Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XbEd1_ICYv9-ZH6bSV_ZZgDcbk8.roa
File: XbEd1_ICYv9-ZH6bSV_ZZgDcbk8.roa (raw, json)
Hash identifier: ih7P5M3x1Ell45E2aRGDCVafaID3WzYbca9bsdq8cO8=
Subject key identifier: 5D:B1:1D:D7:F2:02:62:FF:7E:64:7E:9B:49:5F:D9:66:00:DC:6E:4F
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018E38A5F92944E13047AB738BBA639DCE07
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XbEd1_ICYv9-ZH6bSV_ZZgDcbk8.roa
Signing time: Wed 13 Mar 2024 16:29:45 +0000
ROA not before: Wed 13 Mar 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 109.234.74.0/24 maxlen: 24
152.89.28.0/22 maxlen: 22
193.135.157.0/24 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 06:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:a5:f9:29:44:e1:30:47:ab:73:8b:ba:63:9d:ce:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 13 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5db11dd7f20262ff7e647e9b495fd96600dc6e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:be:c6:e2:14:12:80:2e:c2:66:cb:f9:4b:
47:be:c8:b8:15:86:80:01:31:8c:53:32:60:f2:26:
3e:f3:55:de:f2:90:3f:0b:6c:46:2b:9e:be:cc:48:
54:de:36:96:6f:e2:f1:a8:1c:a6:03:11:71:c7:fe:
45:6c:b5:17:7a:32:01:30:04:40:10:39:3c:97:13:
6b:4b:7c:fc:85:86:0c:61:0f:6d:7e:98:2f:72:1c:
0d:45:27:0c:44:29:b7:fc:16:3d:f2:13:d6:7a:a9:
88:29:40:fd:d9:24:8f:ff:06:94:5a:80:f8:ce:a1:
d1:e7:84:55:df:94:82:c1:ba:e8:28:6d:1f:b8:7f:
cd:2d:f4:65:41:75:32:6d:3b:e3:7c:44:c6:8d:9d:
f3:57:c9:c1:d1:66:4d:fb:4b:22:7e:49:2b:35:98:
12:57:2d:6c:97:99:3c:35:80:d7:c4:49:ac:08:6f:
e4:c7:7a:21:b8:55:63:03:74:6e:67:25:49:94:6f:
c8:82:67:bb:bd:d1:dc:65:14:fd:69:21:3b:54:9c:
b5:17:04:6b:ff:a2:5a:98:3d:41:67:43:34:ec:b5:
11:dc:ca:92:1e:eb:de:d7:75:46:f1:bc:49:8e:d0:
06:59:82:61:89:e8:43:4e:29:97:1b:12:8a:c8:e8:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B1:1D:D7:F2:02:62:FF:7E:64:7E:9B:49:5F:D9:66:00:DC:6E:4F
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XbEd1_ICYv9-ZH6bSV_ZZgDcbk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.74.0/24
152.89.28.0/22
193.135.157.0/24
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
25:96:01:01:f5:6a:39:e7:3b:f7:44:59:ea:34:ef:e8:71:f0:
ca:ce:4f:a7:24:50:db:d6:a9:01:6d:87:7f:5b:af:1c:b1:01:
dc:da:1c:fc:cb:72:ba:bd:2c:1c:93:ae:ac:57:21:19:ff:0c:
f3:e0:9f:d9:41:9f:91:59:dd:49:c9:14:7a:04:16:4b:c1:d0:
2c:41:70:b0:95:41:31:a4:8d:5f:d8:89:4f:aa:5e:0c:cf:29:
43:bc:67:36:a6:b9:07:05:a8:73:28:cf:2c:c2:79:f0:f6:72:
93:bc:09:f8:08:7f:ad:69:fd:7d:88:23:5d:7f:3f:43:87:ab:
e4:26:8a:cc:e9:b9:f5:49:05:17:85:92:a1:3e:90:76:0b:99:
ac:a7:79:f3:bc:4d:47:6e:8b:9f:b0:b9:60:19:8b:19:a5:70:
51:dc:01:4d:e7:88:91:fa:e9:78:19:2b:77:99:a4:d4:10:b5:
0a:32:59:f8:0f:2c:12:06:78:67:5a:27:09:20:67:2e:9f:81:
d0:65:f7:7d:e7:18:1c:ae:3f:cf:00:b2:34:46:33:66:14:ec:
79:83:a3:88:3d:9c:85:e8:49:d3:c0:f6:74:03:4b:97:48:ff:
ea:a0:a3:f4:e6:60:42:fd:5c:89:2f:ab:fd:2f:3d:54:3f:ea:
a3:7e:ab:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY44pfkpROEwR6tzi7pjnc4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwMzEzMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIxMWRkN2YyMDI2MmZmN2U2NDdlOWI0OTVmZDk2NjAwZGM2ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooq+xuIUEoAuwmbL+UtHvsi4FYaA
ATGMUzJg8iY+81Xe8pA/C2xGK56+zEhU3jaWb+LxqBymAxFxx/5FbLUXejIBMARA
EDk8lxNrS3z8hYYMYQ9tfpgvchwNRScMRCm3/BY98hPWeqmIKUD92SSP/waUWoD4
zqHR54RV35SCwbroKG0fuH/NLfRlQXUybTvjfETGjZ3zV8nB0WZN+0sifkkrNZgS
Vy1sl5k8NYDXxEmsCG/kx3ohuFVjA3RuZyVJlG/Igme7vdHcZRT9aSE7VJy1FwRr
/6JamD1BZ0M07LUR3MqSHuve13VG8bxJjtAGWYJhiehDTimXGxKKyOiS0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF2xHdfyAmL/fmR+m0lf2WYA3G5PMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvWGJFZDFfSUNZdjktWkg2YlNWX1paZ0RjYms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbepKAwQC
mFkcAwQAwYedAwQAwYeuMA0GCSqGSIb3DQEBCwUAA4IBAQAllgEB9Wo55zv3RFnq
NO/ocfDKzk+nJFDb1qkBbYd/W68csQHc2hz8y3K6vSwck66sVyEZ/wzz4J/ZQZ+R
Wd1JyRR6BBZLwdAsQXCwlUExpI1f2IlPql4MzylDvGc2prkHBahzKM8swnnw9nKT
vAn4CH+taf19iCNdfz9Dh6vkJorM6bn1SQUXhZKhPpB2C5msp3nzvE1HboufsLlg
GYsZpXBR3AFN54iR+ul4GSt3maTUELUKMln4DywSBnhnWicJIGcun4HQZfd95xgc
rj/PALI0RjNmFOx5g6OIPZyF6EnTwPZ0A0uXSP/qoKP05mBC/VyJL6v9Lz1UP+qj
fquj
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:02 2025 by rpki-client