoLWIDllLV2HrbpgqycQ4jQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFF+MN0ml4Ax+9rax2Tgty2VrmF5cMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvWDR3M1NhWGdESDcydHJIWk9DM0xaV3VZWGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAuVZQAwQA
uc0TAwQBuf5eAwQAwSQ/MBQEAgACMA4DBQMqBbcAAwUAKgr6QDANBgkqhkiG9w0B
AQsFAAOCAQEACsKKG0LkBLYsmgk4NQ1s1u3emIQQ03fTQe2tj46vqAgQbjE8o10c
mdZ/af2rJIxa9yABMjYvwJwERO6+YbMUr1Mb9IzDSuXB4eYZAREZjQZn5UNXrmto
aldVMza96TfosR13+8hLeV2O/KUyVCw1H8KN5kdOar3/lJPdwrMHfurW9o/hauL7
KEFCy88X72Tgg9FfHevAVQCgUyTTKoRSd2xaBCM4t0GCJXtdQ42muZUTGHXX5XAG
5VcGU1b0Q2mwmjIQM0B6JuxcxBNy8+B1ChGASHOXkHaIarklh1HH1b88/4sDqSBu
p1vMZDhrgzWG1xmK8YUpH7FjY8BxOY/ZIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:59 2024 by rpki-client on console-fra.rpki-client.org