Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/Xl1fNxLvyq8JYqnah-MFvNbzLV8.roa
File: Xl1fNxLvyq8JYqnah-MFvNbzLV8.roa (raw, json)
Hash identifier: 82mjw2KBsF8wc6qrVc+09uwefcuhoRXy4mw4sKVawOM=
Subject key identifier: 5E:5D:5F:37:12:EF:CA:AF:09:62:A9:DA:87:E3:05:BC:D6:F3:2D:5F
Certificate issuer: /CN=6de2aab077c9eef103f97984f309d891e5a19983
Certificate serial: 018A83AEDF5CF17748314FD519165C2D2673
Authority key identifier: 6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/Xl1fNxLvyq8JYqnah-MFvNbzLV8.roa
Signing time: Mon 11 Sep 2023 09:59:50 +0000
ROA not before: Mon 11 Sep 2023 09:59:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205516
IP address blocks: 89.223.4.0/24 maxlen: 24
89.223.11.0/24 maxlen: 24
91.147.96.0/22 maxlen: 24
45.86.80.0/22 maxlen: 24
185.215.160.0/22 maxlen: 24
2a0b:abc0::/29 maxlen: 48
2a0e:db80::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:ae:df:5c:f1:77:48:31:4f:d5:19:16:5c:2d:26:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6de2aab077c9eef103f97984f309d891e5a19983
Validity
Not Before: Sep 11 09:59:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e5d5f3712efcaaf0962a9da87e305bcd6f32d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:14:05:2c:68:ad:b6:ac:d6:84:3d:35:26:51:
d9:38:d7:2d:2f:53:15:c1:b6:4a:f0:0b:80:56:ca:
41:58:12:8e:21:a0:1e:50:55:eb:20:10:fd:44:77:
f6:09:0f:ef:15:f2:41:22:01:6f:3c:24:24:e4:a2:
4e:bf:62:5e:b4:d5:29:93:84:d5:68:ab:e6:65:1b:
49:da:1e:10:86:20:82:98:fa:31:ea:0f:37:28:b2:
03:55:ec:32:54:4e:7c:11:e8:cd:12:8c:05:2b:5f:
1f:a0:00:52:64:9c:18:c9:52:9b:25:1f:c1:35:00:
31:bd:b1:cb:c2:8f:68:3d:b6:e0:16:23:bc:f8:da:
a5:eb:d3:8e:94:7a:b8:1a:99:72:32:cb:c5:20:57:
cd:5d:11:2b:93:97:c0:bb:80:34:29:35:51:5c:71:
0b:40:4d:99:d5:cd:b9:f3:b8:58:79:63:c7:95:24:
3f:44:88:b0:38:36:bc:92:08:0b:74:3b:34:97:0a:
cd:b7:87:d8:9e:07:62:ea:1b:36:a6:8f:52:8b:de:
6d:84:75:1d:b4:df:16:e5:95:8c:0b:1f:18:1e:77:
e1:58:e5:cc:e9:7c:0b:86:81:6c:d2:00:eb:98:59:
ed:8d:6d:81:27:b2:9a:60:ec:60:64:74:03:69:1a:
34:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5D:5F:37:12:EF:CA:AF:09:62:A9:DA:87:E3:05:BC:D6:F3:2D:5F
X509v3 Authority Key Identifier:
keyid:6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/Xl1fNxLvyq8JYqnah-MFvNbzLV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.80.0/22
89.223.4.0/24
89.223.11.0/24
91.147.96.0/22
185.215.160.0/22
IPv6:
2a0b:abc0::/29
2a0e:db80::/29
Signature Algorithm: sha256WithRSAEncryption
71:f2:9c:61:d1:61:ea:cc:4a:e3:c1:75:b4:bb:5b:09:2e:a4:
c4:01:63:83:3f:e2:76:15:74:18:2e:37:59:25:83:dc:f1:7e:
02:0c:f2:24:ee:36:65:cf:0b:c1:3a:79:80:82:7d:4b:99:02:
9e:aa:f7:14:da:e7:74:46:0f:8c:bc:f5:0e:26:09:6c:84:19:
a0:1f:25:0f:26:83:2b:fa:82:a4:3b:61:4f:0c:52:68:5b:9c:
1d:bb:e2:a3:6c:53:84:78:56:12:a6:a0:c7:cc:63:8d:a3:aa:
22:4b:2b:38:aa:52:c5:fe:87:54:95:4f:d7:2f:c0:6f:a9:8b:
c3:f0:de:e9:85:8a:45:0f:3b:6e:a6:52:ed:3a:3c:a6:a9:df:
ee:ec:f9:f6:96:84:3c:67:ff:b9:63:7d:69:e3:47:f9:2d:0a:
2e:99:bc:cd:64:f3:38:d9:59:af:67:7e:78:3c:f3:2b:61:5d:
1f:d2:23:1b:fb:df:8d:02:10:60:67:d4:ce:d4:44:f2:25:f2:
34:bc:68:2b:6b:12:e9:d9:09:6c:ad:0f:1c:af:6d:d5:93:43:
20:71:75:1f:00:2c:8f:be:85:ac:84:cd:11:64:b9:4e:f7:95:
b4:3c:57:8b:5e:1e:ba:81:66:73:48:09:f9:b7:db:73:1b:90:
3d:32:9e:db
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYqDrt9c8XdIMU/VGRZcLSZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZTJhYWIwNzdjOWVlZjEwM2Y5Nzk4NGYzMDlkODkxZTVh
MTk5ODMwHhcNMjMwOTExMDk1OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTVkNWYzNzEyZWZjYWFmMDk2MmE5ZGE4N2UzMDViY2Q2ZjMyZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRQFLGittqzWhD01JlHZONctL1MV
wbZK8AuAVspBWBKOIaAeUFXrIBD9RHf2CQ/vFfJBIgFvPCQk5KJOv2JetNUpk4TV
aKvmZRtJ2h4QhiCCmPox6g83KLIDVewyVE58EejNEowFK18foABSZJwYyVKbJR/B
NQAxvbHLwo9oPbbgFiO8+Nql69OOlHq4GplyMsvFIFfNXRErk5fAu4A0KTVRXHEL
QE2Z1c2587hYeWPHlSQ/RIiwODa8kggLdDs0lwrNt4fYngdi6hs2po9Si95thHUd
tN8W5ZWMCx8YHnfhWOXM6XwLhoFs0gDrmFntjW2BJ7KaYOxgZHQDaRo0uQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFF5dXzcS78qvCWKp2ofjBbzW8y1fMB8GA1UdIwQY
MBaAFG3iqrB3ye7xA/l5hPMJ2JHloZmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQt
YjlhZTU3Mzk0MTg5LzEvWGwxZk54THZ5cThKWXFuYWgtTUZ2TmJ6TFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQtYjlhZTU3Mzk0MTg5
LzEvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLVZQAwQA
Wd8EAwQAWd8LAwQCW5NgAwQCudegMBQEAgACMA4DBQMqC6vAAwUDKg7bgDANBgkq
hkiG9w0BAQsFAAOCAQEAcfKcYdFh6sxK48F1tLtbCS6kxAFjgz/idhV0GC43WSWD
3PF+AgzyJO42Zc8LwTp5gIJ9S5kCnqr3FNrndEYPjLz1DiYJbIQZoB8lDyaDK/qC
pDthTwxSaFucHbvio2xThHhWEqagx8xjjaOqIksrOKpSxf6HVJVP1y/Ab6mLw/De
6YWKRQ87bqZS7To8pqnf7uz59paEPGf/uWN9aeNH+S0KLpm8zWTzONlZr2d+eDzz
K2FdH9IjG/vfjQIQYGfUztRE8iXyNLxoK2sS6dkJbK0PHK9t1ZNDIHF1HwAsj76F
rITNEWS5TveVtDxXi14euoFmc0gJ+bfbcxuQPTKe2w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:57 2024 by rpki-client on console-ams.rpki-client.org