Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/X1NErqAWbuSL5oo_lvqjIDlznAU.roa
File: X1NErqAWbuSL5oo_lvqjIDlznAU.roa (raw, json)
Hash identifier: IhrpLpOB48WDSgJpsDRafWFskrmJvHNQ3+H8p8bqTzk=
Subject key identifier: 5F:53:44:AE:A0:16:6E:E4:8B:E6:8A:3F:96:FA:A3:20:39:73:9C:05
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018C2C5D4E8B79D684B5D72D91423B0EA5ED
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/X1NErqAWbuSL5oo_lvqjIDlznAU.roa
Signing time: Sat 02 Dec 2023 21:09:21 +0000
ROA not before: Sat 02 Dec 2023 21:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207429
IP address blocks: 95.173.182.0/24 maxlen: 24
89.252.151.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Dec 2023 11:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:5d:4e:8b:79:d6:84:b5:d7:2d:91:42:3b:0e:a5:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 2 21:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f5344aea0166ee48be68a3f96faa32039739c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:b2:f8:3f:33:f9:8c:a6:45:b3:d2:e4:fb:
39:72:88:f9:82:a2:ea:57:52:29:86:3c:a4:9b:06:
1b:20:9a:29:c4:de:eb:27:25:66:66:d7:3d:22:0d:
36:56:67:5a:8c:75:48:ad:e8:65:67:ea:67:42:41:
d5:00:1b:5b:0f:74:01:a0:17:96:dd:98:c0:83:b0:
3d:9c:53:e4:32:17:3a:12:7a:dd:ab:2d:ef:a7:b0:
2e:44:19:42:58:24:90:e5:0c:85:69:88:18:76:a2:
ab:ec:d8:1f:bf:c2:3d:ea:8e:2a:88:cf:1b:96:7e:
ad:a8:2a:cd:c8:53:72:33:66:0d:a4:c7:88:a3:ae:
35:91:e9:11:04:c3:69:67:88:e2:d9:7b:ab:6b:90:
82:9a:ab:ba:29:6a:3c:cf:5c:ca:b1:7b:e0:44:fc:
54:54:7e:29:c6:77:80:16:a4:44:21:79:d1:1e:2c:
d8:d8:7a:26:da:60:13:5c:26:46:ef:a8:a0:91:d4:
0b:68:57:2f:0a:5c:a4:03:5b:9c:37:55:7a:a1:54:
7f:44:e8:57:53:e1:97:73:9e:85:6f:f4:c0:cb:cb:
08:c3:5f:d4:37:de:9f:50:f6:30:4b:b9:f4:53:70:
34:36:78:95:e6:73:12:1b:05:67:3d:a9:37:a7:50:
9e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:53:44:AE:A0:16:6E:E4:8B:E6:8A:3F:96:FA:A3:20:39:73:9C:05
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/X1NErqAWbuSL5oo_lvqjIDlznAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.151.0-89.252.152.255
89.252.154.0/24
95.173.182.0/24
Signature Algorithm: sha256WithRSAEncryption
19:7c:a5:dd:f6:1f:34:55:30:b8:e0:b3:be:10:b0:76:8b:e1:
c8:81:4e:07:9a:66:0a:d9:14:61:b7:00:b9:79:81:8a:45:48:
ee:5e:26:b3:8e:d2:a9:25:5e:a1:de:ca:42:62:fd:95:2e:34:
87:9b:f0:0e:e0:b2:b7:01:25:80:33:a9:c0:3d:e7:32:9f:6a:
4a:4a:e0:e1:f1:b4:b2:94:b2:52:4d:a6:eb:dc:d3:ba:75:c5:
ba:92:64:b5:36:d5:67:91:95:6c:7a:e9:3c:58:3c:d6:19:f4:
c1:7e:a8:d8:01:0c:18:04:d5:b1:6a:2a:48:1e:58:8c:5b:52:
7d:81:ae:85:57:d4:32:21:01:14:2f:1f:91:ae:24:d0:03:b8:
84:e4:84:57:06:c3:ae:79:85:77:53:48:8c:d2:d7:27:ab:74:
02:8b:b4:08:a1:58:3f:cf:06:24:6f:9a:63:a4:ef:cf:98:78:
bd:5f:22:97:0b:d4:c9:a3:9c:de:8c:81:b7:bf:3e:6f:68:2a:
17:3e:3e:ee:26:f3:2a:e7:79:82:9c:b8:70:a3:34:71:78:6b:
2e:c9:1e:72:f1:eb:bc:b7:cc:bb:e1:1e:fd:c8:ec:f0:16:c7:
6f:c1:e6:c9:a2:7c:6d:d8:5e:1b:88:68:b5:0b:a0:0b:fe:99:
76:a3:b1:50
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwsXU6LedaEtdctkUI7DqXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMjAyMjEwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUzNDRhZWEwMTY2ZWU0OGJlNjhhM2Y5NmZhYTMyMDM5NzM5YzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8Ky+D8z+YymRbPS5Ps5coj5gqLq
V1IphjykmwYbIJopxN7rJyVmZtc9Ig02VmdajHVIrehlZ+pnQkHVABtbD3QBoBeW
3ZjAg7A9nFPkMhc6Enrdqy3vp7AuRBlCWCSQ5QyFaYgYdqKr7Ngfv8I96o4qiM8b
ln6tqCrNyFNyM2YNpMeIo641kekRBMNpZ4ji2Xura5CCmqu6KWo8z1zKsXvgRPxU
VH4pxneAFqREIXnRHizY2Hom2mATXCZG76igkdQLaFcvClykA1ucN1V6oVR/ROhX
U+GXc56Fb/TAy8sIw1/UN96fUPYwS7n0U3A0NniV5nMSGwVnPak3p1CenQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF9TRK6gFm7ki+aKP5b6oyA5c5wFMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvWDFORXJxQVdidVNMNW9vX2x2cWpJRGx6bkFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZ/JcD
BABZ/JgDBABZ/JoDBABfrbYwDQYJKoZIhvcNAQELBQADggEBABl8pd32HzRVMLjg
s74QsHaL4ciBTgeaZgrZFGG3ALl5gYpFSO5eJrOO0qklXqHeykJi/ZUuNIeb8A7g
srcBJYAzqcA95zKfakpK4OHxtLKUslJNpuvc07p1xbqSZLU21WeRlWx66TxYPNYZ
9MF+qNgBDBgE1bFqKkgeWIxbUn2BroVX1DIhARQvH5GuJNADuITkhFcGw655hXdT
SIzS1yerdAKLtAihWD/PBiRvmmOk78+YeL1fIpcL1MmjnN6Mgbe/Pm9oKhc+Pu4m
8yrneYKcuHCjNHF4ay7JHnLx67y3zLvhHv3I7PAWx2/B5smifG3YXhuIaLULoAv+
mXajsVA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org