Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/xLqF7mtE9qqO4wKxyWYQB8hqlt8.roa
File: xLqF7mtE9qqO4wKxyWYQB8hqlt8.roa (raw, json)
Hash identifier: TFK4lRq5q+oar85Fyj7jH0Wv8+hJIs9QdDZqTpXyZH8=
Subject key identifier: C4:BA:85:EE:6B:44:F6:AA:8E:E3:02:B1:C9:66:10:07:C8:6A:96:DF
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018E31B05C8F0AB94D25E8901E364CC58E2D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/xLqF7mtE9qqO4wKxyWYQB8hqlt8.roa
Signing time: Tue 12 Mar 2024 08:03:45 +0000
ROA not before: Tue 12 Mar 2024 08:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 08:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:b0:5c:8f:0a:b9:4d:25:e8:90:1e:36:4c:c5:8e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Mar 12 08:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4ba85ee6b44f6aa8ee302b1c9661007c86a96df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1c:97:2b:ce:3b:d5:bf:75:69:6f:48:6d:ce:
2a:e1:f5:72:03:f8:2b:b6:4b:54:ee:3a:30:33:98:
2e:1c:8a:b8:68:03:52:a2:64:78:bc:ca:d3:ca:a1:
e5:3d:7e:e7:67:47:13:43:5c:a5:08:5f:a8:6f:02:
af:02:ad:6a:29:d6:65:9c:da:87:27:8f:71:aa:83:
2d:a2:b9:7b:33:1b:36:01:e0:c0:7f:9f:e7:5f:ac:
4c:bb:aa:26:67:17:f2:af:b7:20:81:f5:8f:77:58:
a5:01:9e:70:f1:7f:11:1e:b1:cb:67:10:6f:6f:ba:
6f:d2:46:94:45:ea:99:fa:2d:8f:7b:50:7e:5d:f0:
08:7a:5d:15:50:b7:1d:22:9f:e8:50:d3:64:51:44:
43:17:38:a6:dd:f0:37:89:42:ba:58:24:bd:7d:8f:
7e:45:0a:00:0b:84:2e:09:92:db:86:45:fd:9e:4d:
9f:b6:1b:2a:f3:90:d1:9b:7e:4c:38:67:e7:bd:27:
78:0a:78:43:ef:dc:56:89:c2:c6:99:9d:b3:d3:da:
f5:fc:6a:e1:c2:42:16:5d:1f:fe:4b:d8:b1:fc:cc:
2e:ba:3f:d5:94:db:99:d2:ae:0e:0b:eb:e6:1e:37:
9e:07:06:f0:fd:04:33:7d:9d:4c:56:14:79:22:59:
f4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BA:85:EE:6B:44:F6:AA:8E:E3:02:B1:C9:66:10:07:C8:6A:96:DF
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/xLqF7mtE9qqO4wKxyWYQB8hqlt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.183.118.0/24
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.132.108.0/23
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:81:9c:5d:eb:55:93:ab:12:b7:b7:0e:48:3e:f7:f2:02:fe:
75:31:66:28:10:87:e6:8e:0b:f2:10:3b:62:42:48:80:ac:11:
8f:13:a0:cf:b7:69:46:e2:3b:bc:b6:a3:49:cc:85:6b:62:6f:
46:2d:43:99:58:84:ec:2d:d2:3e:15:ea:63:3b:bf:68:05:01:
b0:b7:ac:da:a1:42:05:97:a0:f9:41:1b:bb:7c:25:56:4c:24:
3f:50:59:14:f4:b8:aa:6a:09:eb:39:0c:ce:af:c6:4f:89:b8:
68:83:15:61:4c:50:3d:e4:cd:13:da:2a:a3:5e:60:91:0f:1a:
ce:61:23:a7:c0:cc:67:92:21:23:86:b2:cd:83:1c:f7:68:47:
9c:bd:26:a2:cf:3f:f8:2e:74:50:1c:3d:8b:ca:07:e9:90:c1:
26:c2:83:ff:21:77:b9:97:b2:d2:38:e4:e9:e2:e7:8c:19:68:
c6:70:1d:93:8a:be:fa:70:05:b2:ad:7f:b6:cb:9b:3d:52:1e:
f7:52:2b:ed:27:29:5b:d0:d2:74:2e:0c:72:e7:0c:b9:25:fa:
60:06:10:7f:98:ef:d4:3f:e5:1b:cd:b5:ac:47:ea:bd:a3:34:
3a:b2:c5:68:14:a5:ff:d9:a4:0d:02:b5:24:fe:c2:e6:56:e3:
74:c7:e1:d4
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY4xsFyPCrlNJeiQHjZMxY4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMzEyMDgwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGJhODVlZTZiNDRmNmFhOGVlMzAyYjFjOTY2MTAwN2M4NmE5NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhyXK8471b91aW9Ibc4q4fVyA/gr
tktU7jowM5guHIq4aANSomR4vMrTyqHlPX7nZ0cTQ1ylCF+obwKvAq1qKdZlnNqH
J49xqoMtorl7Mxs2AeDAf5/nX6xMu6omZxfyr7cggfWPd1ilAZ5w8X8RHrHLZxBv
b7pv0kaUReqZ+i2Pe1B+XfAIel0VULcdIp/oUNNkUURDFzim3fA3iUK6WCS9fY9+
RQoAC4QuCZLbhkX9nk2fthsq85DRm35MOGfnvSd4CnhD79xWicLGmZ2z09r1/Grh
wkIWXR/+S9ix/Mwuuj/VlNuZ0q4OC+vmHjeeBwbw/QQzfZ1MVhR5Iln0aQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFMS6he5rRPaqjuMCsclmEAfIapbfMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEveExxRjdtdEU5cXFPNHdLeHlXWVFCOGhxbHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAwEeeAwQA
wHmsAwQAwHnAAwQAwbQ9AwQAwbd2AwQAwertAwQAwg6BAwQBwkQ4AwQAwkRjAwQA
wkR+AwQAwkcbAwQAwkdTAwQBwkeMAwQDwkf4AwQBwoRsAwQAwoSuMA0GCSqGSIb3
DQEBCwUAA4IBAQDJgZxd61WTqxK3tw5IPvfyAv51MWYoEIfmjgvyEDtiQkiArBGP
E6DPt2lG4ju8tqNJzIVrYm9GLUOZWITsLdI+FepjO79oBQGwt6zaoUIFl6D5QRu7
fCVWTCQ/UFkU9LiqagnrOQzOr8ZPibhogxVhTFA95M0T2iqjXmCRDxrOYSOnwMxn
kiEjhrLNgxz3aEecvSaizz/4LnRQHD2LygfpkMEmwoP/IXe5l7LSOOTp4ueMGWjG
cB2Tir76cAWyrX+2y5s9Uh73UivtJylb0NJ0Lgxy5wy5JfpgBhB/mO/UP+UbzbWs
R+q9ozQ6ssVoFKX/2aQNArUk/sLmVuN0x+HU
-----END CERTIFICATE-----
Generated at Mon Mar 18 11:46:54 2024 by rpki-client on console-ams.rpki-client.org