Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/xJdqMhX880viZo9vJBDy0OY-XQc.roa
File: xJdqMhX880viZo9vJBDy0OY-XQc.roa (raw, json)
Hash identifier: hMsml9bQytggYzgjkNcDFp85ub11fcBiP7bExObrw9c=
Subject key identifier: C4:97:6A:32:15:FC:F3:4B:E2:66:8F:6F:24:10:F2:D0:E6:3E:5D:07
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 01856DC1BA581AB97182FF88A8B871558402
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/xJdqMhX880viZo9vJBDy0OY-XQc.roa
Signing time: Sun 01 Jan 2023 14:34:50 +0000
ROA not before: Sun 01 Jan 2023 14:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
194.187.88.0/22 maxlen: 24
185.63.149.0/24 maxlen: 24
185.63.148.0/22 maxlen: 22
217.11.208.0/20 maxlen: 20
212.103.64.0/24 maxlen: 24
212.103.64.0/19 maxlen: 19
217.146.160.0/20 maxlen: 20
212.103.65.0/24 maxlen: 24
217.146.165.0/24 maxlen: 24
2a00:c38:1a5::/48 maxlen: 48
2a00:c38::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Jan 2023 16:14:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ba:58:1a:b9:71:82:ff:88:a8:b8:71:55:84:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Jan 1 14:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4976a3215fcf34be2668f6f2410f2d0e63e5d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a9:b4:fb:4c:47:33:ad:ba:72:aa:52:86:bc:
3c:79:f3:dc:2b:c6:06:ab:d3:28:9e:ad:4e:1e:b9:
39:94:f2:94:9c:84:30:e6:f4:fc:86:da:c7:f3:35:
48:cc:54:44:fc:fe:3b:86:ae:ca:0a:c5:69:3b:44:
58:6d:be:05:b0:36:9b:ba:d9:57:c7:81:af:dd:1b:
8b:e1:ff:fd:13:93:84:81:69:64:86:e7:1e:9c:2e:
8f:1f:e5:f3:b8:fe:b3:98:16:b8:19:57:31:d0:d8:
c9:45:39:1e:f7:7b:17:bb:d4:94:44:98:eb:59:16:
4c:9a:cc:8f:15:06:ee:41:85:40:12:4a:e7:95:69:
8a:57:36:71:50:fd:7e:f2:b1:67:d5:60:6f:2b:c2:
4a:df:29:6d:5d:f6:7b:52:68:24:a1:d7:79:f2:28:
bd:04:94:85:60:fb:51:45:64:03:03:3d:20:10:ae:
bc:fe:0b:90:4c:10:85:4e:c4:b3:d8:55:ba:11:61:
be:2a:89:ab:34:84:e5:66:05:85:5f:03:ad:ab:56:
93:88:14:37:db:f2:bd:4d:d2:94:69:00:aa:be:af:
6d:17:7c:e4:12:5f:0d:01:52:8d:d1:3b:b5:05:46:
40:90:2c:75:dd:3f:75:ad:9c:16:76:8c:b0:55:92:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:97:6A:32:15:FC:F3:4B:E2:66:8F:6F:24:10:F2:D0:E6:3E:5D:07
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/xJdqMhX880viZo9vJBDy0OY-XQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
185.63.148.0/22
194.187.88.0/22
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
a0:4d:4c:44:59:ec:0f:18:93:98:19:0b:57:2b:fb:20:33:c3:
54:4e:41:b4:6a:82:a3:9e:01:21:92:74:3b:82:3d:15:83:91:
58:31:4e:f2:6f:31:53:06:ee:bb:6b:11:3d:e5:61:99:62:24:
4a:b5:b0:91:a2:b0:8a:92:cc:35:56:33:5c:e3:f6:1f:37:4e:
54:94:48:3c:94:07:ad:35:b1:8c:86:67:b6:4a:2c:da:89:b8:
f7:db:13:48:4f:fe:42:3c:c7:7b:8b:e9:4f:e4:5e:7c:cc:6f:
29:d4:f7:3a:45:31:ea:c4:16:65:fa:f6:e6:9b:88:b7:df:fc:
2b:91:94:d8:43:59:1b:6a:c5:a7:7e:4a:09:9f:92:5c:bd:ef:
13:7a:1a:53:b3:91:01:c3:31:4f:c6:ac:f2:7a:56:23:53:a0:
1c:69:8e:21:6b:5e:bc:09:22:34:be:7c:ce:c6:2f:90:95:7f:
ad:64:0d:33:2c:8c:7e:7c:af:4f:ab:36:d6:c0:9e:47:74:da:
82:16:a6:33:d7:df:cc:f4:6c:d1:30:fb:8b:0a:cc:41:ad:02:
3d:26:1e:75:b9:8f:97:7c:b6:b9:0e:c2:34:f7:85:ae:86:cf:
fd:a2:a4:42:43:f2:c7:86:ec:37:98:25:b7:53:a4:23:50:31:
64:b9:b4:82
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtwbpYGrlxgv+IqLhxVYQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjMwMTAxMTQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk3NmEzMjE1ZmNmMzRiZTI2NjhmNmYyNDEwZjJkMGU2M2U1ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnam0+0xHM626cqpShrw8efPcK8YG
q9Monq1OHrk5lPKUnIQw5vT8htrH8zVIzFRE/P47hq7KCsVpO0RYbb4FsDabutlX
x4Gv3RuL4f/9E5OEgWlkhucenC6PH+XzuP6zmBa4GVcx0NjJRTke93sXu9SURJjr
WRZMmsyPFQbuQYVAEkrnlWmKVzZxUP1+8rFn1WBvK8JK3yltXfZ7Umgkodd58ii9
BJSFYPtRRWQDAz0gEK68/guQTBCFTsSz2FW6EWG+KomrNITlZgWFXwOtq1aTiBQ3
2/K9TdKUaQCqvq9tF3zkEl8NAVKN0Tu1BUZAkCx13T91rZwWdoywVZJDKwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMSXajIV/PNL4maPbyQQ8tDmPl0HMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEveEpkcU1oWDg4MHZpWm85dkpCRHkwT1ktWFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTV94AwQC
uT+UAwQCwrtYAwQF1GdAAwQE2QvQAwQE2ZKgMA0EAgACMAcDBQAqAAw4MA0GCSqG
SIb3DQEBCwUAA4IBAQCgTUxEWewPGJOYGQtXK/sgM8NUTkG0aoKjngEhknQ7gj0V
g5FYMU7ybzFTBu67axE95WGZYiRKtbCRorCKksw1VjNc4/YfN05UlEg8lAetNbGM
hme2Sizaibj32xNIT/5CPMd7i+lP5F58zG8p1Pc6RTHqxBZl+vbmm4i33/wrkZTY
Q1kbasWnfkoJn5Jcve8TehpTs5EBwzFPxqzyelYjU6AcaY4ha168CSI0vnzOxi+Q
lX+tZA0zLIx+fK9PqzbWwJ5HdNqCFqYz19/M9GzRMPuLCsxBrQI9Jh51uY+XfLa5
DsI094Wuhs/9oqRCQ/LHhuw3mCW3U6QjUDFkubSC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:37 2024 by rpki-client on console-fra.rpki-client.org