Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XHOoymNAXENgNAGYzcuHtQyrjmA.roa
File: XHOoymNAXENgNAGYzcuHtQyrjmA.roa (raw, json)
Hash identifier: GT8d3LWE8uXgpUNX1OxpoXubwjyYCb+42c5XG0l8/ws=
Subject key identifier: 5C:73:A8:CA:63:40:5C:43:60:34:01:98:CD:CB:87:B5:0C:AB:8E:60
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802E0B3448108645EE984C02C1A9A69
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XHOoymNAXENgNAGYzcuHtQyrjmA.roa
Signing time: Tue 02 Jan 2024 02:31:20 +0000
ROA not before: Tue 02 Jan 2024 02:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 192.36.247.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
192.71.255.0/24 maxlen: 24
192.71.254.0/23 maxlen: 23
193.182.113.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
2a01:280:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Apr 2024 07:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:e0:b3:44:81:08:64:5e:e9:84:c0:2c:1a:9a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c73a8ca63405c4360340198cdcb87b50cab8e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:09:e3:3e:76:b3:e6:2c:42:62:d4:81:e8:fa:
2a:ce:fe:4a:81:8f:f9:6c:ff:4b:8b:1f:68:e2:a7:
83:c2:e6:9f:f3:a9:73:51:13:1d:42:a6:22:7b:77:
31:29:f0:2a:c9:bd:d6:3b:48:dc:fa:6d:3e:a7:c4:
24:06:3c:1f:6f:09:2b:bf:de:8a:d8:1f:b8:98:8b:
08:bb:69:77:d9:fe:47:90:6c:23:39:12:42:26:ce:
e6:dc:46:5b:21:dc:bf:66:3a:2e:1a:42:72:1d:05:
6b:05:c6:9e:a9:01:ca:f5:16:16:e1:49:32:bc:60:
68:bc:fc:2b:8b:d8:28:a3:27:b6:43:20:39:6b:a4:
ce:77:e1:bd:ea:9d:8b:d7:17:61:d5:51:c1:68:6d:
b9:99:e0:ab:a5:b2:d5:c1:dd:52:1b:5f:a1:6b:f7:
b2:f8:70:4c:81:64:6e:28:ff:16:67:59:c9:f7:d0:
5f:02:b9:ee:1e:02:60:22:a1:d9:88:53:15:6a:8b:
17:2f:73:7e:27:57:0b:31:ad:74:0f:1a:21:ec:4d:
20:87:12:73:54:66:33:86:b1:4e:97:8e:88:fc:52:
3e:08:5d:d5:14:27:9c:b6:43:b2:35:1e:f3:7b:56:
0a:b3:46:8e:f5:5b:51:60:b9:e3:59:3d:7c:51:af:
ff:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:73:A8:CA:63:40:5C:43:60:34:01:98:CD:CB:87:B5:0C:AB:8E:60
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XHOoymNAXENgNAGYzcuHtQyrjmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.182.113.0/24
193.234.120.0/22
IPv6:
2a01:280:6::/48
Signature Algorithm: sha256WithRSAEncryption
c0:ab:9e:aa:4a:39:15:74:03:55:32:29:89:c2:69:b6:e2:e9:
42:1b:88:d9:23:9d:32:5e:7d:17:df:30:ca:47:93:56:27:17:
26:6b:fb:38:70:b0:a8:91:90:b7:61:d4:1d:43:e6:6a:0c:78:
31:8d:e9:42:52:77:7e:9b:26:42:95:58:fe:83:1c:65:e2:15:
cb:7c:50:cd:26:7b:4d:e9:48:a7:d6:df:a2:4b:9e:1b:25:4c:
4e:41:4c:b4:d6:da:51:77:26:b2:1a:5c:7c:22:04:49:99:0e:
2b:01:e8:1d:9d:47:09:bb:2b:50:a1:f2:4c:b9:73:09:f0:20:
63:a0:7a:41:56:d1:7b:94:8c:e1:e7:9a:03:0d:e0:7c:26:c8:
ac:d2:cd:40:ef:18:99:b2:9e:97:76:d4:10:f5:fa:62:fc:69:
a1:40:d5:65:5b:9a:e6:79:30:85:ec:38:8a:71:c1:f9:9b:3a:
bf:1e:9f:01:37:3d:15:18:cb:e6:c1:1d:dc:da:db:1d:4d:da:
db:31:15:2d:03:e9:5d:a2:e7:15:50:d5:ea:cd:37:ff:52:b6:
ac:98:c9:fb:66:ac:1b:59:c3:f4:17:46:b4:d3:80:37:5a:fa:
41:a9:8f:6d:f2:63:f7:78:c2:39:a8:7f:df:33:70:13:f4:11:
c0:0d:b4:da
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIAuCzRIEIZF7phMAsGpppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzczYThjYTYzNDA1YzQzNjAzNDAxOThjZGNiODdiNTBjYWI4ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AnjPnaz5ixCYtSB6Poqzv5KgY/5
bP9Lix9o4qeDwuaf86lzURMdQqYie3cxKfAqyb3WO0jc+m0+p8QkBjwfbwkrv96K
2B+4mIsIu2l32f5HkGwjORJCJs7m3EZbIdy/ZjouGkJyHQVrBcaeqQHK9RYW4Uky
vGBovPwri9gooye2QyA5a6TOd+G96p2L1xdh1VHBaG25meCrpbLVwd1SG1+ha/ey
+HBMgWRuKP8WZ1nJ99BfArnuHgJgIqHZiFMVaosXL3N+J1cLMa10Dxoh7E0ghxJz
VGYzhrFOl46I/FI+CF3VFCectkOyNR7ze1YKs0aO9VtRYLnjWT18Ua//qwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFxzqMpjQFxDYDQBmM3Lh7UMq45gMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWEhPb3ltTkFYRU5nTkFHWXpjdUh0UXlyam1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwbZxAwQCwep4MA8EAgACMAkDBwAqAQKAAAYwDQYJKoZIhvcN
AQELBQADggEBAMCrnqpKORV0A1UyKYnCabbi6UIbiNkjnTJefRffMMpHk1YnFyZr
+zhwsKiRkLdh1B1D5moMeDGN6UJSd36bJkKVWP6DHGXiFct8UM0me03pSKfW36JL
nhslTE5BTLTW2lF3JrIaXHwiBEmZDisB6B2dRwm7K1Ch8ky5cwnwIGOgekFW0XuU
jOHnmgMN4HwmyKzSzUDvGJmynpd21BD1+mL8aaFA1WVbmuZ5MIXsOIpxwfmbOr8e
nwE3PRUYy+bBHdza2x1N2tsxFS0D6V2i5xVQ1erNN/9StqyYyftmrBtZw/QXRrTT
gDda+kGpj23yY/d4wjmof98zcBP0EcANtNo=
-----END CERTIFICATE-----
Generated at Fri Apr 12 09:55:51 2024 by rpki-client on console-fra.rpki-client.org