Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/X2td5VhQolYN_q-oCjUPaHfGDUA.roa
File: X2td5VhQolYN_q-oCjUPaHfGDUA.roa (raw, json)
Hash identifier: aRENVN9PgZ671mPScXVakutjBmz2XTovunKxZPEvxw0=
Subject key identifier: 5F:6B:5D:E5:58:50:A2:56:0D:FE:AF:A8:0A:35:0F:68:77:C6:0D:40
Certificate issuer: /CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Certificate serial: 0193C3C587CA0EBAB0910E1A034FBB53948F
Authority key identifier: 99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/X2td5VhQolYN_q-oCjUPaHfGDUA.roa
Signing time: Sat 14 Dec 2024 06:05:22 +0000
ROA not before: Sat 14 Dec 2024 06:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34718
IP address blocks: 62.209.128.0/19 maxlen: 19
80.80.208.0/20 maxlen: 20
80.80.208.0/23 maxlen: 23
80.80.210.0/24 maxlen: 24
80.80.211.0/24 maxlen: 24
80.80.212.0/22 maxlen: 22
80.80.216.0/21 maxlen: 21
89.236.192.0/18 maxlen: 18
94.141.70.0/24 maxlen: 24
94.141.80.0/24 maxlen: 24
94.141.82.0/24 maxlen: 24
94.141.83.0/24 maxlen: 24
94.141.84.0/24 maxlen: 24
94.141.85.0/24 maxlen: 24
94.141.89.0/24 maxlen: 24
94.141.95.0/24 maxlen: 24
185.6.40.0/22 maxlen: 22
185.248.44.0/22 maxlen: 22
194.55.92.0/22 maxlen: 22
217.30.164.0/22 maxlen: 22
217.30.168.0/24 maxlen: 24
217.30.174.0/24 maxlen: 24
2a02:f10::/32 maxlen: 32
2a03:540::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c3:c5:87:ca:0e:ba:b0:91:0e:1a:03:4f:bb:53:94:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Validity
Not Before: Dec 14 06:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6b5de55850a2560dfeafa80a350f6877c60d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c9:5e:5c:6f:e0:b8:6f:aa:62:df:55:8c:da:
a5:14:a1:81:2e:d4:84:f0:3b:85:c6:c5:5b:1a:97:
75:89:89:ad:54:7a:27:8b:af:22:b1:a6:7e:9c:99:
6e:a4:d5:f5:d2:67:89:31:64:83:a0:53:24:1e:12:
40:e1:ff:b4:e5:de:e0:b2:a0:65:55:af:4c:98:95:
82:5a:78:80:0f:1f:92:94:1f:16:8e:49:1f:ba:dc:
b7:da:fa:5d:cc:7b:ab:c0:ba:e7:d0:3d:37:a2:04:
4c:f9:a0:09:c5:e6:24:22:ae:0d:0f:e7:4d:44:58:
69:d0:d3:0f:69:c0:09:ba:b3:33:e2:19:34:19:78:
d6:6e:45:44:24:d4:f0:58:c3:bf:62:07:11:1e:94:
2e:18:1d:03:e5:f9:08:3f:90:be:38:31:f8:dc:48:
75:e6:8f:04:60:35:85:7c:54:e1:91:57:05:62:7d:
65:21:0f:77:00:28:12:92:6e:e0:df:64:68:6e:0b:
26:ad:ed:cf:1e:0c:8f:1a:04:d9:36:35:13:f8:c1:
86:27:19:6e:5f:5b:a2:b7:99:00:3a:c5:b3:bd:a6:
6f:26:97:aa:f7:a2:78:bf:cb:9d:cf:d3:0f:38:fa:
10:45:80:cd:69:7f:c2:be:b0:7d:b5:3d:a7:92:eb:
08:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6B:5D:E5:58:50:A2:56:0D:FE:AF:A8:0A:35:0F:68:77:C6:0D:40
X509v3 Authority Key Identifier:
keyid:99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/X2td5VhQolYN_q-oCjUPaHfGDUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.209.128.0/19
80.80.208.0/20
89.236.192.0/18
94.141.70.0/24
94.141.80.0/24
94.141.82.0-94.141.85.255
94.141.89.0/24
94.141.95.0/24
185.6.40.0/22
185.248.44.0/22
194.55.92.0/22
217.30.164.0-217.30.168.255
217.30.174.0/24
IPv6:
2a02:f10::/32
2a03:540::/32
Signature Algorithm: sha256WithRSAEncryption
94:cb:54:0f:2c:35:0b:6a:c0:69:80:4f:f7:be:c3:5e:68:47:
a7:6e:9f:c8:28:f0:00:ac:59:fc:56:2a:74:84:55:a5:45:e4:
bd:7c:ce:1c:8c:24:33:09:29:40:4b:33:28:bd:c9:48:25:0f:
82:fb:b7:08:64:73:cf:0f:9a:3a:41:c6:ea:f7:62:d2:c2:f9:
aa:5c:f7:2d:1b:54:90:b0:28:ba:80:1f:af:6d:3a:8d:18:34:
68:3a:34:74:8f:d9:ac:03:a4:9d:03:55:8f:92:04:d0:0b:c2:
52:4d:2b:ea:24:31:39:de:76:a0:5f:1c:45:d6:e5:c4:2b:0d:
f7:07:e0:ce:ef:91:2a:19:20:a8:33:50:ad:56:7d:e8:e0:9f:
60:c2:57:95:8d:1b:9c:16:4e:ae:0e:bd:cc:3b:f4:63:c8:0b:
17:61:50:a8:f5:7a:b4:b2:e1:a2:46:59:e9:e9:63:de:8e:78:
80:2d:43:24:29:ae:9d:46:e1:7b:d7:f5:82:c8:48:44:7c:a1:
ff:91:78:1d:d5:54:93:b7:7a:de:44:eb:27:a6:3a:7c:90:61:
16:28:e7:22:3e:4f:9b:4e:bb:6e:4c:3e:01:4e:05:d9:1e:e9:
e9:2c:86:ed:ed:a0:6c:07:0b:61:1d:ce:e5:69:ea:32:ca:7c:
3d:46:42:96
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZPDxYfKDrqwkQ4aA0+7U5SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzkwMGY2NmU3MGIyZmZmZDljMGNlOTI2MDJmMmY0NWM2
NTk5NjEwHhcNMjQxMjE0MDYwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZiNWRlNTU4NTBhMjU2MGRmZWFmYTgwYTM1MGY2ODc3YzYwZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8leXG/guG+qYt9VjNqlFKGBLtSE
8DuFxsVbGpd1iYmtVHoni68isaZ+nJlupNX10meJMWSDoFMkHhJA4f+05d7gsqBl
Va9MmJWCWniADx+SlB8Wjkkfuty32vpdzHurwLrn0D03ogRM+aAJxeYkIq4ND+dN
RFhp0NMPacAJurMz4hk0GXjWbkVEJNTwWMO/YgcRHpQuGB0D5fkIP5C+ODH43Eh1
5o8EYDWFfFThkVcFYn1lIQ93ACgSkm7g32Robgsmre3PHgyPGgTZNjUT+MGGJxlu
X1uit5kAOsWzvaZvJpeq96J4v8udz9MPOPoQRYDNaX/CvrB9tT2nkusIBwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFF9rXeVYUKJWDf6vqAo1D2h3xg1AMB8GA1UdIwQY
MBaAFJk5APZucLL//ZwM6SYC8vRcZZlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2Qt
ZGVmNmVmYjQ0MzE5LzEvWDJ0ZDVWaFFvbFlOX3Etb0NqVVBhSGZHRFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2QtZGVmNmVmYjQ0MzE5
LzEvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXgMEBT7RgAME
BFBQ0AMEBlnswAMEAF6NRgMEAF6NUDAMAwQBXo1SAwQBXo1UAwQAXo1ZAwQAXo1f
AwQCuQYoAwQCufgsAwQCwjdcMAwDBALZHqQDBADZHqgDBADZHq4wFAQCAAIwDgMF
ACoCDxADBQAqAwVAMA0GCSqGSIb3DQEBCwUAA4IBAQCUy1QPLDULasBpgE/3vsNe
aEenbp/IKPAArFn8Vip0hFWlReS9fM4cjCQzCSlASzMovclIJQ+C+7cIZHPPD5o6
Qcbq92LSwvmqXPctG1SQsCi6gB+vbTqNGDRoOjR0j9msA6SdA1WPkgTQC8JSTSvq
JDE53nagXxxF1uXEKw33B+DO75EqGSCoM1CtVn3o4J9gwleVjRucFk6uDr3MO/Rj
yAsXYVCo9Xq0suGiRlnp6WPejniALUMkKa6dRuF71/WCyEhEfKH/kXgd1VSTt3re
ROsnpjp8kGEWKOciPk+bTrtuTD4BTgXZHunpLIbt7aBsBwthHc7laeoyynw9RkKW
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:13 2025 by rpki-client