Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Xn09oyi7Y-raJCG2ukBRNlWTE54.roa
File: Xn09oyi7Y-raJCG2ukBRNlWTE54.roa (raw, json)
Hash identifier: Uv2ylhY+Vu77kDXf+tJHKpik1MBOQ9G46ytTE6+cup4=
Subject key identifier: 5E:7D:3D:A3:28:BB:63:EA:DA:24:21:B6:BA:40:51:36:55:93:13:9E
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 018CC6B810385AD8EFA49FC58F8C86255DDB
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Xn09oyi7Y-raJCG2ukBRNlWTE54.roa
Signing time: Mon 01 Jan 2024 20:30:00 +0000
ROA not before: Mon 01 Jan 2024 20:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24877
IP address blocks: 213.164.112.0/22 maxlen: 22
88.223.100.0/22 maxlen: 22
84.55.0.0/19 maxlen: 19
84.55.0.0/20 maxlen: 20
84.55.16.0/21 maxlen: 21
84.55.24.0/21 maxlen: 21
88.223.132.0/22 maxlen: 22
88.223.139.0/24 maxlen: 24
88.223.136.0/23 maxlen: 23
88.223.136.0/24 maxlen: 24
88.223.140.0/22 maxlen: 22
88.223.64.0/21 maxlen: 21
88.223.64.0/20 maxlen: 20
88.223.72.0/21 maxlen: 21
84.55.44.0/23 maxlen: 23
84.55.40.0/22 maxlen: 22
84.55.40.0/21 maxlen: 21
84.55.38.0/23 maxlen: 23
88.223.156.0/22 maxlen: 22
84.55.46.0/23 maxlen: 23
88.222.0.0/17 maxlen: 17
88.222.128.0/18 maxlen: 18
217.147.42.0/23 maxlen: 23
217.147.39.0/24 maxlen: 24
88.222.248.0/22 maxlen: 22
88.222.192.0/20 maxlen: 20
88.222.216.0/24 maxlen: 24
88.222.224.0/20 maxlen: 20
217.147.32.0/23 maxlen: 23
217.147.33.0/24 maxlen: 24
217.147.32.0/24 maxlen: 24
2a01:7c80:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Tue 11 Jun 2024 07:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:10:38:5a:d8:ef:a4:9f:c5:8f:8c:86:25:5d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jan 1 20:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e7d3da328bb63eada2421b6ba4051365593139e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6f:24:8f:bf:34:b1:8e:42:fc:6a:cb:cf:41:
e3:12:49:27:ff:fa:31:79:42:37:88:f5:8c:35:59:
bf:33:61:d5:dd:47:3b:48:d1:6b:4d:4d:c1:46:50:
53:b5:94:9d:91:fe:4b:4f:55:94:38:a8:d9:8f:70:
5d:4e:0b:eb:1c:1c:3d:3d:92:dd:1b:61:08:26:a6:
82:c9:40:e7:30:79:26:5b:37:d8:61:9f:0c:de:ff:
28:65:5b:e0:32:00:21:ba:01:e8:4d:80:7f:59:48:
55:5c:3f:cb:40:cc:ca:a4:53:fb:c2:d6:05:5b:9e:
fd:e5:51:a2:9e:3c:bc:c0:8c:a7:6b:8c:72:ae:60:
61:ee:65:af:67:b7:01:c0:02:6b:05:8e:7a:79:33:
33:ab:1c:9c:db:0b:c0:65:a8:8a:d3:0b:ee:2e:47:
d2:f6:5e:ea:01:3f:a2:6d:e2:73:03:b6:a6:52:ae:
b1:c9:66:22:34:15:c8:9b:71:4a:55:9f:1c:42:b6:
c9:9f:e5:29:c6:8d:8e:3d:3b:f1:1a:a1:45:40:ec:
47:d8:0d:a5:9e:3f:b4:99:0a:15:bb:4b:84:c7:a0:
88:c4:05:c2:35:4e:cd:7c:a1:ce:1e:4a:8e:3d:80:
c4:f9:06:0d:55:fc:d1:9f:c3:b6:64:d4:42:f6:de:
88:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7D:3D:A3:28:BB:63:EA:DA:24:21:B6:BA:40:51:36:55:93:13:9E
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Xn09oyi7Y-raJCG2ukBRNlWTE54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.0.0/19
84.55.38.0-84.55.47.255
88.222.0.0-88.222.207.255
88.222.216.0/24
88.222.224.0/20
88.222.248.0/22
88.223.64.0/20
88.223.100.0/22
88.223.132.0-88.223.137.255
88.223.139.0-88.223.143.255
88.223.156.0/22
213.164.112.0/22
217.147.32.0/23
217.147.39.0/24
217.147.42.0/23
IPv6:
2a01:7c80:8000::/33
Signature Algorithm: sha256WithRSAEncryption
03:f0:21:15:5f:4a:1a:69:fc:a1:a6:46:fd:86:70:ab:d8:73:
71:ef:7f:8d:d5:7d:9c:ba:8e:56:f1:ef:31:d5:89:95:8d:01:
92:eb:a0:da:4e:29:c8:d5:02:3b:59:f2:7d:aa:b3:d9:d9:9b:
aa:aa:6c:9d:81:b3:dd:0c:ce:91:df:b6:44:1c:06:ef:76:fd:
b2:cc:42:b0:9b:c5:bb:d4:06:8a:2d:5c:b1:be:cf:19:95:45:
07:0a:15:23:98:c3:cd:54:eb:78:c6:fd:ee:79:5c:42:aa:e8:
1b:64:16:f3:6f:36:89:0f:b8:a4:7c:9d:08:9a:25:1d:5d:a6:
80:e3:bd:c1:15:66:13:0d:72:a5:53:c0:80:4f:c7:3d:4f:65:
5a:34:b1:25:02:60:e9:36:74:1f:be:c4:03:e7:a6:af:81:c1:
68:87:01:ab:ae:9c:a1:4e:b1:a2:06:5e:d6:c1:0e:18:93:0f:
2f:7a:e2:1e:59:d6:a9:8c:af:42:5d:b0:55:6e:79:f0:3b:39:
3b:76:72:ff:a8:84:2e:6d:f4:8e:09:ce:79:5f:52:76:f3:23:
8e:bb:a5:34:e9:bb:6f:7b:34:e9:69:45:96:31:82:e1:af:b2:
b3:cc:bd:b4:79:2d:e4:bd:94:7a:fa:08:b6:29:15:ad:a9:d2:
19:be:c3:bf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYzGuBA4WtjvpJ/Fj4yGJV3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwMTAxMjAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdkM2RhMzI4YmI2M2VhZGEyNDIxYjZiYTQwNTEzNjU1OTMxMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA228kj780sY5C/GrLz0HjEkkn//ox
eUI3iPWMNVm/M2HV3Uc7SNFrTU3BRlBTtZSdkf5LT1WUOKjZj3BdTgvrHBw9PZLd
G2EIJqaCyUDnMHkmWzfYYZ8M3v8oZVvgMgAhugHoTYB/WUhVXD/LQMzKpFP7wtYF
W5795VGinjy8wIyna4xyrmBh7mWvZ7cBwAJrBY56eTMzqxyc2wvAZaiK0wvuLkfS
9l7qAT+ibeJzA7amUq6xyWYiNBXIm3FKVZ8cQrbJn+Upxo2OPTvxGqFFQOxH2A2l
nj+0mQoVu0uEx6CIxAXCNU7NfKHOHkqOPYDE+QYNVfzRn8O2ZNRC9t6IVQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFF59PaMou2Pq2iQhtrpAUTZVkxOeMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvWG4wOW95aTdZLXJhSkNHMnVrQlJObFdURTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB/BAIAATB5AwQFVDcA
MAwDBAFUNyYDBARUNyAwCwMDAVjeAwQEWN7AAwQAWN7YAwQEWN7gAwQCWN74AwQE
WN9AAwQCWN9kMAwDBAJY34QDBAFY34gwDAMEAFjfiwMEBFjfgAMEAljfnAMEAtWk
cAMEAdmTIAMEANmTJwMEAdmTKjAOBAIAAjAIAwYHKgF8gIAwDQYJKoZIhvcNAQEL
BQADggEBAAPwIRVfShpp/KGmRv2GcKvYc3Hvf43VfZy6jlbx7zHViZWNAZLroNpO
KcjVAjtZ8n2qs9nZm6qqbJ2Bs90MzpHftkQcBu92/bLMQrCbxbvUBootXLG+zxmV
RQcKFSOYw81U63jG/e55XEKq6BtkFvNvNokPuKR8nQiaJR1dpoDjvcEVZhMNcqVT
wIBPxz1PZVo0sSUCYOk2dB++xAPnpq+BwWiHAauunKFOsaIGXtbBDhiTDy964h5Z
1qmMr0JdsFVuefA7OTt2cv+ohC5t9I4JznlfUnbzI467pTTpu297NOlpRZYxguGv
srPMvbR5LeS9lHr6CLYpFa2p0hm+w78=
-----END CERTIFICATE-----
Generated at Tue Jun 11 12:41:29 2024 by rpki-client on console-ams.rpki-client.org