Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/xCund0Qzjr6VZzc9y5vMCWmNqQ0.roa
File: xCund0Qzjr6VZzc9y5vMCWmNqQ0.roa (raw, json)
Hash identifier: OvQ1UpVGpkW4vjo4v/5Gog36bI1AMp2nGGXiVq39Mzc=
Subject key identifier: C4:2B:A7:77:44:33:8E:BE:95:67:37:3D:CB:9B:CC:09:69:8D:A9:0D
Certificate issuer: /CN=2cd41bcc3cd73e0dc7f7e95b5d0dca6d6857bedc
Certificate serial: 018CC8DCEB070DE7BF2A500C1DC18E676965
Authority key identifier: 2C:D4:1B:CC:3C:D7:3E:0D:C7:F7:E9:5B:5D:0D:CA:6D:68:57:BE:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/xCund0Qzjr6VZzc9y5vMCWmNqQ0.roa
Signing time: Tue 02 Jan 2024 06:29:30 +0000
ROA not before: Tue 02 Jan 2024 06:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197886
IP address blocks: 185.97.208.0/22 maxlen: 22
185.166.228.0/22 maxlen: 22
91.228.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:eb:07:0d:e7:bf:2a:50:0c:1d:c1:8e:67:69:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd41bcc3cd73e0dc7f7e95b5d0dca6d6857bedc
Validity
Not Before: Jan 2 06:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c42ba77744338ebe9567373dcb9bcc09698da90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:32:f1:91:a5:6d:30:1e:45:d1:e1:63:6d:63:
f8:42:59:6c:12:0d:29:f9:81:05:e2:f2:a2:e2:49:
16:87:77:a0:1b:66:73:4c:ef:29:4a:a4:f6:f8:a7:
ad:8a:d3:18:78:e5:0c:9b:0c:01:dd:23:36:4e:3c:
3b:2d:50:34:f2:20:f4:48:1a:b9:05:a5:31:28:fe:
ea:44:95:de:e4:2d:af:3d:6f:15:c3:ed:50:2c:0d:
a0:17:dc:55:48:03:ff:2c:5c:b4:3c:84:2a:4a:e3:
8d:a5:06:c6:24:1b:80:3b:8b:4a:ee:98:5e:74:46:
68:50:e8:fb:62:61:db:4a:de:f7:42:f8:7d:54:e6:
47:24:8f:8e:ee:b6:02:a5:38:ea:ac:75:31:17:66:
40:36:69:dc:71:43:8c:f7:2e:0d:00:04:f9:b4:b7:
19:be:58:e2:5f:80:a3:7c:38:3b:e8:fc:d9:fe:3a:
0b:d2:a2:da:96:e1:54:d3:71:14:a9:ac:f4:f4:25:
37:7c:14:56:cf:4c:a7:8a:da:d0:89:ca:36:40:1b:
7c:af:63:21:de:96:69:07:95:01:90:3c:d7:10:0c:
33:3b:69:37:09:45:10:72:b4:80:2d:e6:c3:34:67:
83:92:73:af:b1:1b:90:f6:ca:2b:46:0c:13:63:08:
bf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2B:A7:77:44:33:8E:BE:95:67:37:3D:CB:9B:CC:09:69:8D:A9:0D
X509v3 Authority Key Identifier:
keyid:2C:D4:1B:CC:3C:D7:3E:0D:C7:F7:E9:5B:5D:0D:CA:6D:68:57:BE:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/xCund0Qzjr6VZzc9y5vMCWmNqQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/1ad9bf-0322-4534-b009-e6e91bf052fe/1/LNQbzDzXPg3H9-lbXQ3KbWhXvtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.212.0/23
185.97.208.0/22
185.166.228.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:fc:54:70:fe:f1:6c:c5:0a:b1:3c:32:a0:fa:32:a4:33:aa:
3d:32:ca:a8:67:b6:ae:5f:dc:2c:ee:33:07:4d:4e:30:0b:37:
6d:91:c5:28:ce:f5:87:25:a1:01:e2:e6:37:41:de:78:38:c5:
ec:91:d4:fc:d7:f0:24:7c:41:a3:8f:78:7c:a5:a9:1c:b3:0a:
b2:4d:c4:6b:cb:a2:54:08:1a:80:83:0c:f6:65:f7:11:e1:33:
9f:6b:40:fb:29:58:ab:f8:59:1f:d5:30:55:fc:98:a9:be:38:
cc:69:4f:be:89:e9:91:fe:12:ef:6a:c3:7d:01:66:e7:11:1b:
a9:78:ac:a3:2e:f0:de:dd:1b:12:70:9c:99:0f:88:5d:92:a8:
d3:d4:fe:e8:b8:a7:c8:fb:88:0b:64:bd:51:14:2e:37:4a:ff:
87:ac:8e:5a:74:10:e0:ed:a2:71:c7:e9:02:15:4b:ea:01:7e:
97:56:c4:08:87:28:ce:46:f5:fe:3c:5f:a1:08:76:47:e0:1f:
76:f7:e8:48:b1:1b:94:43:c3:d8:07:7b:65:54:b6:0e:1e:aa:
0e:24:bd:20:cf:b1:b2:93:8d:eb:93:54:7c:43:ed:48:db:45:
8b:67:76:2e:fb:38:2f:85:cd:5a:06:88:6b:91:39:85:fe:78:
e1:b2:3f:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3OsHDee/KlAMHcGOZ2llMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZDQxYmNjM2NkNzNlMGRjN2Y3ZTk1YjVkMGRjYTZkNjg1
N2JlZGMwHhcNMjQwMTAyMDYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJiYTc3NzQ0MzM4ZWJlOTU2NzM3M2RjYjliY2MwOTY5OGRhOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizLxkaVtMB5F0eFjbWP4QllsEg0p
+YEF4vKi4kkWh3egG2ZzTO8pSqT2+KetitMYeOUMmwwB3SM2Tjw7LVA08iD0SBq5
BaUxKP7qRJXe5C2vPW8Vw+1QLA2gF9xVSAP/LFy0PIQqSuONpQbGJBuAO4tK7phe
dEZoUOj7YmHbSt73Qvh9VOZHJI+O7rYCpTjqrHUxF2ZANmnccUOM9y4NAAT5tLcZ
vljiX4CjfDg76PzZ/joL0qLaluFU03EUqaz09CU3fBRWz0ynitrQico2QBt8r2Mh
3pZpB5UBkDzXEAwzO2k3CUUQcrSALebDNGeDknOvsRuQ9sorRgwTYwi/FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMQrp3dEM46+lWc3PcubzAlpjakNMB8GA1UdIwQY
MBaAFCzUG8w81z4Nx/fpW10Nym1oV77cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE5RYnpEelhQZzNIOS1sYlhRM0tiV2hYdnR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8xYWQ5YmYtMDMyMi00NTM0LWIwMDkt
ZTZlOTFiZjA1MmZlLzEveEN1bmQwUXpqcjZWWnpjOXk1dk1DV21OcVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8xYWQ5YmYtMDMyMi00NTM0LWIwMDktZTZlOTFiZjA1MmZl
LzEvTE5RYnpEelhQZzNIOS1sYlhRM0tiV2hYdnR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+TUAwQC
uWHQAwQCuabkMA0GCSqGSIb3DQEBCwUAA4IBAQDP/FRw/vFsxQqxPDKg+jKkM6o9
MsqoZ7auX9ws7jMHTU4wCzdtkcUozvWHJaEB4uY3Qd54OMXskdT81/AkfEGjj3h8
pakcswqyTcRry6JUCBqAgwz2ZfcR4TOfa0D7KVir+Fkf1TBV/JipvjjMaU++iemR
/hLvasN9AWbnERupeKyjLvDe3RsScJyZD4hdkqjT1P7ouKfI+4gLZL1RFC43Sv+H
rI5adBDg7aJxx+kCFUvqAX6XVsQIhyjORvX+PF+hCHZH4B929+hIsRuUQ8PYB3tl
VLYOHqoOJL0gz7Gyk43rk1R8Q+1I20WLZ3Yu+zgvhc1aBohrkTmF/njhsj/6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:24 2024 by rpki-client on console-fra.rpki-client.org