Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Xb3s-HOXLvIaaUIOTVsy1xNeMa8.roa
File: Xb3s-HOXLvIaaUIOTVsy1xNeMa8.roa (raw, json)
Hash identifier: wOvTMwCx0PbpLC6EJCFqLUJAU9+xjDBEP2x6kzR7fH0=
Subject key identifier: 5D:BD:EC:F8:73:97:2E:F2:1A:69:42:0E:4D:5B:32:D7:13:5E:31:AF
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 0185729ED22BEEEC93F4B83163D350A5FDD9
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Xb3s-HOXLvIaaUIOTVsy1xNeMa8.roa
Signing time: Mon 02 Jan 2023 13:14:49 +0000
ROA not before: Mon 02 Jan 2023 13:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15755
IP address blocks: 185.96.171.0/24 maxlen: 24
94.103.40.0/24 maxlen: 24
185.35.21.0/24 maxlen: 24
185.203.34.0/24 maxlen: 24
2a0a:e0c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d2:2b:ee:ec:93:f4:b8:31:63:d3:50:a5:fd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Jan 2 13:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dbdecf873972ef21a69420e4d5b32d7135e31af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:58:c0:5d:65:2a:c5:53:e1:8f:09:51:fd:9e:
af:b3:66:30:79:97:cd:e3:81:4c:e6:a6:6e:3c:80:
12:4f:53:ce:45:9b:f1:2a:f4:40:e1:b9:36:25:95:
ba:0a:e0:35:1d:c6:22:6b:29:dc:6d:e1:af:f2:df:
99:7b:aa:e6:e8:e8:03:21:79:49:3b:02:8d:01:2e:
48:86:5f:92:6d:3a:9c:27:87:bd:14:15:98:f7:1d:
26:d8:8b:37:7c:b2:e6:6f:c2:2b:6c:ef:3b:d3:11:
19:d3:a9:fb:3e:86:db:c0:f0:d0:5c:ed:64:d9:c5:
fa:84:88:8d:7b:f2:ce:3b:24:64:46:58:a2:4b:96:
b5:37:b8:17:a7:59:c0:81:dd:20:74:e3:11:86:fa:
62:32:5d:01:fc:4e:f9:31:89:76:74:6e:7f:35:3e:
29:c6:bc:9e:15:b4:01:24:77:74:73:ed:04:1c:e7:
6d:cc:0d:1a:53:a4:33:9f:12:ad:7d:dd:b3:0d:fe:
ce:2a:e8:5a:07:ff:3c:e6:12:27:c8:4c:04:1d:7a:
0c:87:2e:b9:89:51:86:9b:4b:ba:50:7e:0e:f8:03:
cc:71:16:38:99:d1:ac:6d:c0:fd:da:bb:9c:cd:1c:
3d:47:43:cf:e4:5b:0d:0d:a8:c5:48:39:8e:45:e5:
c1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BD:EC:F8:73:97:2E:F2:1A:69:42:0E:4D:5B:32:D7:13:5E:31:AF
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/Xb3s-HOXLvIaaUIOTVsy1xNeMa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.40.0/24
185.35.21.0/24
185.96.171.0/24
185.203.34.0/24
IPv6:
2a0a:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:af:b3:86:90:85:03:6c:32:77:d7:0f:10:a4:5e:7a:18:4d:
5a:f8:81:c7:66:68:17:b2:2c:9a:69:9c:96:09:63:b7:06:42:
0d:40:e3:92:b3:fd:6f:78:e5:30:c1:12:76:bb:5c:0f:06:42:
01:67:30:4a:17:bc:de:63:59:0c:47:df:40:1e:e5:bb:0d:4d:
bd:a2:f2:af:66:40:1b:6c:ca:a4:b0:de:2d:0c:5d:08:f3:bc:
ac:c6:94:6a:d1:76:10:a4:bf:db:98:ca:5b:9c:03:ce:31:5a:
40:48:c9:f1:6e:5e:c7:3d:55:8e:7d:dd:a8:5b:4b:ab:f6:37:
8d:50:1c:03:f4:d4:a1:53:d4:f5:ec:e2:6e:74:cb:5e:13:96:
ba:a4:ed:68:dc:c5:0c:d4:20:92:24:f7:bd:8d:95:a7:99:6e:
23:0d:a3:e0:e9:25:ab:9b:17:b7:13:0d:8f:36:20:83:78:b5:
24:f0:af:a5:c0:bc:86:bb:9a:c6:95:a1:b6:da:44:d4:d9:12:
24:43:15:36:1d:07:06:0b:85:dd:6e:92:a8:36:90:0d:a3:3c:
1a:fa:09:28:b7:95:97:c0:a5:7f:be:04:7b:23:8b:e2:ab:f6:
a1:1c:22:a0:9f:2c:f9:44:a8:fb:d5:c7:25:5e:a2:83:6c:3a:
4c:cd:87:71
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyntIr7uyT9LgxY9NQpf3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwMTAyMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJkZWNmODczOTcyZWYyMWE2OTQyMGU0ZDViMzJkNzEzNWUzMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvljAXWUqxVPhjwlR/Z6vs2YweZfN
44FM5qZuPIAST1PORZvxKvRA4bk2JZW6CuA1HcYiayncbeGv8t+Ze6rm6OgDIXlJ
OwKNAS5Ihl+SbTqcJ4e9FBWY9x0m2Is3fLLmb8IrbO870xEZ06n7PobbwPDQXO1k
2cX6hIiNe/LOOyRkRliiS5a1N7gXp1nAgd0gdOMRhvpiMl0B/E75MYl2dG5/NT4p
xryeFbQBJHd0c+0EHOdtzA0aU6QznxKtfd2zDf7OKuhaB/885hInyEwEHXoMhy65
iVGGm0u6UH4O+APMcRY4mdGsbcD92ruczRw9R0PP5FsNDajFSDmOReXB2wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF297Phzly7yGmlCDk1bMtcTXjGvMB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvWGIzcy1IT1hMdklhYVVJT1RWc3kxeE5lTWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAXmcoAwQA
uSMVAwQAuWCrAwQAucsiMA0EAgACMAcDBQMqCuDAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/r7OGkIUDbDJ31w8QpF56GE1a+IHHZmgXsiyaaZyWCWO3BkINQOOSs/1veOUw
wRJ2u1wPBkIBZzBKF7zeY1kMR99AHuW7DU29ovKvZkAbbMqksN4tDF0I87ysxpRq
0XYQpL/bmMpbnAPOMVpASMnxbl7HPVWOfd2oW0ur9jeNUBwD9NShU9T17OJudMte
E5a6pO1o3MUM1CCSJPe9jZWnmW4jDaPg6SWrmxe3Ew2PNiCDeLUk8K+lwLyGu5rG
laG22kTU2RIkQxU2HQcGC4XdbpKoNpANozwa+gkot5WXwKV/vgR7I4viq/ahHCKg
nyz5RKj71cclXqKDbDpMzYdx
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:44 2023 by rpki-client on console.sobornost.net