Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/XWzbHBLB2hYm6PUUguTDtRMXzjI.roa
File: XWzbHBLB2hYm6PUUguTDtRMXzjI.roa (raw, json)
Hash identifier: IZ1twQ6L5zLvs8cBAJYZI7Jv5c3luT8rCkTaccWZVnE=
Subject key identifier: 5D:6C:DB:1C:12:C1:DA:16:26:E8:F5:14:82:E4:C3:B5:13:17:CE:32
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0188C391AEBFBF1A3D674845B25DE76344EE
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/XWzbHBLB2hYm6PUUguTDtRMXzjI.roa
Signing time: Fri 16 Jun 2023 09:38:04 +0000
ROA not before: Fri 16 Jun 2023 09:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 213.145.72.0/21 maxlen: 24
213.145.89.0/24 maxlen: 24
213.145.90.0/24 maxlen: 24
213.145.91.0/24 maxlen: 24
213.145.94.0/24 maxlen: 24
213.145.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Oct 2023 11:05:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:91:ae:bf:bf:1a:3d:67:48:45:b2:5d:e7:63:44:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jun 16 09:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d6cdb1c12c1da1626e8f51482e4c3b51317ce32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a4:a3:fb:9b:9f:28:c1:88:41:87:de:2f:f2:
8a:19:86:f1:aa:22:48:96:92:d2:15:00:02:f1:a4:
b9:ce:d9:64:18:08:1c:ab:00:5b:3b:0c:e6:89:78:
b3:d4:95:ce:3b:df:1e:c8:46:77:85:b3:f8:e2:d5:
f7:dd:ee:bc:15:f1:ec:51:80:ed:8d:0a:b3:0d:04:
d7:e7:70:80:d4:a7:b2:27:64:75:09:84:c9:f4:cd:
4e:c7:c5:7a:67:d5:50:25:93:ab:6c:1c:1e:14:38:
58:48:b5:b4:c0:c4:8c:f8:0b:6a:07:8e:10:57:1c:
79:f8:5d:b6:76:f5:e8:ca:32:6a:e0:60:ff:43:91:
18:a5:1f:e3:35:1d:2f:8a:93:bf:f0:af:7c:35:55:
b2:36:bb:bd:e0:97:2b:db:3b:51:03:6f:67:f4:06:
b9:7e:f7:f6:b1:44:e9:0b:c5:82:3c:8a:55:b6:17:
fa:e3:08:02:30:46:39:7b:a1:18:42:a6:63:7c:fd:
99:04:74:63:fb:61:aa:13:05:71:2f:66:56:83:be:
21:38:65:c7:b6:3a:7d:c4:63:76:ac:1a:d1:07:eb:
c9:4a:d9:55:57:90:da:ee:b1:c8:24:9a:b0:09:0c:
69:51:01:06:d3:ff:a4:50:28:aa:5f:33:f3:c0:fd:
1b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6C:DB:1C:12:C1:DA:16:26:E8:F5:14:82:E4:C3:B5:13:17:CE:32
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/XWzbHBLB2hYm6PUUguTDtRMXzjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.72.0/21
213.145.89.0-213.145.91.255
213.145.93.0-213.145.94.255
Signature Algorithm: sha256WithRSAEncryption
17:5d:43:d7:ec:c2:bc:71:66:f6:27:ed:9e:76:99:f1:3a:7e:
68:ff:79:f7:1a:ad:d8:67:73:f7:a2:80:63:4e:3d:0a:5c:79:
a1:26:40:02:04:72:e7:8f:7d:b6:64:4c:26:18:93:f1:5c:b0:
f4:be:ff:f7:15:ad:49:b2:36:4a:db:a9:bf:99:e7:d0:41:85:
e9:74:e9:fa:24:ff:f9:66:04:c4:a2:d5:6b:d8:6f:03:99:3f:
65:2e:a9:99:8f:c8:ca:c7:c9:04:aa:23:b1:d8:d4:82:53:74:
d4:d1:72:ab:54:c3:4f:97:2b:b9:a9:b9:85:d4:70:cc:3b:45:
62:1a:38:a0:af:8f:c3:29:47:55:c0:04:e9:73:f1:b5:2b:a9:
14:67:55:3c:59:dd:27:f6:08:bf:6e:5d:ea:68:27:5b:98:0e:
1b:4d:14:20:b7:41:f2:f5:c2:03:c9:ee:d5:d7:6a:40:7c:3a:
8e:15:c6:5f:24:8b:34:6a:30:7d:d7:1e:a5:e8:fa:79:0b:c2:
74:aa:77:e7:bc:29:3a:46:b4:85:8b:41:07:86:81:3b:b1:25:
00:24:aa:f8:91:01:e5:1b:54:f0:48:67:9f:18:21:57:fe:58:
50:00:fe:56:92:a6:9b:07:9e:21:46:71:67:75:2c:27:c4:7b:
e0:f2:29:2b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYjDka6/vxo9Z0hFsl3nY0TuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMwNjE2MDkzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZjZGIxYzEyYzFkYTE2MjZlOGY1MTQ4MmU0YzNiNTEzMTdjZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKSj+5ufKMGIQYfeL/KKGYbxqiJI
lpLSFQAC8aS5ztlkGAgcqwBbOwzmiXiz1JXOO98eyEZ3hbP44tX33e68FfHsUYDt
jQqzDQTX53CA1KeyJ2R1CYTJ9M1Ox8V6Z9VQJZOrbBweFDhYSLW0wMSM+AtqB44Q
Vxx5+F22dvXoyjJq4GD/Q5EYpR/jNR0vipO/8K98NVWyNru94Jcr2ztRA29n9Aa5
fvf2sUTpC8WCPIpVthf64wgCMEY5e6EYQqZjfP2ZBHRj+2GqEwVxL2ZWg74hOGXH
tjp9xGN2rBrRB+vJStlVV5Da7rHIJJqwCQxpUQEG0/+kUCiqXzPzwP0b3QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFF1s2xwSwdoWJuj1FILkw7UTF84yMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvWFd6YkhCTEIyaFltNlBVVWd1VER0Uk1YempJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQD1ZFIMAwD
BADVkVkDBALVkVgwDAMEANWRXQMEANWRXjANBgkqhkiG9w0BAQsFAAOCAQEAF11D
1+zCvHFm9iftnnaZ8Tp+aP959xqt2Gdz96KAY049Clx5oSZAAgRy5499tmRMJhiT
8Vyw9L7/9xWtSbI2Stupv5nn0EGF6XTp+iT/+WYExKLVa9hvA5k/ZS6pmY/IysfJ
BKojsdjUglN01NFyq1TDT5cruam5hdRwzDtFYho4oK+PwylHVcAE6XPxtSupFGdV
PFndJ/YIv25d6mgnW5gOG00UILdB8vXCA8nu1ddqQHw6jhXGXySLNGowfdcepej6
eQvCdKp357wpOka0hYtBB4aBO7ElACSq+JEB5RtU8EhnnxghV/5YUAD+VpKmmwee
IUZxZ3UsJ8R74PIpKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org