Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/X53u3TYkG7GIgvt1e1qFjJES6L8.roa
File: X53u3TYkG7GIgvt1e1qFjJES6L8.roa (raw, json)
Hash identifier: FIz4EGI40AkKuRKrmZhmKuhRCh1wZBP9Q7ZUQ4I0dHw=
Subject key identifier: 5F:9D:EE:DD:36:24:1B:B1:88:82:FB:75:7B:5A:85:8C:91:12:E8:BF
Certificate issuer: /CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Certificate serial: 018571F0FBE38EBECA3EB7D5A5F188674C37
Authority key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/X53u3TYkG7GIgvt1e1qFjJES6L8.roa
Signing time: Mon 02 Jan 2023 10:04:56 +0000
ROA not before: Mon 02 Jan 2023 10:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25441
IP address blocks: 89.124.0.0/17 maxlen: 17
89.127.128.0/18 maxlen: 18
85.134.136.0/21 maxlen: 21
83.141.64.0/18 maxlen: 18
85.134.144.0/21 maxlen: 21
85.134.152.0/21 maxlen: 21
89.127.224.0/20 maxlen: 20
89.124.128.0/18 maxlen: 18
85.134.160.0/21 maxlen: 21
85.134.168.0/21 maxlen: 21
89.127.240.0/21 maxlen: 21
85.134.176.0/21 maxlen: 21
85.134.184.0/21 maxlen: 21
89.127.248.0/22 maxlen: 22
87.232.0.0/19 maxlen: 19
89.127.192.0/19 maxlen: 19
85.134.128.0/21 maxlen: 21
85.134.128.0/17 maxlen: 17
62.231.32.0/19 maxlen: 19
89.127.0.0/17 maxlen: 17
78.135.208.0/21 maxlen: 21
78.135.216.0/21 maxlen: 21
78.135.224.0/21 maxlen: 21
78.135.232.0/21 maxlen: 21
78.135.240.0/21 maxlen: 21
78.135.248.0/21 maxlen: 21
87.192.216.0/22 maxlen: 22
87.192.224.0/19 maxlen: 19
87.192.222.0/23 maxlen: 23
89.126.28.0/22 maxlen: 22
185.247.52.0/22 maxlen: 22
89.126.0.0/22 maxlen: 22
89.126.4.0/22 maxlen: 22
89.126.0.0/16 maxlen: 16
89.126.8.0/22 maxlen: 22
89.126.12.0/22 maxlen: 22
89.126.16.0/22 maxlen: 22
89.126.20.0/22 maxlen: 22
89.126.24.0/22 maxlen: 22
85.134.240.0/21 maxlen: 21
87.232.160.0/19 maxlen: 19
87.192.64.0/20 maxlen: 20
89.124.224.0/20 maxlen: 20
85.134.248.0/21 maxlen: 21
89.124.246.0/23 maxlen: 23
87.192.84.0/22 maxlen: 22
89.124.245.0/24 maxlen: 24
87.232.192.0/24 maxlen: 24
87.192.82.0/23 maxlen: 23
87.232.194.0/23 maxlen: 23
89.124.248.0/21 maxlen: 21
87.232.196.0/22 maxlen: 22
87.192.88.0/21 maxlen: 21
87.232.200.0/21 maxlen: 21
87.192.96.0/19 maxlen: 19
87.232.208.0/20 maxlen: 20
89.125.0.0/16 maxlen: 16
87.192.0.0/18 maxlen: 18
85.134.192.0/21 maxlen: 21
89.127.254.0/23 maxlen: 23
85.134.200.0/21 maxlen: 21
85.134.208.0/21 maxlen: 21
89.124.192.0/19 maxlen: 19
85.134.216.0/21 maxlen: 21
87.232.144.0/20 maxlen: 20
85.134.224.0/21 maxlen: 21
85.134.232.0/21 maxlen: 21
87.192.192.0/20 maxlen: 20
78.135.128.0/17 maxlen: 17
87.192.208.0/21 maxlen: 21
87.232.226.0/23 maxlen: 23
87.232.225.0/24 maxlen: 24
87.232.228.0/22 maxlen: 22
87.232.232.0/21 maxlen: 21
87.192.128.0/18 maxlen: 18
87.232.240.0/21 maxlen: 21
87.232.248.0/23 maxlen: 23
2001:4d68::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:fb:e3:8e:be:ca:3e:b7:d5:a5:f1:88:67:4c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Validity
Not Before: Jan 2 10:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f9deedd36241bb18882fb757b5a858c9112e8bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:51:7f:4d:14:c9:33:69:d9:67:c9:50:36:94:
77:95:56:0a:ea:29:42:68:1c:8b:9f:1e:6e:ab:8c:
b6:12:fb:7b:c5:6c:d6:40:f3:cf:bf:90:ba:33:1b:
71:87:48:82:44:d1:68:5e:0e:a1:0f:19:bc:f8:96:
13:43:b2:16:e8:40:73:25:f9:2a:00:e6:b9:2a:61:
47:3a:29:ed:0b:d5:94:55:43:0c:7d:e3:10:c1:87:
5f:e8:d3:1b:a9:8b:fe:18:9e:33:a0:eb:0d:f8:47:
a3:8b:b1:76:5a:9b:7c:cf:93:57:fc:4e:bb:bc:f7:
94:ea:9a:65:00:1c:cc:09:d3:2e:7d:9e:d3:00:c4:
59:b3:d2:90:41:e8:61:fa:2c:ad:82:7b:a7:7f:9e:
fc:1f:fb:d6:d5:49:08:bc:b2:db:3a:18:4a:cd:47:
25:b7:e4:c3:87:f8:b3:18:76:9e:f0:8f:65:19:87:
c4:3f:ad:e7:57:03:a1:83:34:21:8b:11:68:10:64:
76:07:05:72:fc:ba:26:04:d4:e8:11:27:5d:61:68:
c1:cb:3f:0e:76:5b:01:70:13:0d:17:a4:37:56:20:
0b:58:1f:30:7e:75:ff:1e:bc:17:5b:ef:93:aa:fe:
cb:45:d6:f3:7a:71:df:6c:39:f8:38:b6:3f:d5:8e:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9D:EE:DD:36:24:1B:B1:88:82:FB:75:7B:5A:85:8C:91:12:E8:BF
X509v3 Authority Key Identifier:
keyid:2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/X53u3TYkG7GIgvt1e1qFjJES6L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.82.0-87.192.219.255
87.192.222.0-87.192.255.255
87.232.0.0/19
87.232.144.0-87.232.192.255
87.232.194.0-87.232.223.255
87.232.225.0-87.232.249.255
89.124.0.0-89.124.239.255
89.124.245.0-89.127.251.255
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
Signature Algorithm: sha256WithRSAEncryption
4f:38:fd:f1:28:76:d0:52:b0:dc:f5:81:cf:83:74:b8:cc:47:
e1:fe:a3:c4:5b:9c:19:03:76:80:b4:13:9e:ab:c7:12:fb:25:
4b:92:ca:34:f1:bb:54:9e:e0:b4:86:d6:a2:03:2a:bb:8e:0c:
e0:25:3f:e0:4c:36:e4:61:9b:7f:0e:47:77:40:a7:49:d8:f5:
3b:0e:49:19:ad:1a:2b:7c:7f:c0:85:cb:1b:e8:ac:d5:97:bc:
a6:96:b7:3c:7d:c6:14:c4:2e:bd:c9:cb:d0:80:96:e4:db:fc:
e3:65:1e:24:c9:34:53:3e:71:f3:b7:22:4c:d7:03:69:48:87:
74:bb:c1:37:14:cc:bc:28:83:49:80:c3:6c:77:9b:23:37:ea:
0f:3c:89:01:e9:68:c6:17:78:2c:d6:d2:89:26:fc:4b:fb:a8:
4a:2c:6b:60:30:7e:3b:e9:d4:b5:4e:3d:fa:61:3e:42:2e:42:
35:84:c7:f1:cb:3e:a5:fc:6d:e6:88:8a:43:c4:f5:e1:77:b6:
04:9b:33:14:d6:57:10:ff:cb:46:5c:32:d1:57:ab:85:e7:44:
b1:25:e5:75:59:73:2c:22:00:46:11:5e:96:6a:b5:2a:ff:a4:
0c:a3:ad:ae:f5:a4:83:0c:a8:8b:f8:64:5a:04:60:37:06:a0:
24:8d:0f:8f
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYVx8Pvjjr7KPrfVpfGIZ0w3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTFjZmQ3NTdmNTFmMmZlYjc0NTA5ZTljMzliZTQ2ODA2
YmU2NDIwHhcNMjMwMTAyMTAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjlkZWVkZDM2MjQxYmIxODg4MmZiNzU3YjVhODU4YzkxMTJlOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1F/TRTJM2nZZ8lQNpR3lVYK6ilC
aByLnx5uq4y2Evt7xWzWQPPPv5C6Mxtxh0iCRNFoXg6hDxm8+JYTQ7IW6EBzJfkq
AOa5KmFHOintC9WUVUMMfeMQwYdf6NMbqYv+GJ4zoOsN+Eeji7F2Wpt8z5NX/E67
vPeU6pplABzMCdMufZ7TAMRZs9KQQehh+iytgnunf578H/vW1UkIvLLbOhhKzUcl
t+TDh/izGHae8I9lGYfEP63nVwOhgzQhixFoEGR2BwVy/LomBNToESddYWjByz8O
dlsBcBMNF6Q3ViALWB8wfnX/HrwXW++Tqv7LRdbzenHfbDn4OLY/1Y7S2wIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFF+d7t02JBuxiIL7dXtahYyREui/MB8GA1UdIwQY
MBaAFCuhz9dX9R8v63RQnpw5vkaAa+ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUt
NTc4OWRlNDI0YTQyLzEvWDUzdTNUWWtHN0dJZ3Z0MWUxcUZqSkVTNkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUtNTc4OWRlNDI0YTQy
LzEvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBngQCAAEwgZcDBAU+
5yADBAdOh4ADBAZTjUADBAdVhoAwCwMDBlfAAwQEV8BAMAwDBAFXwFIDBAJXwNgw
CwMEAVfA3gMDAFfAAwQFV+gAMAwDBARX6JADBABX6MAwDAMEAVfowgMEBVfowDAM
AwQAV+jhAwQBV+j4MAsDAwJZfAMEBFl84DAMAwQAWXz1AwQCWX/4AwQBWX/+AwQC
ufc0MA0EAgACMAcDBQAgAU1oMA0GCSqGSIb3DQEBCwUAA4IBAQBPOP3xKHbQUrDc
9YHPg3S4zEfh/qPEW5wZA3aAtBOeq8cS+yVLkso08btUnuC0htaiAyq7jgzgJT/g
TDbkYZt/Dkd3QKdJ2PU7DkkZrRorfH/Ahcsb6KzVl7ymlrc8fcYUxC69ycvQgJbk
2/zjZR4kyTRTPnHztyJM1wNpSId0u8E3FMy8KINJgMNsd5sjN+oPPIkB6WjGF3gs
1tKJJvxL+6hKLGtgMH476dS1Tj36YT5CLkI1hMfxyz6l/G3miIpDxPXhd7YEmzMU
1lcQ/8tGXDLRV6uF50SxJeV1WXMsIgBGEV6WarUq/6QMo62u9aSDDKiL+GRaBGA3
BqAkjQ+P
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:00 2024 by rpki-client on console-fra.rpki-client.org