Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Xpkj0pvEOOxVEgzz4Rl4-drQXQE.roa
File: Xpkj0pvEOOxVEgzz4Rl4-drQXQE.roa (raw, json)
Hash identifier: 8nanMy69n/t93wKAV2TaeZxKZZ8WWHbAE8/+u4iZjC8=
Subject key identifier: 5E:99:23:D2:9B:C4:38:EC:55:12:0C:F3:E1:19:78:F9:DA:D0:5D:01
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 018B41FADBA961D3C8DC8013E27F4EF819C8
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Xpkj0pvEOOxVEgzz4Rl4-drQXQE.roa
Signing time: Wed 18 Oct 2023 08:50:41 +0000
ROA not before: Wed 18 Oct 2023 08:50:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56655
IP address blocks: 195.16.73.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
45.88.200.0/24 maxlen: 24
185.14.97.0/24 maxlen: 24
185.181.60.0/22 maxlen: 24
185.125.168.0/22 maxlen: 24
198.140.141.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.216.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
2a03:94e1::/32 maxlen: 32
2a0a:cd80::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 32
2a03:94e0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Dec 2023 00:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:fa:db:a9:61:d3:c8:dc:80:13:e2:7f:4e:f8:19:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Oct 18 08:50:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e9923d29bc438ec55120cf3e11978f9dad05d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f5:5d:6b:6e:0f:95:57:bc:ca:64:54:7f:d6:
8a:69:c8:d1:ef:5e:79:7e:ca:d2:9e:23:55:51:5c:
b3:bb:fe:25:cc:b9:aa:fd:df:9f:f5:27:c7:83:1b:
d2:ce:44:8f:24:71:a8:43:15:03:28:80:87:4e:23:
9c:8f:fe:50:c4:ae:e3:73:85:b0:5d:1d:bf:9d:60:
22:67:05:2c:bc:4b:c4:41:37:09:8d:f7:4f:61:fe:
84:06:45:12:94:d9:87:2c:d4:ac:0a:1f:5c:30:4d:
13:a2:6d:2f:d8:05:0f:10:65:96:e2:13:35:7f:3a:
61:a2:22:e1:8e:e8:8f:a0:71:b1:87:52:1f:87:f0:
51:89:b2:e1:97:b7:ed:7a:ab:a6:04:73:83:7f:85:
d6:c1:5e:c3:56:41:e0:b5:68:24:b9:87:6d:fa:67:
b6:88:5a:ee:f2:ce:6f:da:32:b0:c0:09:db:d6:a2:
84:ae:76:76:99:c2:14:49:e1:73:b9:9e:01:fe:29:
c7:1d:64:43:7e:48:8a:21:f5:d7:bb:9c:55:cb:16:
0d:1e:60:14:70:02:8a:17:67:f9:ea:c9:26:6c:7e:
06:88:b0:b6:93:6e:dd:81:56:cd:a3:fd:d6:eb:cb:
bf:cd:14:41:05:6c:54:21:45:75:2c:bb:86:ef:af:
e2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:99:23:D2:9B:C4:38:EC:55:12:0C:F3:E1:19:78:F9:DA:D0:5D:01
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Xpkj0pvEOOxVEgzz4Rl4-drQXQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0/23
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
194.32.107.0/24
195.16.73.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
2a0a:cd80::/32
Signature Algorithm: sha256WithRSAEncryption
6c:e9:65:12:d3:7a:b4:49:73:07:93:85:35:97:90:57:b9:ed:
e1:f4:fb:76:5a:dd:19:24:d1:84:f0:ae:0d:2f:57:59:d8:6a:
c4:06:4d:2b:3f:1e:71:5a:ad:0f:de:a2:a2:61:db:de:a9:73:
c3:e5:ad:37:07:d1:04:8b:42:aa:cd:b9:f8:87:59:ac:4f:c4:
13:79:4f:b2:4f:cd:b5:99:20:20:38:57:b1:3f:1e:10:0b:61:
c4:80:e6:0f:ca:4d:ab:4a:eb:9d:5e:67:36:85:87:f8:b6:80:
f0:9f:d6:32:32:d5:c4:73:1a:63:02:69:bd:bc:61:1d:43:8d:
cd:7d:6e:cd:21:4d:c2:7c:80:14:1c:27:40:55:58:21:dc:d3:
0d:ff:30:11:7c:27:75:dc:e6:b7:f4:d4:27:db:3b:69:cf:d1:
8f:8d:da:69:5d:c9:af:4d:45:63:17:be:d0:39:f8:d1:52:70:
f0:31:d8:d6:6f:71:cb:46:59:9c:ae:60:e6:ba:a7:06:55:61:
03:37:2d:ad:32:ca:f9:9f:4e:27:f3:68:17:45:8d:39:cd:57:
aa:d8:22:22:17:be:0b:0e:5f:c5:48:8b:4b:c1:67:3e:b0:eb:
be:ba:11:02:56:03:c9:a7:59:7d:c3:ab:c0:6e:a3:d2:09:05:
47:11:0b:1d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYtB+tupYdPI3IAT4n9O+BnIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjMxMDE4MDg1MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTk5MjNkMjliYzQzOGVjNTUxMjBjZjNlMTE5NzhmOWRhZDA1ZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fVda24PlVe8ymRUf9aKacjR7155
fsrSniNVUVyzu/4lzLmq/d+f9SfHgxvSzkSPJHGoQxUDKICHTiOcj/5QxK7jc4Ww
XR2/nWAiZwUsvEvEQTcJjfdPYf6EBkUSlNmHLNSsCh9cME0Tom0v2AUPEGWW4hM1
fzphoiLhjuiPoHGxh1Ifh/BRibLhl7ftequmBHODf4XWwV7DVkHgtWgkuYdt+me2
iFru8s5v2jKwwAnb1qKErnZ2mcIUSeFzuZ4B/inHHWRDfkiKIfXXu5xVyxYNHmAU
cAKKF2f56skmbH4GiLC2k27dgVbNo/3W68u/zRRBBWxUIUV1LLuG76/ipwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFF6ZI9KbxDjsVRIM8+EZePna0F0BMB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvWHBrajBwdkVPT3hWRWd6ejRSbDQtZHJRWFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQBLVjIAwQA
uQ5hAwQCuX2oAwQCubU8MAwDBAO589gDBAC589oDBADCIGsDBADDEEkDBADGjI0w
FAQCAAIwDgMFAioDlOADBQAqCs2AMA0GCSqGSIb3DQEBCwUAA4IBAQBs6WUS03q0
SXMHk4U1l5BXue3h9Pt2Wt0ZJNGE8K4NL1dZ2GrEBk0rPx5xWq0P3qKiYdveqXPD
5a03B9EEi0Kqzbn4h1msT8QTeU+yT821mSAgOFexPx4QC2HEgOYPyk2rSuudXmc2
hYf4toDwn9YyMtXEcxpjAmm9vGEdQ43NfW7NIU3CfIAUHCdAVVgh3NMN/zARfCd1
3Oa39NQn2ztpz9GPjdppXcmvTUVjF77QOfjRUnDwMdjWb3HLRlmcrmDmuqcGVWED
Ny2tMsr5n04n82gXRY05zVeq2CIiF74LDl/FSItLwWc+sOu+uhECVgPJp1l9w6vA
bqPSCQVHEQsd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:30 2024 by rpki-client on console-ams.rpki-client.org