Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/X7KqRAfmZwA9ZhYBLwxabn_6BrM.roa
File: X7KqRAfmZwA9ZhYBLwxabn_6BrM.roa (raw, json)
Hash identifier: HsezpaYn7VytGuqUIYiiBt7PCZMnIhvTiLN7nCKwqqY=
Subject key identifier: 5F:B2:AA:44:07:E6:67:00:3D:66:16:01:2F:0C:5A:6E:7F:FA:06:B3
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 018EBC47ECB16AF96A1158513DF606A86841
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/X7KqRAfmZwA9ZhYBLwxabn_6BrM.roa
Signing time: Mon 08 Apr 2024 05:56:53 +0000
ROA not before: Mon 08 Apr 2024 05:56:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 17:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bc:47:ec:b1:6a:f9:6a:11:58:51:3d:f6:06:a8:68:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Apr 8 05:56:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fb2aa4407e667003d6616012f0c5a6e7ffa06b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3c:5e:0c:58:85:ed:f7:97:b9:d8:4c:17:14:
00:c6:1f:23:51:f6:84:61:bc:4c:a8:09:6d:77:aa:
57:7f:c6:38:c9:18:ed:41:bb:5c:69:c9:29:c4:8c:
8c:23:d4:aa:d1:52:45:70:95:ff:27:32:07:cf:26:
bc:32:51:42:08:43:a2:71:e1:77:d1:3e:f5:80:69:
4b:ff:ca:5a:ed:f1:28:0d:82:02:c7:0c:c5:b2:d3:
4c:d3:3b:c9:d6:00:9a:a1:29:4f:08:19:4a:84:0d:
b9:cf:a7:03:80:38:ec:05:66:d1:8f:3b:93:25:e4:
f3:d5:97:d3:03:7a:ea:07:6a:80:25:31:58:74:4a:
69:29:d0:52:89:2d:5c:7e:33:a3:48:87:89:43:ee:
15:ab:f7:04:e6:eb:ca:8f:e2:bf:5d:2e:6f:dc:3c:
33:16:6e:06:fa:c5:e2:4d:45:6c:4d:41:e9:04:65:
35:67:e1:07:2d:ff:34:58:9f:cd:41:01:25:3a:f9:
44:ef:ed:d3:9f:ff:46:75:19:ad:86:99:af:5a:05:
92:84:f4:bc:64:d4:dc:dd:50:66:fe:b7:1c:57:98:
48:aa:8b:9d:42:e0:27:cd:eb:61:6b:fc:6a:27:98:
86:9a:7f:b6:a2:62:29:43:2f:e3:dc:f7:45:a4:02:
bb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B2:AA:44:07:E6:67:00:3D:66:16:01:2F:0C:5A:6E:7F:FA:06:B3
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/X7KqRAfmZwA9ZhYBLwxabn_6BrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0/24
212.59.64.0-212.59.70.255
Signature Algorithm: sha256WithRSAEncryption
04:ef:2e:6a:f2:19:d3:5c:fe:3a:58:0f:58:b4:dc:2d:bb:b4:
38:5f:54:4b:c7:ed:df:fd:12:a2:a7:ce:c0:d8:92:94:db:d3:
99:61:b1:8b:cc:be:c8:21:2d:79:96:e1:41:d2:17:e6:49:86:
76:cb:e3:36:6f:a5:8d:48:a3:b9:cc:4f:93:6c:76:f9:df:b2:
8d:4c:13:a0:cc:d6:18:0c:87:63:a7:81:08:0d:80:71:45:ff:
a4:a9:3a:b0:6a:83:e6:a3:96:52:6d:74:eb:d2:6a:8f:38:2d:
ed:1b:21:21:3d:48:67:1d:be:b0:99:ad:eb:71:34:f6:ec:1e:
4c:39:89:49:b4:20:48:41:49:3d:a9:97:54:c3:52:8a:4c:31:
e4:8c:96:9f:3e:8c:ca:04:fd:49:70:e8:4e:92:0f:66:c4:bb:
1c:80:c0:dc:34:9e:5f:5d:88:b7:b0:2b:9e:07:7c:e2:76:6f:
fd:65:27:be:41:21:a7:5d:99:b9:05:57:01:69:31:87:88:fc:
de:42:e4:49:a6:73:a3:ed:72:f4:30:99:ac:b9:5a:79:c8:d9:
f2:dc:fc:aa:f1:52:22:b7:af:a2:4a:75:9b:b0:47:cd:6a:16:
a5:18:24:69:99:98:c6:99:84:54:c5:63:9e:80:5a:1f:d4:0f:
81:5d:cb:57
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY68R+yxavlqEVhRPfYGqGhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjQwNDA4MDU1NjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmIyYWE0NDA3ZTY2NzAwM2Q2NjE2MDEyZjBjNWE2ZTdmZmEwNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDxeDFiF7feXudhMFxQAxh8jUfaE
YbxMqAltd6pXf8Y4yRjtQbtcackpxIyMI9Sq0VJFcJX/JzIHzya8MlFCCEOiceF3
0T71gGlL/8pa7fEoDYICxwzFstNM0zvJ1gCaoSlPCBlKhA25z6cDgDjsBWbRjzuT
JeTz1ZfTA3rqB2qAJTFYdEppKdBSiS1cfjOjSIeJQ+4Vq/cE5uvKj+K/XS5v3Dwz
Fm4G+sXiTUVsTUHpBGU1Z+EHLf80WJ/NQQElOvlE7+3Tn/9GdRmthpmvWgWShPS8
ZNTc3VBm/rccV5hIqoudQuAnzetha/xqJ5iGmn+2omIpQy/j3PdFpAK7jQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF+yqkQH5mcAPWYWAS8MWm5/+gazMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvWDdLcVJBZm1ad0E5WmhZQkx3eGFibl82QnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQD0SPgAwQA
0SPpMAwDBAbUO0ADBADUO0YwDQYJKoZIhvcNAQELBQADggEBAATvLmryGdNc/jpY
D1i03C27tDhfVEvH7d/9EqKnzsDYkpTb05lhsYvMvsghLXmW4UHSF+ZJhnbL4zZv
pY1Io7nMT5Nsdvnfso1ME6DM1hgMh2OngQgNgHFF/6SpOrBqg+ajllJtdOvSao84
Le0bISE9SGcdvrCZretxNPbsHkw5iUm0IEhBST2pl1TDUopMMeSMlp8+jMoE/Ulw
6E6SD2bEuxyAwNw0nl9diLewK54HfOJ2b/1lJ75BIaddmbkFVwFpMYeI/N5C5Emm
c6PtcvQwmay5WnnI2fLc/KrxUiK3r6JKdZuwR81qFqUYJGmZmMaZhFTFY56AWh/U
D4Fdy1c=
-----END CERTIFICATE-----
Generated at Wed Sep 18 21:45:05 2024 by rpki-client on console-ams.rpki-client.org