Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/xfQv3DRy9f8S6nzR3dpjEo-2sLk.roa
File: xfQv3DRy9f8S6nzR3dpjEo-2sLk.roa (raw, json)
Hash identifier: aahl+dGjOiqgPLbU17/Pr0BvlJWniNtrWRzNcf5+ERw=
Subject key identifier: C5:F4:2F:DC:34:72:F5:FF:12:EA:7C:D1:DD:DA:63:12:8F:B6:B0:B9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018FDDD61C799166C48F7B2ACD0CECB56375
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/xfQv3DRy9f8S6nzR3dpjEo-2sLk.roa
Signing time: Mon 03 Jun 2024 11:22:27 +0000
ROA not before: Mon 03 Jun 2024 11:22:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 21
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 17
85.254.49.0/24 maxlen: 24
85.254.50.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.128.0/18 maxlen: 18
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 16
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.100.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 22
217.69.112.0/20 maxlen: 20
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Jul 2024 11:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:d6:1c:79:91:66:c4:8f:7b:2a:cd:0c:ec:b5:63:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 3 11:22:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5f42fdc3472f5ff12ea7cd1ddda63128fb6b0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e8:d4:6d:d5:3f:75:e1:6e:44:66:dd:63:87:
61:60:95:85:4c:15:68:a7:41:33:28:a5:43:1b:0f:
e0:d4:7e:af:59:05:53:cc:64:35:e8:08:1d:74:72:
74:c3:df:e8:29:45:a7:29:f8:e8:79:0c:a8:46:ec:
e0:6c:36:f7:94:dc:f2:d7:5c:33:22:e8:45:37:dc:
a9:8e:f2:48:4f:32:7e:0c:09:5c:f9:b6:19:c5:63:
b3:f5:c6:87:f8:02:86:cc:e4:1d:50:90:45:5e:3a:
4b:67:a5:ef:23:25:61:92:bb:d8:6f:30:6d:1d:ea:
5e:6c:fc:a4:13:bb:a5:9f:7e:17:a9:00:f3:f4:85:
85:75:e2:60:b9:b8:35:dc:1e:35:1e:3b:cf:cf:19:
52:f8:49:8b:a2:ad:cc:e2:bf:8b:b1:8d:32:1e:3d:
82:f5:9c:89:7c:cf:c8:dc:ab:98:43:51:bf:93:83:
48:48:71:bb:54:4a:d0:3c:46:3d:ca:1c:a3:ab:79:
0d:67:c6:6c:5d:13:58:ba:c0:03:3f:d5:27:c3:b0:
ff:52:02:73:36:6d:23:96:a9:2d:7f:9f:a4:ef:b1:
22:9d:c5:db:89:6c:7f:9f:9e:11:ec:5d:72:89:47:
49:74:84:d9:bf:f8:61:50:48:b9:c3:27:32:20:ed:
6a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F4:2F:DC:34:72:F5:FF:12:EA:7C:D1:DD:DA:63:12:8F:B6:B0:B9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/xfQv3DRy9f8S6nzR3dpjEo-2sLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
3f:24:bc:39:1d:c3:65:ab:a6:20:70:d6:ef:5f:c7:34:10:23:
4b:be:72:4d:91:66:64:56:a0:63:8d:8e:1d:c5:50:b3:f6:90:
54:98:4d:77:1f:6d:22:98:f9:42:f7:66:d5:57:8e:19:71:85:
55:07:59:05:dc:91:af:a0:f1:12:0c:df:39:f0:f8:3c:ac:86:
3f:e0:8c:bb:fd:c5:d7:c8:79:a7:07:00:6f:73:29:f2:4f:40:
ea:21:12:62:e3:83:21:74:4b:34:e7:ba:86:39:58:1b:8d:28:
48:b8:76:2d:86:e5:79:92:85:e1:8d:12:73:4b:af:43:3a:fc:
70:8e:b6:86:a3:3e:d8:90:89:97:0b:e3:9c:23:5e:1f:bd:df:
3b:c7:b4:eb:57:8d:57:a0:26:ea:3f:76:a1:7a:c0:65:de:f7:
6c:fd:67:6c:c9:23:8b:2c:4f:10:59:92:a2:84:ca:14:64:2a:
40:28:c4:cd:12:5e:df:77:19:a7:f1:13:7f:ea:1e:24:db:02:
f6:27:99:ab:22:f8:e1:17:0b:23:2b:07:3a:3b:b6:58:9b:82:
e9:30:7a:3a:39:41:fa:d7:79:00:d0:05:31:be:d1:46:9c:29:
d7:34:4d:73:3a:23:55:52:26:80:91:3a:b7:3e:73:3e:ad:b4:
73:91:50:47
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY/d1hx5kWbEj3sqzQzstWN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNjAzMTEyMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY0MmZkYzM0NzJmNWZmMTJlYTdjZDFkZGRhNjMxMjhmYjZiMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOjUbdU/deFuRGbdY4dhYJWFTBVo
p0EzKKVDGw/g1H6vWQVTzGQ16AgddHJ0w9/oKUWnKfjoeQyoRuzgbDb3lNzy11wz
IuhFN9ypjvJITzJ+DAlc+bYZxWOz9caH+AKGzOQdUJBFXjpLZ6XvIyVhkrvYbzBt
HepebPykE7uln34XqQDz9IWFdeJgubg13B41HjvPzxlS+EmLoq3M4r+LsY0yHj2C
9ZyJfM/I3KuYQ1G/k4NISHG7VErQPEY9yhyjq3kNZ8ZsXRNYusADP9Unw7D/UgJz
Nm0jlqktf5+k77EincXbiWx/n54R7F1yiUdJdITZv/hhUEi5wycyIO1qlwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFMX0L9w0cvX/Eup80d3aYxKPtrC5MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEveGZRdjNEUnk5ZjhTNm56UjNkcGpFby0yc0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IBAQA/JLw5
HcNlq6YgcNbvX8c0ECNLvnJNkWZkVqBjjY4dxVCz9pBUmE13H20imPlC92bVV44Z
cYVVB1kF3JGvoPESDN858Pg8rIY/4Iy7/cXXyHmnBwBvcynyT0DqIRJi44MhdEs0
57qGOVgbjShIuHYthuV5koXhjRJzS69DOvxwjraGoz7YkImXC+OcI14fvd87x7Tr
V41XoCbqP3ahesBl3vds/WdsySOLLE8QWZKihMoUZCpAKMTNEl7fdxmn8RN/6h4k
2wL2J5mrIvjhFwsjKwc6O7ZYm4LpMHo6OUH613kA0AUxvtFGnCnXNE1zOiNVUiaA
kTq3PnM+rbRzkVBH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:57 2025 by rpki-client