Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/XPW0FRL4UHNES7htCTFW9-qrIWs.roa
File: XPW0FRL4UHNES7htCTFW9-qrIWs.roa (raw, json)
Hash identifier: Y17UyrYKIJLgb8B2z/ARFVTdhDG9KQ0x+DSsqlmRtAM=
Subject key identifier: 5C:F5:B4:15:12:F8:50:73:44:4B:B8:6D:09:31:56:F7:EA:AB:21:6B
Certificate issuer: /CN=29c2103fd2417c8869145617de94fcc913b085ef
Certificate serial: 01859AC862EFAD4F3917BB127DB84D6B0D7A
Authority key identifier: 29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/XPW0FRL4UHNES7htCTFW9-qrIWs.roa
Signing time: Tue 10 Jan 2023 08:25:01 +0000
ROA not before: Tue 10 Jan 2023 08:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48504
IP address blocks: 193.243.151.0/24 maxlen: 24
193.243.150.0/23 maxlen: 23
45.134.192.0/22 maxlen: 24
46.247.160.0/19 maxlen: 24
94.247.160.0/21 maxlen: 24
94.143.80.0/21 maxlen: 24
185.48.48.0/22 maxlen: 24
194.105.58.0/23 maxlen: 24
194.105.62.0/23 maxlen: 24
176.53.128.0/22 maxlen: 24
185.12.96.0/22 maxlen: 24
193.239.190.0/23 maxlen: 24
37.26.176.0/21 maxlen: 24
185.50.76.0/22 maxlen: 24
2a03:bd00::/32 maxlen: 48
2a01:aa60::/32 maxlen: 48
2a01:9720::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 Mar 2023 13:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9a:c8:62:ef:ad:4f:39:17:bb:12:7d:b8:4d:6b:0d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c2103fd2417c8869145617de94fcc913b085ef
Validity
Not Before: Jan 10 08:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf5b41512f85073444bb86d093156f7eaab216b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:21:be:0a:a8:06:58:22:95:f6:25:f7:92:bf:
d8:6b:12:fe:9d:46:42:a3:2d:d7:b7:8f:44:5b:15:
04:40:9e:35:9f:00:89:6d:17:a4:11:3b:51:52:a8:
ce:18:4b:ff:fd:20:29:d4:32:e7:ad:f7:2e:0c:f8:
90:19:9f:0c:25:c8:48:6e:76:e7:55:5b:91:4e:0c:
a7:9a:e9:0a:62:f2:fa:e3:1e:c9:ca:03:13:4b:2f:
23:dc:9c:b5:f8:c2:55:36:5d:a7:0f:cc:e7:ac:00:
2c:f0:ed:65:24:12:af:a9:8a:18:7c:29:92:09:a7:
7b:68:96:60:f1:1a:d9:46:dc:3d:2f:d7:16:76:84:
67:61:61:f1:09:07:a4:98:2b:bd:ab:b4:6e:70:b8:
33:04:9c:b5:c0:dd:66:66:e3:3d:c3:ee:65:88:71:
cf:e8:8e:da:5a:65:5d:6d:47:ce:7a:65:fa:01:01:
ca:07:0f:e3:0b:2e:fb:ad:b7:5f:9b:02:a8:8b:cf:
3c:d7:b0:4c:e5:ba:05:de:2d:b7:d3:17:d9:a6:24:
64:56:de:20:95:8f:11:31:77:b2:af:a1:3d:94:92:
41:8f:b2:0b:65:bc:df:a2:05:c1:fa:c1:d4:20:c0:
07:a1:5a:cf:fe:08:fc:7f:21:ee:7a:df:fa:20:84:
9f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F5:B4:15:12:F8:50:73:44:4B:B8:6D:09:31:56:F7:EA:AB:21:6B
X509v3 Authority Key Identifier:
keyid:29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/XPW0FRL4UHNES7htCTFW9-qrIWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.176.0/21
45.134.192.0/22
46.247.160.0/19
94.143.80.0/21
94.247.160.0/21
176.53.128.0/22
185.12.96.0/22
185.48.48.0/22
185.50.76.0/22
193.239.190.0/23
193.243.150.0/23
194.105.58.0/23
194.105.62.0/23
IPv6:
2a01:9720::/32
2a01:aa60::/32
2a03:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
a0:4e:40:3d:2b:ce:44:60:70:7d:a2:aa:31:79:80:64:c9:6e:
75:88:35:19:eb:eb:ae:d7:7c:1f:10:42:73:e6:8d:3f:05:ef:
97:19:18:f2:ed:48:d1:a1:5c:fa:5e:8f:62:f3:76:e5:87:71:
32:67:2c:9c:39:7b:9c:7f:21:d0:95:d0:ab:0e:f7:38:0f:45:
35:78:4b:d7:a9:ef:13:f8:e2:98:f4:84:4a:a9:33:1d:3a:31:
93:a3:25:c7:24:54:e1:3c:12:4a:a8:4b:35:34:98:dc:a6:c5:
72:bc:f5:e9:45:b2:4c:e1:34:e1:ad:73:fe:d9:9c:eb:ac:39:
7c:bb:fd:ad:34:9a:66:9e:e5:a3:19:33:27:70:84:43:57:21:
86:b2:53:34:32:6b:26:57:7d:45:b6:29:c1:6f:a1:fb:6c:07:
9f:b5:31:54:30:39:0c:d2:dd:bc:02:e3:13:f8:72:e0:5e:d9:
c5:19:4c:5a:13:88:55:61:65:42:11:91:82:a3:96:6b:d0:1e:
98:fd:87:95:c6:30:11:18:0a:5f:c9:3b:50:32:e2:2a:fe:e6:
21:ee:b3:38:d8:f2:58:6a:b7:5a:f5:3a:a1:18:6e:f9:e5:65:
7a:ab:aa:c8:70:08:a2:e0:df:34:ea:39:2d:32:f6:21:f4:ef:
3a:ec:5c:51
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYWayGLvrU85F7sSfbhNaw16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzIxMDNmZDI0MTdjODg2OTE0NTYxN2RlOTRmY2M5MTNi
MDg1ZWYwHhcNMjMwMTEwMDgyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y1YjQxNTEyZjg1MDczNDQ0YmI4NmQwOTMxNTZmN2VhYWIyMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSG+CqgGWCKV9iX3kr/YaxL+nUZC
oy3Xt49EWxUEQJ41nwCJbRekETtRUqjOGEv//SAp1DLnrfcuDPiQGZ8MJchIbnbn
VVuRTgynmukKYvL64x7JygMTSy8j3Jy1+MJVNl2nD8znrAAs8O1lJBKvqYoYfCmS
Cad7aJZg8RrZRtw9L9cWdoRnYWHxCQekmCu9q7RucLgzBJy1wN1mZuM9w+5liHHP
6I7aWmVdbUfOemX6AQHKBw/jCy77rbdfmwKoi88817BM5boF3i230xfZpiRkVt4g
lY8RMXeyr6E9lJJBj7ILZbzfogXB+sHUIMAHoVrP/gj8fyHuet/6IISf6QIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFFz1tBUS+FBzREu4bQkxVvfqqyFrMB8GA1UdIwQY
MBaAFCnCED/SQXyIaRRWF96U/MkTsIXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUt
OWQ1NjU3NTEzZTIwLzEvWFBXMEZSTDRVSE5FUzdodENURlc5LXFySVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUtOWQ1NjU3NTEzZTIw
LzEvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAyUasAME
Ai2GwAMEBS73oAMEA16PUAMEA173oAMEArA1gAMEArkMYAMEArkwMAMEArkyTAME
AcHvvgMEAcHzlgMEAcJpOgMEAcJpPjAbBAIAAjAVAwUAKgGXIAMFACoBqmADBQAq
A70AMA0GCSqGSIb3DQEBCwUAA4IBAQCgTkA9K85EYHB9oqoxeYBkyW51iDUZ6+uu
13wfEEJz5o0/Be+XGRjy7UjRoVz6Xo9i83blh3EyZyycOXucfyHQldCrDvc4D0U1
eEvXqe8T+OKY9IRKqTMdOjGToyXHJFThPBJKqEs1NJjcpsVyvPXpRbJM4TThrXP+
2ZzrrDl8u/2tNJpmnuWjGTMncIRDVyGGslM0MmsmV31FtinBb6H7bAeftTFUMDkM
0t28AuMT+HLgXtnFGUxaE4hVYWVCEZGCo5Zr0B6Y/YeVxjARGApfyTtQMuIq/uYh
7rM42PJYarda9TqhGG755WV6q6rIcAii4N806jktMvYh9O867FxR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org