Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/85612a-de33-434b-8471-1801b544b9fe/1/xaYPaB-iMCOK3GbfCUUzeI-BiLY.roa
File: xaYPaB-iMCOK3GbfCUUzeI-BiLY.roa (raw, json)
Hash identifier: 1ZAw/wOf5sxHZ7i7gvPsyq8bS9W8ton9dSizk74rI6Q=
Subject key identifier: C5:A6:0F:68:1F:A2:30:23:8A:DC:66:DF:09:45:33:78:8F:81:88:B6
Certificate issuer: /CN=9b415a03059fb295a4b96c9ce5eadb58fe98fa86
Certificate serial: 018CC9BC5860777EA17B9AC87FD2F57BD338
Authority key identifier: 9B:41:5A:03:05:9F:B2:95:A4:B9:6C:9C:E5:EA:DB:58:FE:98:FA:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m0FaAwWfspWkuWyc5erbWP6Y-oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/85612a-de33-434b-8471-1801b544b9fe/1/xaYPaB-iMCOK3GbfCUUzeI-BiLY.roa
Signing time: Tue 02 Jan 2024 10:33:32 +0000
ROA not before: Tue 02 Jan 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48815
IP address blocks: 185.54.34.0/24 maxlen: 24
185.54.33.0/24 maxlen: 24
185.54.32.0/24 maxlen: 24
185.54.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 10:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:58:60:77:7e:a1:7b:9a:c8:7f:d2:f5:7b:d3:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b415a03059fb295a4b96c9ce5eadb58fe98fa86
Validity
Not Before: Jan 2 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5a60f681fa230238adc66df094533788f8188b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:77:49:05:a1:03:31:6c:76:08:47:34:d9:f8:
34:fb:d0:8b:36:fd:a3:13:a7:28:60:3b:5b:29:81:
4a:7f:dc:6c:6b:5f:91:3f:ff:a1:97:9a:40:da:f1:
57:f3:7a:d8:25:26:15:60:29:e4:93:62:09:bf:be:
c9:92:b3:a1:26:e5:39:87:98:7d:30:57:a6:98:5e:
9b:41:8e:ff:a3:69:eb:78:87:31:d6:b1:bb:17:71:
ab:7b:b9:76:21:4f:1e:4e:ee:85:51:62:88:48:9b:
15:84:50:03:0a:a2:74:a4:da:3a:ff:e7:4f:d5:9f:
88:05:ad:ef:b9:fc:3f:08:b3:c5:d0:bc:2d:e5:c7:
34:aa:f1:fb:14:7c:87:9b:df:37:d9:e2:22:66:ec:
80:fb:3d:d5:1c:ce:76:13:cb:72:9a:21:21:74:18:
64:71:c5:2a:44:ec:cd:2b:ea:08:69:a5:ab:7e:a5:
6a:04:71:ff:ff:80:40:a7:9a:ba:08:00:da:a2:4a:
03:cf:68:af:81:59:b4:fd:3b:06:14:00:d2:07:c8:
5c:51:85:31:82:0d:f7:e3:4a:7e:4f:28:a3:c8:63:
2a:e6:4e:a8:ec:22:a4:44:af:d9:ee:79:aa:61:c2:
8d:ff:4b:fd:95:be:5f:4a:bc:b3:a8:0d:a7:89:f2:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A6:0F:68:1F:A2:30:23:8A:DC:66:DF:09:45:33:78:8F:81:88:B6
X509v3 Authority Key Identifier:
keyid:9B:41:5A:03:05:9F:B2:95:A4:B9:6C:9C:E5:EA:DB:58:FE:98:FA:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m0FaAwWfspWkuWyc5erbWP6Y-oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/85612a-de33-434b-8471-1801b544b9fe/1/xaYPaB-iMCOK3GbfCUUzeI-BiLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/85612a-de33-434b-8471-1801b544b9fe/1/m0FaAwWfspWkuWyc5erbWP6Y-oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.32.0/22
Signature Algorithm: sha256WithRSAEncryption
16:2c:d5:d0:25:da:cd:a0:8d:76:57:47:b6:22:68:7d:d6:e0:
5b:ee:13:24:50:43:4f:83:93:c3:9c:f3:16:5b:c6:25:7a:ae:
20:67:13:1f:89:85:62:5a:37:e8:64:2b:08:6a:f6:cc:4d:c7:
86:0d:ee:3e:d3:04:f6:05:d7:45:42:a2:5a:2b:ff:3f:b6:8c:
22:66:92:9f:15:40:b6:02:c1:81:29:63:56:fd:02:99:c1:48:
d4:bd:68:b9:d3:7c:73:15:1d:3d:f6:52:ff:82:cc:62:71:4c:
97:d1:8f:a1:20:d2:26:55:63:d5:04:8b:0c:7d:9b:29:d2:7f:
b3:23:e1:47:bb:ed:24:6d:f8:58:55:f7:05:82:6f:9d:98:e1:
ea:89:7f:e6:29:a4:b6:c3:46:05:3e:34:d2:63:73:98:33:4f:
11:cc:8f:06:70:ba:e4:61:ff:55:96:4f:82:9b:05:df:3a:98:
f9:39:18:96:32:54:a3:3e:be:f6:2d:ee:d8:91:25:3c:a9:eb:
69:99:7a:af:c2:c5:82:ec:bc:e2:2e:e6:8b:a4:70:d2:61:81:
47:56:87:10:ed:f1:e9:3a:09:b1:31:77:39:a1:36:ac:0f:48:
1d:4d:f5:92:8a:7c:9d:bc:96:a6:b3:e2:54:b3:84:b1:7f:5e:
92:84:1e:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvFhgd36he5rIf9L1e9M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNDE1YTAzMDU5ZmIyOTVhNGI5NmM5Y2U1ZWFkYjU4ZmU5
OGZhODYwHhcNMjQwMTAyMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE2MGY2ODFmYTIzMDIzOGFkYzY2ZGYwOTQ1MzM3ODhmODE4OGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3dJBaEDMWx2CEc02fg0+9CLNv2j
E6coYDtbKYFKf9xsa1+RP/+hl5pA2vFX83rYJSYVYCnkk2IJv77JkrOhJuU5h5h9
MFemmF6bQY7/o2nreIcx1rG7F3Gre7l2IU8eTu6FUWKISJsVhFADCqJ0pNo6/+dP
1Z+IBa3vufw/CLPF0Lwt5cc0qvH7FHyHm9832eIiZuyA+z3VHM52E8tymiEhdBhk
ccUqROzNK+oIaaWrfqVqBHH//4BAp5q6CADaokoDz2ivgVm0/TsGFADSB8hcUYUx
gg3340p+TyijyGMq5k6o7CKkRK/Z7nmqYcKN/0v9lb5fSryzqA2nifICfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWmD2gfojAjitxm3wlFM3iPgYi2MB8GA1UdIwQY
MBaAFJtBWgMFn7KVpLlsnOXq21j+mPqGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTBGYUF3V2ZzcFdrdVd5YzVlcmJXUDZZLW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84NTYxMmEtZGUzMy00MzRiLTg0NzEt
MTgwMWI1NDRiOWZlLzEveGFZUGFCLWlNQ09LM0diZkNVVXplSS1CaUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84NTYxMmEtZGUzMy00MzRiLTg0NzEtMTgwMWI1NDRiOWZl
LzEvbTBGYUF3V2ZzcFdrdVd5YzVlcmJXUDZZLW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTYgMA0G
CSqGSIb3DQEBCwUAA4IBAQAWLNXQJdrNoI12V0e2Imh91uBb7hMkUENPg5PDnPMW
W8Yleq4gZxMfiYViWjfoZCsIavbMTceGDe4+0wT2BddFQqJaK/8/towiZpKfFUC2
AsGBKWNW/QKZwUjUvWi503xzFR099lL/gsxicUyX0Y+hINImVWPVBIsMfZsp0n+z
I+FHu+0kbfhYVfcFgm+dmOHqiX/mKaS2w0YFPjTSY3OYM08RzI8GcLrkYf9Vlk+C
mwXfOpj5ORiWMlSjPr72Le7YkSU8qetpmXqvwsWC7LziLuaLpHDSYYFHVocQ7fHp
OgmxMXc5oTasD0gdTfWSinydvJams+JUs4Sxf16ShB48
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org