Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/XEAjGcWVhSASEWIbV4Ghn5H1Xao.roa
File: XEAjGcWVhSASEWIbV4Ghn5H1Xao.roa (raw, json)
Hash identifier: kO+xvkavWIWWhcwHIiNESS6g3VQHBjNrtVjH1yJfmdY=
Subject key identifier: 5C:40:23:19:C5:95:85:20:12:11:62:1B:57:81:A1:9F:91:F5:5D:AA
Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial: 0185704BEB83686DE8C231A1A398245D5C90
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/XEAjGcWVhSASEWIbV4Ghn5H1Xao.roa
Signing time: Mon 02 Jan 2023 02:25:01 +0000
ROA not before: Mon 02 Jan 2023 02:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48573
IP address blocks: 193.29.230.0/23 maxlen: 23
94.143.40.0/22 maxlen: 22
94.143.40.0/21 maxlen: 21
94.143.44.0/22 maxlen: 22
185.43.10.0/23 maxlen: 23
185.43.8.0/23 maxlen: 23
185.43.8.0/22 maxlen: 22
31.185.0.0/22 maxlen: 22
31.185.0.0/21 maxlen: 21
31.185.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 10 Jul 2023 10:42:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:eb:83:68:6d:e8:c2:31:a1:a3:98:24:5d:5c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Validity
Not Before: Jan 2 02:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c402319c59585201211621b5781a19f91f55daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:71:f7:a7:b6:94:00:b8:d0:77:40:90:ba:
a6:d5:20:24:91:37:86:12:9e:c4:76:f0:ad:bf:ac:
65:e8:d2:82:e6:1e:7e:3b:c4:d0:e4:d5:a7:5b:dc:
88:63:3d:75:4e:c8:2d:8c:34:bd:08:51:44:ca:83:
fc:c4:cb:25:66:92:4e:c4:c7:cd:90:e7:a6:a8:c5:
87:b7:38:56:b0:5a:9c:78:6c:5d:3f:d5:e5:a9:b3:
41:58:62:68:84:09:22:99:c8:03:86:f6:8b:b1:cd:
7e:bd:e9:8a:10:b7:a4:4d:9d:5c:4b:04:16:f6:ee:
39:28:d3:56:d3:66:95:f5:20:b9:86:14:be:31:5c:
c9:92:64:b9:fa:c9:78:a7:b0:72:f4:c4:88:9d:cc:
58:9d:8a:ec:07:d3:f3:d9:05:2b:6a:b9:56:0e:7c:
66:7c:87:1d:85:79:00:1a:5b:07:11:60:73:ec:6b:
fe:9a:91:63:a0:c5:e9:51:28:cc:80:8b:d7:9d:42:
e7:90:5c:6e:58:41:c7:a5:7c:91:be:e2:91:27:26:
9d:b6:47:c6:7e:d6:42:90:54:84:08:17:16:98:7c:
79:ea:b4:46:d8:cc:71:3c:07:d4:99:97:94:03:cb:
12:39:ca:b3:35:99:22:fc:d7:f5:30:0f:4e:43:2b:
29:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:40:23:19:C5:95:85:20:12:11:62:1B:57:81:A1:9F:91:F5:5D:AA
X509v3 Authority Key Identifier:
keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/XEAjGcWVhSASEWIbV4Ghn5H1Xao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.0.0/21
94.143.40.0/21
185.43.8.0/22
193.29.230.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:92:96:a5:76:dd:93:b7:be:29:aa:80:d7:22:6d:2a:04:dc:
68:23:7c:cd:6f:8b:27:94:d3:d0:9e:3c:91:7b:be:ab:5a:09:
c7:24:91:67:e9:38:61:95:05:6a:12:71:2c:99:26:cc:e8:4b:
f6:00:3f:f4:a6:ce:7e:2f:5d:43:99:ee:d6:78:8d:63:01:55:
17:ee:2d:68:9b:26:54:6e:02:8c:9c:70:c8:5c:2a:6f:36:e4:
d7:b0:4a:72:4e:09:44:e5:96:d6:b5:07:57:d0:30:0e:bf:55:
7f:4d:0f:9d:e0:05:ba:22:a1:cf:8b:6c:a3:8e:65:5e:de:72:
eb:70:53:46:0b:3e:31:dc:a0:9c:2d:25:44:c7:35:77:62:9d:
d5:fe:08:82:3c:d7:2d:2f:12:80:40:0f:bb:51:bb:b0:d7:bf:
d3:d9:6c:43:8a:86:01:8a:02:f8:90:19:1c:ff:9b:53:46:58:
0d:a2:b2:2e:2d:8a:ad:fb:2b:48:9c:05:aa:4d:31:37:d0:7b:
92:8f:40:72:e5:dd:bb:60:bf:14:ac:7f:75:80:a3:4b:d6:51:
b7:e5:e9:ad:8c:ea:9e:40:2a:eb:53:30:ed:3c:37:fe:f9:42:
95:0a:ea:27:38:7d:ad:8f:6a:c1:52:4c:68:4b:2b:42:01:a6:
25:34:8a:60
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwS+uDaG3owjGho5gkXVyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjMwMTAyMDIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQwMjMxOWM1OTU4NTIwMTIxMTYyMWI1NzgxYTE5ZjkxZjU1ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApstx96e2lAC40HdAkLqm1SAkkTeG
Ep7EdvCtv6xl6NKC5h5+O8TQ5NWnW9yIYz11TsgtjDS9CFFEyoP8xMslZpJOxMfN
kOemqMWHtzhWsFqceGxdP9XlqbNBWGJohAkimcgDhvaLsc1+vemKELekTZ1cSwQW
9u45KNNW02aV9SC5hhS+MVzJkmS5+sl4p7By9MSIncxYnYrsB9Pz2QUrarlWDnxm
fIcdhXkAGlsHEWBz7Gv+mpFjoMXpUSjMgIvXnULnkFxuWEHHpXyRvuKRJyadtkfG
ftZCkFSECBcWmHx56rRG2MxxPAfUmZeUA8sSOcqzNZki/Nf1MA9OQyspvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFxAIxnFlYUgEhFiG1eBoZ+R9V2qMB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvWEVBakdjV1ZoU0FTRVdJYlY0R2huNUgxWGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDH7kAAwQD
Xo8oAwQCuSsIAwQBwR3mMA0GCSqGSIb3DQEBCwUAA4IBAQA7kpaldt2Tt74pqoDX
Im0qBNxoI3zNb4snlNPQnjyRe76rWgnHJJFn6ThhlQVqEnEsmSbM6Ev2AD/0ps5+
L11Dme7WeI1jAVUX7i1omyZUbgKMnHDIXCpvNuTXsEpyTglE5ZbWtQdX0DAOv1V/
TQ+d4AW6IqHPi2yjjmVe3nLrcFNGCz4x3KCcLSVExzV3Yp3V/giCPNctLxKAQA+7
Ubuw17/T2WxDioYBigL4kBkc/5tTRlgNorIuLYqt+ytInAWqTTE30HuSj0By5d27
YL8UrH91gKNL1lG35emtjOqeQCrrUzDtPDf++UKVCuonOH2tj2rBUkxoSytCAaYl
NIpg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:32 2024 by rpki-client on console-ams.rpki-client.org