Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/X2vKxjpNUgu75Hj4nwrTNxjgYgY.roa
File: X2vKxjpNUgu75Hj4nwrTNxjgYgY.roa (raw, json)
Hash identifier: 8iEdeO7fYJc8T5a1wUtJyvgpwXTJ+YzoLbJjk1JI8Nc=
Subject key identifier: 5F:6B:CA:C6:3A:4D:52:0B:BB:E4:78:F8:9F:0A:D3:37:18:E0:62:06
Certificate issuer: /CN=795b319e7b5b00401df9805b095ebf5ae2ce959c
Certificate serial: 01856CCAB50F94F56491CAF549CA1528FF4F
Authority key identifier: 79:5B:31:9E:7B:5B:00:40:1D:F9:80:5B:09:5E:BF:5A:E2:CE:95:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVsxnntbAEAd-YBbCV6_WuLOlZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/X2vKxjpNUgu75Hj4nwrTNxjgYgY.roa
Signing time: Sun 01 Jan 2023 10:05:02 +0000
ROA not before: Sun 01 Jan 2023 10:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203605
IP address blocks: 185.198.192.0/23 maxlen: 24
185.198.194.0/23 maxlen: 24
2a0a:8e40::/29 maxlen: 44
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:b5:0f:94:f5:64:91:ca:f5:49:ca:15:28:ff:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795b319e7b5b00401df9805b095ebf5ae2ce959c
Validity
Not Before: Jan 1 10:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f6bcac63a4d520bbbe478f89f0ad33718e06206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:52:96:c4:47:d8:ac:3c:11:8b:74:e7:50:
4b:01:67:b5:30:b8:42:fe:d2:54:7d:54:d5:5d:bb:
b2:1e:36:3e:9a:01:b5:80:62:5c:db:52:a9:c5:30:
59:eb:87:d6:79:48:81:68:32:8c:6f:3c:7d:0f:86:
c8:64:3d:7f:34:d5:cd:b1:47:ee:ae:9e:4e:ef:43:
ce:83:80:93:78:32:02:6b:bc:61:ab:fc:22:90:14:
e6:69:ad:17:81:10:95:20:97:2c:3d:48:35:e8:60:
d2:dc:d3:60:f5:57:62:f1:a7:78:bd:73:8c:cf:eb:
03:2b:f4:3b:49:ba:14:63:bb:a1:e8:ad:34:07:5f:
84:2c:e7:dc:1e:e3:d1:26:f9:2a:ff:06:bd:73:d7:
f3:a0:d1:19:4d:7a:b7:f5:1f:63:7c:cb:8b:b8:8a:
55:e2:3e:e0:3c:a8:dc:51:86:b1:96:b3:5d:1f:c3:
1e:96:24:ec:98:3a:55:3f:68:b8:3d:15:ea:33:29:
f7:e5:b6:04:7c:a7:34:32:3a:73:72:27:f9:b1:50:
c2:81:d2:e3:19:1f:7d:60:71:ae:c0:0a:a3:34:36:
89:80:2a:a5:8c:e5:0e:d0:96:57:3b:22:98:2e:3c:
6d:db:82:d1:d9:16:e9:3f:d5:01:ea:a5:12:e8:1b:
e6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6B:CA:C6:3A:4D:52:0B:BB:E4:78:F8:9F:0A:D3:37:18:E0:62:06
X509v3 Authority Key Identifier:
keyid:79:5B:31:9E:7B:5B:00:40:1D:F9:80:5B:09:5E:BF:5A:E2:CE:95:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVsxnntbAEAd-YBbCV6_WuLOlZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/X2vKxjpNUgu75Hj4nwrTNxjgYgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/81a79c-b90f-4050-b21c-78d169e3df1f/1/eVsxnntbAEAd-YBbCV6_WuLOlZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.192.0/22
IPv6:
2a0a:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
72:b1:23:fa:43:8a:f8:5c:f7:a9:98:f8:a3:69:e3:b8:43:4c:
b4:2d:06:da:45:a6:85:15:96:69:8a:83:df:fc:c9:05:3a:38:
cf:1d:46:a1:1b:52:8d:ec:40:f5:55:58:be:3f:b3:7c:95:02:
8f:2b:c7:b5:fe:3b:56:54:94:dd:f0:1e:da:c8:72:b4:f5:00:
69:eb:fe:94:8a:4f:71:18:e3:3f:b3:5a:42:cd:b4:2e:21:9c:
cf:87:35:f1:b9:b2:ab:34:65:1a:5a:cc:85:67:1c:9e:33:f6:
19:dd:16:c5:a1:52:f9:91:43:75:ef:39:68:66:80:80:88:82:
e9:5a:8c:e1:28:57:16:cd:d6:78:5d:59:a1:0f:5b:d2:cb:bc:
0c:14:e8:f0:1d:0d:e1:17:ef:57:66:b6:d1:e6:3f:3a:f9:77:
c8:bf:9e:10:1f:31:94:3d:3f:57:aa:b3:1e:53:fc:8b:da:6b:
38:c7:b4:4c:e0:f6:8c:f4:e5:44:85:48:cf:88:79:96:f3:d2:
98:36:3c:8d:b2:bf:91:5c:f1:59:79:4a:19:9f:f3:34:3e:6b:
43:3b:43:e9:61:12:31:69:f4:af:9d:fe:53:e3:d6:05:0b:68:
4e:40:d0:f8:e4:4d:3d:d6:fe:49:83:98:62:38:ce:b1:2a:c8:
f7:d7:e3:f7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsyrUPlPVkkcr1ScoVKP9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NWIzMTllN2I1YjAwNDAxZGY5ODA1YjA5NWViZjVhZTJj
ZTk1OWMwHhcNMjMwMTAxMTAwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZiY2FjNjNhNGQ1MjBiYmJlNDc4Zjg5ZjBhZDMzNzE4ZTA2MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndBSlsRH2Kw8EYt051BLAWe1MLhC
/tJUfVTVXbuyHjY+mgG1gGJc21KpxTBZ64fWeUiBaDKMbzx9D4bIZD1/NNXNsUfu
rp5O70POg4CTeDICa7xhq/wikBTmaa0XgRCVIJcsPUg16GDS3NNg9Vdi8ad4vXOM
z+sDK/Q7SboUY7uh6K00B1+ELOfcHuPRJvkq/wa9c9fzoNEZTXq39R9jfMuLuIpV
4j7gPKjcUYaxlrNdH8MeliTsmDpVP2i4PRXqMyn35bYEfKc0Mjpzcif5sVDCgdLj
GR99YHGuwAqjNDaJgCqljOUO0JZXOyKYLjxt24LR2RbpP9UB6qUS6Bvm6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF9rysY6TVILu+R4+J8K0zcY4GIGMB8GA1UdIwQY
MBaAFHlbMZ57WwBAHfmAWwlev1rizpWcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVZzeG5udGJBRUFkLVlCYkNWNl9XdUxPbFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84MWE3OWMtYjkwZi00MDUwLWIyMWMt
NzhkMTY5ZTNkZjFmLzEvWDJ2S3hqcE5VZ3U3NUhqNG53clROeGpnWWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84MWE3OWMtYjkwZi00MDUwLWIyMWMtNzhkMTY5ZTNkZjFm
LzEvZVZzeG5udGJBRUFkLVlCYkNWNl9XdUxPbFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucbAMA0E
AgACMAcDBQMqCo5AMA0GCSqGSIb3DQEBCwUAA4IBAQBysSP6Q4r4XPepmPijaeO4
Q0y0LQbaRaaFFZZpioPf/MkFOjjPHUahG1KN7ED1VVi+P7N8lQKPK8e1/jtWVJTd
8B7ayHK09QBp6/6Uik9xGOM/s1pCzbQuIZzPhzXxubKrNGUaWsyFZxyeM/YZ3RbF
oVL5kUN17zloZoCAiILpWozhKFcWzdZ4XVmhD1vSy7wMFOjwHQ3hF+9XZrbR5j86
+XfIv54QHzGUPT9XqrMeU/yL2ms4x7RM4PaM9OVEhUjPiHmW89KYNjyNsr+RXPFZ
eUoZn/M0PmtDO0PpYRIxafSvnf5T49YFC2hOQND45E091v5Jg5hiOM6xKsj31+P3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:26 2024 by rpki-client on console-fra.rpki-client.org