Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/xSg6sEGfR8tuQEJRRGGzTPZVzZU.roa
File: xSg6sEGfR8tuQEJRRGGzTPZVzZU.roa (raw, json)
Hash identifier: fAc3tWefhCki4sR/NboYpI4FTxnNgoyifZjPVqIlTQ4=
Subject key identifier: C5:28:3A:B0:41:9F:47:CB:6E:40:42:51:44:61:B3:4C:F6:55:CD:95
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018F7C560EED97E60E3297BEAB65BD8C818A
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/xSg6sEGfR8tuQEJRRGGzTPZVzZU.roa
Signing time: Wed 15 May 2024 12:59:25 +0000
ROA not before: Wed 15 May 2024 12:59:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 2.248.0.0/14 maxlen: 14
2.252.0.0/15 maxlen: 15
2.254.0.0/16 maxlen: 16
2.255.0.0/17 maxlen: 17
2.255.128.0/18 maxlen: 18
2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
62.20.0.0/16 maxlen: 16
78.64.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
81.228.4.0/23 maxlen: 23
81.228.4.0/24 maxlen: 24
81.228.5.0/24 maxlen: 24
82.214.0.0/18 maxlen: 18
90.224.0.0/12 maxlen: 12
95.109.0.0/17 maxlen: 17
95.192.0.0/12 maxlen: 12
192.16.152.0/23 maxlen: 23
192.16.153.0/24 maxlen: 24
192.150.58.0/23 maxlen: 23
192.150.60.0/22 maxlen: 22
192.150.64.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
192.150.80.0/23 maxlen: 23
193.44.0.0/15 maxlen: 15
194.16.0.0/15 maxlen: 15
194.18.0.0/16 maxlen: 16
194.22.0.0/15 maxlen: 15
194.218.0.0/16 maxlen: 16
194.236.0.0/15 maxlen: 15
195.67.0.0/16 maxlen: 16
195.198.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
212.28.192.0/19 maxlen: 19
212.181.0.0/16 maxlen: 16
213.64.0.0/14 maxlen: 14
217.208.0.0/13 maxlen: 13
Validation: Failed, certificate revoked on Mon 03 Jun 2024 11:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7c:56:0e:ed:97:e6:0e:32:97:be:ab:65:bd:8c:81:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: May 15 12:59:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5283ab0419f47cb6e4042514461b34cf655cd95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f1:6e:6d:d3:2b:05:ff:ec:1c:41:25:80:54:
95:e2:b4:8f:76:a9:20:82:91:ed:93:95:df:14:8a:
83:48:c8:3a:67:91:ca:da:33:a8:53:97:16:ef:39:
e4:21:02:a3:ba:4d:97:b7:d3:f9:11:4a:df:9c:c6:
71:66:6e:4f:f3:cd:39:4b:c7:5b:98:3e:3f:73:8d:
66:e6:ce:62:69:ed:30:d2:20:47:ae:b6:09:9a:08:
29:a5:ae:42:f2:38:19:3b:88:9e:19:07:08:14:5e:
2a:16:66:01:1f:75:d5:11:cb:58:d9:c2:dd:cb:8e:
5d:9f:f7:ae:8e:b4:a2:d5:b9:87:33:b6:34:de:78:
7c:0a:81:f9:c2:1c:f4:28:00:4e:0c:99:e4:7d:6d:
d6:17:61:07:77:18:cb:4d:59:7a:c5:32:c5:de:4c:
c6:f3:94:24:e7:f8:f9:b3:ae:cf:f2:e0:b3:39:31:
a9:17:c0:bc:0f:0e:85:fe:13:2d:00:83:ae:92:2c:
65:22:21:69:c8:72:7d:f8:46:8f:e8:92:be:9e:55:
c6:18:46:f6:37:e5:4f:ce:d3:f8:7f:99:c8:43:03:
13:fb:57:c9:f4:aa:e7:13:68:f1:5c:de:33:af:83:
18:b1:43:29:4a:e1:0c:af:28:c7:56:90:5b:80:98:
9a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:28:3A:B0:41:9F:47:CB:6E:40:42:51:44:61:B3:4C:F6:55:CD:95
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/xSg6sEGfR8tuQEJRRGGzTPZVzZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0-2.255.191.255
62.20.0.0/16
78.64.0.0/12
81.224.0.0/12
82.214.0.0/18
90.224.0.0/12
95.109.0.0/17
95.192.0.0/12
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
84:ec:c8:b5:c5:02:1c:3a:b9:43:c3:97:a7:9d:ed:bc:f8:9c:
97:6b:c5:5f:6c:60:24:e5:ee:ce:aa:e7:1a:a9:a8:87:0f:8d:
78:b4:8c:b9:36:a7:6b:f4:b6:cb:4c:74:7c:24:61:b0:56:1b:
6d:f5:b3:b0:c5:6d:aa:02:59:17:09:1c:83:f5:75:7f:d2:2f:
3a:3e:eb:54:72:2f:cb:9b:58:bc:5e:d0:55:d7:bd:2b:21:e6:
6f:9e:9e:73:6a:2c:45:52:9f:8c:3b:a4:dd:42:0f:93:89:0c:
3a:93:4b:48:90:01:2c:74:7e:83:86:f8:bf:8c:96:81:11:c8:
4c:88:34:2b:ef:39:cb:0d:3b:14:c0:4c:e1:57:03:a8:d3:31:
ea:8a:00:37:a2:64:9d:54:66:9d:b6:72:44:68:1c:ec:aa:57:
cd:5e:2a:c8:fd:80:9e:79:e8:58:0d:ad:2c:91:e6:e8:9d:1a:
1c:c5:04:35:0b:fc:06:9e:24:a0:f2:dc:6c:6a:b3:95:0a:e3:
b7:cc:d3:72:56:14:c6:58:bc:34:32:65:98:b5:d3:c3:79:ba:
b8:20:91:d6:28:3e:67:b3:1d:fe:0b:60:94:22:4a:6e:8a:0a:
dd:1f:db:e1:5e:e9:93:9b:a7:b2:eb:de:6b:d5:45:04:a2:e3:
c7:9a:12:bb
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAY98Vg7tl+YOMpe+q2W9jIGKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwNTE1MTI1OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI4M2FiMDQxOWY0N2NiNmU0MDQyNTE0NDYxYjM0Y2Y2NTVjZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfFubdMrBf/sHEElgFSV4rSPdqkg
gpHtk5XfFIqDSMg6Z5HK2jOoU5cW7znkIQKjuk2Xt9P5EUrfnMZxZm5P8805S8db
mD4/c41m5s5iae0w0iBHrrYJmggppa5C8jgZO4ieGQcIFF4qFmYBH3XVEctY2cLd
y45dn/eujrSi1bmHM7Y03nh8CoH5whz0KABODJnkfW3WF2EHdxjLTVl6xTLF3kzG
85Qk5/j5s67P8uCzOTGpF8C8Dw6F/hMtAIOukixlIiFpyHJ9+EaP6JK+nlXGGEb2
N+VPztP4f5nIQwMT+1fJ9KrnE2jxXN4zr4MYsUMpSuEMryjHVpBbgJiaMQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFMUoOrBBn0fLbkBCUURhs0z2Vc2VMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEveFNnNnNFR2ZSOHR1UUVKUlJHR3pUUFpWelpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBoAQCAAEwgZkwCwMD
AwL4AwQGAv+AAwMAPhQDAwROQAMDBFHgAwQGUtYAAwMEWuADBAdfbQADAwRfwAME
AcAQmDAMAwQBwJY6AwQBwJZEMAwDBAHAlk4DBAHAllADAwHBLDAKAwMEwhADAwDC
EgMDAcIWAwMAwtoDAwHC7AMDAMNDAwMAw8YDBAXD/CADBAXUHMADAwDUtQMDAtVA
AwMD2dAwDQYJKoZIhvcNAQELBQADggEBAITsyLXFAhw6uUPDl6ed7bz4nJdrxV9s
YCTl7s6q5xqpqIcPjXi0jLk2p2v0tstMdHwkYbBWG231s7DFbaoCWRcJHIP1dX/S
Lzo+61RyL8ubWLxe0FXXvSsh5m+ennNqLEVSn4w7pN1CD5OJDDqTS0iQASx0foOG
+L+MloERyEyINCvvOcsNOxTATOFXA6jTMeqKADeiZJ1UZp22ckRoHOyqV81eKsj9
gJ556FgNrSyR5uidGhzFBDUL/AaeJKDy3Gxqs5UK47fM03JWFMZYvDQyZZi108N5
urggkdYoPmezHf4LYJQiSm6KCt0f2+Fe6ZObp7Lr3mvVRQSi48eaErs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:04 2024 by rpki-client on console-ams.rpki-client.org