Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/XU_9LpntLBSOugxZJ984zZNLWNU.roa
File: XU_9LpntLBSOugxZJ984zZNLWNU.roa (raw, json)
Hash identifier: 7+tNoNW6oEzTq7UsjkjaeWi8PYKzE9VsXwdgR1bwmNc=
Subject key identifier: 5D:4F:FD:2E:99:ED:2C:14:8E:BA:0C:59:27:DF:38:CD:93:4B:58:D5
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D559C4C3B195FADE64A7C19A03CBF
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/XU_9LpntLBSOugxZJ984zZNLWNU.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34754
IP address blocks: 88.87.0.0/24 maxlen: 24
88.87.4.0/24 maxlen: 24
88.87.1.0/24 maxlen: 24
88.87.2.0/24 maxlen: 24
88.87.3.0/24 maxlen: 24
88.87.0.0/19 maxlen: 24
88.87.8.0/24 maxlen: 24
88.87.10.0/24 maxlen: 24
88.87.5.0/24 maxlen: 24
88.87.8.0/23 maxlen: 24
88.87.10.0/23 maxlen: 24
88.87.6.0/23 maxlen: 24
88.87.14.0/24 maxlen: 24
88.87.15.0/24 maxlen: 24
88.87.12.0/23 maxlen: 24
88.87.16.0/23 maxlen: 24
88.87.22.0/24 maxlen: 24
88.87.23.0/24 maxlen: 24
88.87.22.0/23 maxlen: 24
79.100.144.0/20 maxlen: 24
88.87.24.0/22 maxlen: 24
88.87.18.0/23 maxlen: 24
88.87.20.0/23 maxlen: 24
88.87.30.0/24 maxlen: 24
88.87.31.0/24 maxlen: 24
88.87.28.0/23 maxlen: 24
212.50.82.0/23 maxlen: 24
212.50.84.0/23 maxlen: 24
212.50.80.0/23 maxlen: 24
212.50.79.0/24 maxlen: 24
212.50.88.0/23 maxlen: 24
212.50.90.0/23 maxlen: 24
212.50.86.0/23 maxlen: 24
212.50.91.0/24 maxlen: 24
212.50.94.0/23 maxlen: 24
212.50.92.0/24 maxlen: 24
212.50.93.0/24 maxlen: 24
193.228.172.0/23 maxlen: 24
193.228.182.0/23 maxlen: 24
212.50.64.0/22 maxlen: 24
212.50.64.0/19 maxlen: 24
212.50.68.0/22 maxlen: 24
212.50.70.0/24 maxlen: 24
212.50.76.0/22 maxlen: 24
212.50.72.0/22 maxlen: 24
212.50.78.0/24 maxlen: 24
212.50.76.0/24 maxlen: 24
212.50.77.0/24 maxlen: 24
87.254.164.0/23 maxlen: 24
87.254.160.0/23 maxlen: 24
87.254.160.0/19 maxlen: 24
87.254.162.0/23 maxlen: 24
87.254.163.0/24 maxlen: 24
87.254.164.0/24 maxlen: 24
87.254.162.0/24 maxlen: 24
109.199.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 09:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:55:9c:4c:3b:19:5f:ad:e6:4a:7c:19:a0:3c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d4ffd2e99ed2c148eba0c5927df38cd934b58d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:78:d8:4a:ea:d1:ff:81:35:71:47:62:c5:55:
9f:5e:76:8d:11:0f:ac:3b:ea:52:c7:4e:57:a9:a5:
bc:37:2d:1e:9a:9c:09:05:d3:64:21:44:da:ed:35:
b7:38:cc:90:cf:15:d1:30:b7:de:cb:a9:23:a2:2d:
3c:6a:c8:cc:ab:f1:37:0b:88:ee:8c:3e:a3:d2:41:
9b:36:02:3f:33:cc:87:8b:a9:8d:af:8f:b4:53:22:
11:8d:09:fd:fb:24:9b:e4:ba:af:f1:01:7f:d5:cb:
e5:4d:b4:7a:c4:76:ac:17:b5:43:bd:fd:b2:1f:89:
36:e4:7b:d4:8f:6f:0a:9e:db:99:27:64:fa:30:31:
04:00:db:12:df:84:22:ad:62:6f:d8:2e:f3:7b:e6:
84:12:ca:c0:30:e8:49:b5:1e:76:f4:02:90:5e:2e:
b7:5b:a2:85:3a:9a:32:ec:8b:14:87:e5:95:96:68:
e5:b0:bb:fb:91:cc:61:82:e4:cc:73:ce:bf:f9:1c:
67:e9:fb:08:4b:3f:07:01:3a:57:5c:5b:26:d5:6d:
7d:8c:ef:3e:bf:11:fd:9e:58:1b:5d:73:3b:4b:56:
8f:da:d8:cd:89:71:9e:20:7d:11:7c:14:ba:e1:aa:
1b:7a:fb:21:de:ab:84:29:f9:06:7f:70:af:23:17:
90:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4F:FD:2E:99:ED:2C:14:8E:BA:0C:59:27:DF:38:CD:93:4B:58:D5
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/XU_9LpntLBSOugxZJ984zZNLWNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.100.144.0/20
87.254.160.0/19
88.87.0.0/19
109.199.128.0/19
193.228.172.0/23
193.228.182.0/23
212.50.64.0/19
Signature Algorithm: sha256WithRSAEncryption
35:9e:c9:c1:d3:86:61:66:1b:51:45:08:45:2b:a3:df:3e:f9:
aa:c6:8c:0d:a3:e8:22:3d:56:96:3b:0c:c0:9e:62:be:51:2c:
7a:1b:2f:d6:15:80:94:c5:ae:a8:20:19:c6:1c:1e:fd:df:96:
f8:79:69:26:e4:43:ed:b8:97:28:dc:ce:df:71:c0:96:53:2f:
ac:7f:93:88:8b:a9:88:16:91:f2:a2:3a:e8:f3:0a:28:30:d3:
4e:7c:93:53:78:39:f6:36:d7:fe:1c:f3:60:a5:fc:74:5a:dc:
33:7f:62:f4:21:0f:5f:bc:e9:5b:d4:5d:8a:fa:7c:70:ae:55:
8a:db:c7:ce:32:56:aa:65:c8:0a:df:12:87:d3:1c:60:cd:80:
a2:a8:00:f8:11:f4:a2:75:6d:65:2e:40:89:e1:6a:6f:fe:c3:
e4:2d:73:65:6d:fa:a6:dd:44:77:c8:2b:2c:df:57:ab:9b:70:
2e:a6:b4:a9:d7:c3:fc:7e:26:3f:6b:e2:b4:27:23:f1:4d:24:
b7:4f:63:df:92:ec:00:74:06:13:16:82:98:2a:69:c8:b3:cb:
ac:f3:32:1c:6a:ba:78:39:2e:04:98:da:82:55:8b:5b:84:c7:
1b:14:ca:d7:45:c6:23:47:43:5b:19:de:8e:23:76:04:dd:56:
96:0c:63:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzCbVWcTDsZX63mSnwZoDy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRmZmQyZTk5ZWQyYzE0OGViYTBjNTkyN2RmMzhjZDkzNGI1OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnjYSurR/4E1cUdixVWfXnaNEQ+s
O+pSx05XqaW8Ny0empwJBdNkIUTa7TW3OMyQzxXRMLfey6kjoi08asjMq/E3C4ju
jD6j0kGbNgI/M8yHi6mNr4+0UyIRjQn9+ySb5Lqv8QF/1cvlTbR6xHasF7VDvf2y
H4k25HvUj28KntuZJ2T6MDEEANsS34QirWJv2C7ze+aEEsrAMOhJtR529AKQXi63
W6KFOpoy7IsUh+WVlmjlsLv7kcxhguTMc86/+Rxn6fsISz8HATpXXFsm1W19jO8+
vxH9nlgbXXM7S1aP2tjNiXGeIH0RfBS64aobevsh3quEKfkGf3CvIxeQJwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF1P/S6Z7SwUjroMWSffOM2TS1jVMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvWFVfOUxwbnRMQlNPdWd4Wko5ODR6Wk5MV05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQET2SQAwQF
V/6gAwQFWFcAAwQFbceAAwQBweSsAwQBweS2AwQF1DJAMA0GCSqGSIb3DQEBCwUA
A4IBAQA1nsnB04ZhZhtRRQhFK6PfPvmqxowNo+giPVaWOwzAnmK+USx6Gy/WFYCU
xa6oIBnGHB7935b4eWkm5EPtuJco3M7fccCWUy+sf5OIi6mIFpHyojro8wooMNNO
fJNTeDn2Ntf+HPNgpfx0Wtwzf2L0IQ9fvOlb1F2K+nxwrlWK28fOMlaqZcgK3xKH
0xxgzYCiqAD4EfSidW1lLkCJ4Wpv/sPkLXNlbfqm3UR3yCss31erm3AuprSp18P8
fiY/a+K0JyPxTSS3T2PfkuwAdAYTFoKYKmnIs8us8zIcarp4OS4EmNqCVYtbhMcb
FMrXRcYjR0NbGd6OI3YE3VaWDGN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org