Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/Xxyv3ALQpvh6K6WIVJ4SuOikDTg.roa
File: Xxyv3ALQpvh6K6WIVJ4SuOikDTg.roa (raw, json)
Hash identifier: u1EnFF3OOfir4mmIvPzAOj/CoenuZ/G//dvPlsOGwnw=
Subject key identifier: 5F:1C:AF:DC:02:D0:A6:F8:7A:2B:A5:88:54:9E:12:B8:E8:A4:0D:38
Certificate issuer: /CN=49c403d43b5f38fca2119cd1409a92763edefe71
Certificate serial: 018FE2BD4C6127B178856A07A593B0649D89
Authority key identifier: 49:C4:03:D4:3B:5F:38:FC:A2:11:9C:D1:40:9A:92:76:3E:DE:FE:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ScQD1DtfOPyiEZzRQJqSdj7e_nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/Xxyv3ALQpvh6K6WIVJ4SuOikDTg.roa
Signing time: Tue 04 Jun 2024 10:13:27 +0000
ROA not before: Tue 04 Jun 2024 10:13:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18734
IP address blocks: 176.57.203.0/24 maxlen: 24
176.57.204.0/24 maxlen: 24
176.57.205.0/24 maxlen: 24
176.57.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 14:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:bd:4c:61:27:b1:78:85:6a:07:a5:93:b0:64:9d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49c403d43b5f38fca2119cd1409a92763edefe71
Validity
Not Before: Jun 4 10:13:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f1cafdc02d0a6f87a2ba588549e12b8e8a40d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:70:ee:3e:1d:00:74:8f:e5:64:ec:c0:ce:5b:
9f:3a:b5:2b:6e:07:49:05:8c:5d:e3:eb:df:0d:af:
f5:98:49:89:9a:53:72:9a:8d:9b:0c:f0:b7:5a:90:
96:de:e8:a0:19:09:f5:4c:a8:28:ed:a9:86:d2:42:
fc:4f:88:2e:b0:b0:3b:7c:a8:46:88:f9:32:2d:98:
33:49:93:57:a7:c4:63:a9:4f:a6:7e:4f:48:f1:c2:
df:e3:95:5f:f1:e9:a6:86:5b:19:db:02:09:8f:5d:
5a:b1:32:57:fc:c2:7e:2a:c5:65:60:cd:34:5b:10:
1e:0e:ee:3b:ec:14:06:ac:bd:7b:8a:2e:11:11:00:
64:a2:4d:d9:89:07:0a:8c:c5:b1:f9:df:4c:e9:c5:
43:ec:32:09:3e:98:fc:ba:e7:5f:90:ca:b1:f4:ee:
30:69:1b:75:83:c9:94:bc:80:e7:1c:47:32:a0:22:
0b:08:13:3b:46:29:26:61:9a:78:98:5a:7f:f4:d3:
9d:a6:6e:74:ad:d6:94:fc:f4:bf:d1:d4:a8:ae:51:
63:4b:09:61:63:b3:a1:8d:d8:2b:96:ac:5c:19:e6:
d7:f2:ba:a7:80:33:77:66:ec:35:40:8d:fd:14:65:
80:4c:63:51:8c:c4:64:bc:8d:61:30:41:39:d4:c3:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:1C:AF:DC:02:D0:A6:F8:7A:2B:A5:88:54:9E:12:B8:E8:A4:0D:38
X509v3 Authority Key Identifier:
keyid:49:C4:03:D4:3B:5F:38:FC:A2:11:9C:D1:40:9A:92:76:3E:DE:FE:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ScQD1DtfOPyiEZzRQJqSdj7e_nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/Xxyv3ALQpvh6K6WIVJ4SuOikDTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a2f87b-4811-4fe1-b15d-f889ca161c01/1/ScQD1DtfOPyiEZzRQJqSdj7e_nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.203.0-176.57.206.255
Signature Algorithm: sha256WithRSAEncryption
5b:f2:5c:9b:78:2c:43:47:19:3b:7d:2c:21:aa:41:31:63:27:
67:09:97:a5:87:79:a9:63:c4:67:be:f6:5d:8d:d8:75:fb:aa:
fc:42:68:49:4f:a7:6c:60:56:40:1e:c0:00:d3:de:b9:5f:fe:
f8:f3:9d:3a:d4:37:94:d1:d8:b6:a4:88:b1:cd:89:94:bf:10:
46:9c:9d:f8:6b:82:1f:f1:92:c6:50:f6:a0:b0:b0:b1:6f:8f:
ca:b3:e7:c3:7d:97:7c:8c:5f:84:41:40:77:0a:9b:10:68:86:
6f:cd:d4:4d:ab:99:9c:1e:56:66:65:40:b9:f1:78:a8:77:fd:
c8:3f:92:06:20:1b:44:af:d1:47:77:30:cf:69:ab:5b:70:7f:
28:b1:63:37:c4:46:f1:63:84:e1:4b:f5:a9:cf:92:88:c2:15:
70:bb:bc:0f:40:a1:59:f9:f6:3e:1d:44:77:52:d8:18:88:6a:
8c:03:9f:34:98:3d:ec:9d:0a:ac:53:75:ac:e1:2f:08:50:21:
8a:d6:fb:6c:7f:88:e7:b7:2a:6a:0c:a5:48:6b:f3:ee:f9:3a:
31:7f:dd:1f:39:1e:d8:c1:e2:96:79:54:79:c2:58:59:58:20:
57:cd:f5:21:ab:56:10:f2:25:a2:0e:f3:74:26:42:b9:ad:4d:
c6:7e:9c:db
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY/ivUxhJ7F4hWoHpZOwZJ2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YzQwM2Q0M2I1ZjM4ZmNhMjExOWNkMTQwOWE5Mjc2M2Vk
ZWZlNzEwHhcNMjQwNjA0MTAxMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjFjYWZkYzAyZDBhNmY4N2EyYmE1ODg1NDllMTJiOGU4YTQwZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXDuPh0AdI/lZOzAzlufOrUrbgdJ
BYxd4+vfDa/1mEmJmlNymo2bDPC3WpCW3uigGQn1TKgo7amG0kL8T4gusLA7fKhG
iPkyLZgzSZNXp8RjqU+mfk9I8cLf45Vf8emmhlsZ2wIJj11asTJX/MJ+KsVlYM00
WxAeDu477BQGrL17ii4REQBkok3ZiQcKjMWx+d9M6cVD7DIJPpj8uudfkMqx9O4w
aRt1g8mUvIDnHEcyoCILCBM7RikmYZp4mFp/9NOdpm50rdaU/PS/0dSorlFjSwlh
Y7OhjdgrlqxcGebX8rqngDN3Zuw1QI39FGWATGNRjMRkvI1hMEE51MPqEwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF8cr9wC0Kb4eiuliFSeErjopA04MB8GA1UdIwQY
MBaAFEnEA9Q7Xzj8ohGc0UCaknY+3v5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2NRRDFEdGZPUHlpRVp6UlFKcVNkajdlX25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hMmY4N2ItNDgxMS00ZmUxLWIxNWQt
Zjg4OWNhMTYxYzAxLzEvWHh5djNBTFFwdmg2SzZXSVZKNFN1T2lrRFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9hMmY4N2ItNDgxMS00ZmUxLWIxNWQtZjg4OWNhMTYxYzAx
LzEvU2NRRDFEdGZPUHlpRVp6UlFKcVNkajdlX25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACwOcsD
BACwOc4wDQYJKoZIhvcNAQELBQADggEBAFvyXJt4LENHGTt9LCGqQTFjJ2cJl6WH
ealjxGe+9l2N2HX7qvxCaElPp2xgVkAewADT3rlf/vjznTrUN5TR2LakiLHNiZS/
EEacnfhrgh/xksZQ9qCwsLFvj8qz58N9l3yMX4RBQHcKmxBohm/N1E2rmZweVmZl
QLnxeKh3/cg/kgYgG0Sv0Ud3MM9pq1twfyixYzfERvFjhOFL9anPkojCFXC7vA9A
oVn59j4dRHdS2BiIaowDnzSYPeydCqxTdazhLwhQIYrW+2x/iOe3KmoMpUhr8+75
OjF/3R85HtjB4pZ5VHnCWFlYIFfN9SGrVhDyJaIO83QmQrmtTcZ+nNs=
Generated at Tue Aug 6 16:28:42 2024 by rpki-client on console-fra.rpki-client.org