Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/X2yOVEJW1p-SuocXq30_Bk-DaLU.roa
File: X2yOVEJW1p-SuocXq30_Bk-DaLU.roa (raw, json)
Hash identifier: EIbBWSVaqCYCsOr23g+z+0D8epObP0QidDaN4HvSlMM=
Subject key identifier: 5F:6C:8E:54:42:56:D6:9F:92:BA:87:17:AB:7D:3F:06:4F:83:68:B5
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 018DD0683B5E2D298C89D2BFD73DF82A0BE6
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/X2yOVEJW1p-SuocXq30_Bk-DaLU.roa
Signing time: Thu 22 Feb 2024 10:41:48 +0000
ROA not before: Thu 22 Feb 2024 10:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61108
IP address blocks: 62.249.96.0/22 maxlen: 22
88.218.52.0/22 maxlen: 22
185.92.102.0/24 maxlen: 24
185.226.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 27 Feb 2024 12:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:68:3b:5e:2d:29:8c:89:d2:bf:d7:3d:f8:2a:0b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Feb 22 10:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6c8e544256d69f92ba8717ab7d3f064f8368b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a9:91:f6:51:c0:ad:b1:8f:a4:46:1b:02:f1:
80:02:7c:a4:e7:94:aa:d1:ab:8c:c0:eb:d9:d0:8a:
15:36:20:c0:1e:b1:24:16:96:8c:fd:5e:a1:fe:4d:
5a:20:e6:fa:36:ae:dd:a6:df:ed:85:ae:0b:9c:4b:
10:a6:31:49:52:d8:92:65:3c:6a:4a:c9:b6:97:53:
a1:b3:ed:72:0c:14:f6:a4:d1:bc:96:30:ea:0c:a8:
83:7e:17:0e:fb:cd:2d:73:dd:50:9d:24:c3:a8:1a:
8c:2e:d5:2b:36:de:9c:e9:50:c9:d0:9e:90:65:62:
e0:d3:28:8f:9a:94:12:6c:2b:ce:45:2e:fc:a3:01:
d5:27:3b:4c:b0:c2:20:15:e6:4f:52:86:18:58:f6:
cb:10:39:42:44:0b:07:cb:40:05:64:95:30:c5:b9:
d5:2b:7b:14:7c:d9:9a:b2:67:3c:79:b9:e2:55:1c:
03:1d:45:a3:83:1d:88:2d:6d:00:24:70:c1:66:9e:
5d:44:19:fa:1b:c5:68:ad:68:e8:21:2f:43:72:6c:
d1:d1:3b:20:18:82:56:18:05:2d:0d:ff:1d:87:09:
0d:54:54:d7:d6:a9:0c:b7:56:95:b9:03:dd:56:6c:
9c:31:b2:13:a2:82:57:30:d2:51:22:74:e6:e4:a8:
e8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6C:8E:54:42:56:D6:9F:92:BA:87:17:AB:7D:3F:06:4F:83:68:B5
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/X2yOVEJW1p-SuocXq30_Bk-DaLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.96.0/22
88.218.52.0/22
185.92.102.0/24
185.226.40.0/22
Signature Algorithm: sha256WithRSAEncryption
55:cf:dc:40:b3:98:d0:e8:b3:e2:3a:4a:ca:c3:11:ce:d7:dd:
a6:d5:46:dd:2f:cd:f0:0f:8b:12:b4:6a:c7:7f:2e:27:4e:ce:
07:5b:fb:ea:0d:54:55:f4:2e:b6:8c:fa:5f:97:bc:04:89:09:
5f:49:b2:4f:2d:9b:83:2d:cf:ef:67:31:95:3d:cf:77:d4:95:
45:8d:2b:95:30:07:8d:3a:5d:bc:ba:7c:c8:56:cf:46:10:42:
70:37:6c:43:4a:d1:ac:0d:96:24:e5:5a:bb:00:f9:68:6f:1f:
ce:eb:9e:5c:a1:dd:4f:94:d6:ab:14:d3:f8:41:5f:fb:ef:e4:
3d:36:36:81:b2:0f:70:c6:5c:61:8d:b7:a5:4b:7c:97:44:54:
ad:51:fb:38:e2:e9:32:6c:8d:e5:30:60:de:47:1f:79:b6:c2:
a7:60:34:91:37:56:09:4c:e2:f1:d0:2e:97:19:14:e6:11:95:
c7:88:f8:fd:5a:39:4c:cc:2c:14:4a:48:e2:2a:7c:a8:b7:f5:
93:d1:7c:1f:e5:c9:27:03:7c:04:85:94:cc:c9:24:aa:ca:94:
00:f0:91:0f:17:38:8b:d0:0f:89:02:e9:5b:ce:44:d6:bc:d0:
f6:2c:7e:bc:f6:0f:9a:82:e7:b0:27:9f:79:98:34:5b:84:f1:
5a:6d:22:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3QaDteLSmMidK/1z34KgvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjQwMjIyMTA0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZjOGU1NDQyNTZkNjlmOTJiYTg3MTdhYjdkM2YwNjRmODM2OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqmR9lHArbGPpEYbAvGAAnyk55Sq
0auMwOvZ0IoVNiDAHrEkFpaM/V6h/k1aIOb6Nq7dpt/tha4LnEsQpjFJUtiSZTxq
Ssm2l1Ohs+1yDBT2pNG8ljDqDKiDfhcO+80tc91QnSTDqBqMLtUrNt6c6VDJ0J6Q
ZWLg0yiPmpQSbCvORS78owHVJztMsMIgFeZPUoYYWPbLEDlCRAsHy0AFZJUwxbnV
K3sUfNmasmc8ebniVRwDHUWjgx2ILW0AJHDBZp5dRBn6G8VorWjoIS9DcmzR0Tsg
GIJWGAUtDf8dhwkNVFTX1qkMt1aVuQPdVmycMbITooJXMNJRInTm5KjoAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF9sjlRCVtafkrqHF6t9PwZPg2i1MB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvWDJ5T1ZFSlcxcC1TdW9jWHEzMF9Cay1EYUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPvlgAwQC
WNo0AwQAuVxmAwQCueIoMA0GCSqGSIb3DQEBCwUAA4IBAQBVz9xAs5jQ6LPiOkrK
wxHO192m1UbdL83wD4sStGrHfy4nTs4HW/vqDVRV9C62jPpfl7wEiQlfSbJPLZuD
Lc/vZzGVPc931JVFjSuVMAeNOl28unzIVs9GEEJwN2xDStGsDZYk5Vq7APlobx/O
655cod1PlNarFNP4QV/77+Q9NjaBsg9wxlxhjbelS3yXRFStUfs44ukybI3lMGDe
Rx95tsKnYDSRN1YJTOLx0C6XGRTmEZXHiPj9WjlMzCwUSkjiKnyot/WT0Xwf5ckn
A3wEhZTMySSqypQA8JEPFziL0A+JAulbzkTWvND2LH689g+aguewJ595mDRbhPFa
bSJ6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:09 2024 by rpki-client on console-ams.rpki-client.org