Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XoqRtSU9M6ouOWYvGrm-nkd_XNs.roa
File: XoqRtSU9M6ouOWYvGrm-nkd_XNs.roa (raw, json)
Hash identifier: KkqxzzOcBB0vpCs70kz25bYq9P3yWZbWoIZeL8MNDh8=
Subject key identifier: 5E:8A:91:B5:25:3D:33:AA:2E:39:66:2F:1A:B9:BE:9E:47:7F:5C:DB
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0186BC949D44C0DBD852B9690165054A5949
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XoqRtSU9M6ouOWYvGrm-nkd_XNs.roa
Signing time: Tue 07 Mar 2023 14:58:21 +0000
ROA not before: Tue 07 Mar 2023 14:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
193.234.94.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:94:9d:44:c0:db:d8:52:b9:69:01:65:05:4a:59:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 7 14:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e8a91b5253d33aa2e39662f1ab9be9e477f5cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:92:92:ea:e2:d3:7d:d7:87:73:d1:97:1f:a2:
14:56:07:da:e6:95:fa:8a:0c:bd:b4:d5:e9:17:ac:
08:08:b3:cd:d5:ed:d7:2f:4a:0a:6e:cc:c3:62:86:
88:3b:07:7d:74:91:b5:11:79:7d:31:d6:78:d5:b3:
79:31:1e:cd:fe:d9:88:5d:47:2e:c8:da:84:c0:c3:
6c:c6:74:29:b1:6c:68:2f:aa:17:34:17:32:22:33:
7a:24:a3:ad:22:0d:df:5c:1e:1b:54:49:e4:34:31:
18:9c:b9:36:e5:ed:f8:9c:ae:d4:2f:2d:04:b5:e6:
f0:a1:ba:16:39:81:ff:0c:2a:98:8d:17:f9:c7:f3:
7e:f9:88:6f:51:af:e0:b5:65:c6:33:9a:1c:ca:08:
5e:6c:6c:c7:d7:d5:00:55:5c:12:ea:02:11:e9:0b:
00:b4:e1:65:60:f1:be:fe:25:3f:f6:eb:26:4b:41:
29:d9:76:c2:a6:c9:9c:45:ee:81:61:b9:c4:d6:4e:
6e:03:24:03:8a:c2:09:02:12:16:3b:17:27:79:72:
c4:03:2b:42:99:9b:34:68:45:60:5f:6d:fe:6a:8e:
65:79:9b:86:9a:eb:3a:15:cf:4a:0c:17:d5:d9:94:
82:a2:b9:6e:67:22:9e:00:45:b5:cb:99:f7:f1:9a:
5c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8A:91:B5:25:3D:33:AA:2E:39:66:2F:1A:B9:BE:9E:47:7F:5C:DB
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XoqRtSU9M6ouOWYvGrm-nkd_XNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
194.14.57.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:a1:d7:54:b1:cd:72:ed:95:cf:f9:f3:10:48:d0:75:b5:e0:
d6:6f:55:53:b2:b0:32:f7:57:f9:4d:c5:01:0b:d5:84:20:f1:
7c:84:00:27:e2:bf:98:c7:68:a9:71:45:fb:3f:57:72:50:34:
9b:71:ba:04:a1:43:50:e9:7f:07:c9:a9:d8:f6:9a:ee:29:f0:
37:16:28:7d:f0:20:29:77:a5:04:96:fe:0c:1e:ae:78:0f:5f:
3e:49:d6:04:60:61:fa:dd:66:e8:ef:ae:c3:47:e4:ec:16:57:
b1:1c:41:6a:81:4b:f3:10:43:a1:e5:aa:32:fa:41:02:5d:c7:
fb:b8:69:6d:70:2a:eb:e7:93:c0:39:26:a7:c2:c7:c7:5b:8e:
92:d8:b4:8c:8e:fb:e7:50:05:be:cf:f6:ae:77:bb:be:c9:4e:
84:ce:27:f2:91:d8:db:52:dd:8c:99:b9:e1:4a:77:75:4a:b2:
63:ec:92:71:43:d4:58:a9:6c:5f:0e:52:08:d0:e2:d9:50:6c:
a4:68:2f:26:27:95:1b:22:8c:73:9b:37:68:9a:a9:03:f4:4d:
6b:bc:b0:db:12:17:cf:84:9b:6c:7d:ac:d7:5a:39:28:a3:75:
6e:f8:f3:95:c0:25:f0:f8:61:37:a3:ce:fc:13:03:38:8b:1d:
db:40:31:33
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYa8lJ1EwNvYUrlpAWUFSllJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMzA3MTQ1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThhOTFiNTI1M2QzM2FhMmUzOTY2MmYxYWI5YmU5ZTQ3N2Y1Y2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpKS6uLTfdeHc9GXH6IUVgfa5pX6
igy9tNXpF6wICLPN1e3XL0oKbszDYoaIOwd9dJG1EXl9MdZ41bN5MR7N/tmIXUcu
yNqEwMNsxnQpsWxoL6oXNBcyIjN6JKOtIg3fXB4bVEnkNDEYnLk25e34nK7ULy0E
tebwoboWOYH/DCqYjRf5x/N++YhvUa/gtWXGM5ocyghebGzH19UAVVwS6gIR6QsA
tOFlYPG+/iU/9usmS0Ep2XbCpsmcRe6BYbnE1k5uAyQDisIJAhIWOxcneXLEAytC
mZs0aEVgX23+ao5leZuGmus6Fc9KDBfV2ZSCorluZyKeAEW1y5n38ZpcnwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFF6KkbUlPTOqLjlmLxq5vp5Hf1zbMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWG9xUnRTVTlNNm91T1dZdkdybS1ua2RfWE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAwEcA
AwQAwKUDAwQBwKWGAwQAwbUiAwQAwbcUAwQAwbcxAwQAwbc7AwQAweoDAwQAwepe
AwQCwep0AwQAweqQAwQAwg45AwQBwkcAAwQBwmcQAwQAwmdfAwQAwmeRAwQAwmfF
AwQAwoSkAwQAwoSmAwQAwoS6MA0GCSqGSIb3DQEBCwUAA4IBAQCtoddUsc1y7ZXP
+fMQSNB1teDWb1VTsrAy91f5TcUBC9WEIPF8hAAn4r+Yx2ipcUX7P1dyUDSbcboE
oUNQ6X8HyanY9pruKfA3Fih98CApd6UElv4MHq54D18+SdYEYGH63Wbo767DR+Ts
FlexHEFqgUvzEEOh5aoy+kECXcf7uGltcCrr55PAOSanwsfHW46S2LSMjvvnUAW+
z/aud7u+yU6EzifykdjbUt2MmbnhSnd1SrJj7JJxQ9RYqWxfDlII0OLZUGykaC8m
J5UbIoxzmzdomqkD9E1rvLDbEhfPhJtsfazXWjkoo3Vu+POVwCXw+GE3o878EwM4
ix3bQDEz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org