Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0yaaGX7DzuMfP1aLlFfDxDx35Os.roa
File: 0yaaGX7DzuMfP1aLlFfDxDx35Os.roa (raw, json)
Hash identifier: CESzGjuIEWn7zl59Y8HxnuMPPMQ2XBb2Uep/ddn/4S0=
Subject key identifier: D3:26:9A:19:7E:C3:CE:E3:1F:3F:56:8B:94:57:C3:C4:3C:77:E4:EB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0185708CDC545F2DE8902C3224DAA3EA172C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0yaaGX7DzuMfP1aLlFfDxDx35Os.roa
Signing time: Mon 02 Jan 2023 03:35:57 +0000
ROA not before: Mon 02 Jan 2023 03:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33934
IP address blocks: 85.174.84.0/24 maxlen: 24
85.174.80.0/22 maxlen: 22
85.172.168.0/22 maxlen: 22
85.172.170.0/24 maxlen: 24
85.174.100.0/24 maxlen: 24
85.173.84.0/23 maxlen: 23
85.173.80.0/22 maxlen: 22
85.173.64.0/19 maxlen: 19
85.173.192.0/19 maxlen: 19
83.239.128.0/18 maxlen: 18
83.239.128.0/22 maxlen: 22
83.239.132.0/24 maxlen: 24
85.173.208.0/23 maxlen: 23
83.239.138.0/23 maxlen: 23
83.239.144.0/24 maxlen: 24
83.239.142.0/23 maxlen: 23
178.35.128.0/18 maxlen: 18
85.172.112.0/20 maxlen: 20
85.172.120.0/23 maxlen: 23
85.172.122.0/24 maxlen: 24
85.172.126.0/23 maxlen: 23
85.174.63.0/24 maxlen: 24
85.174.69.0/24 maxlen: 24
85.174.70.0/23 maxlen: 23
83.239.152.0/22 maxlen: 22
83.239.151.0/24 maxlen: 24
83.239.158.0/24 maxlen: 24
83.239.156.0/23 maxlen: 23
83.239.161.0/24 maxlen: 24
83.239.164.0/24 maxlen: 24
83.239.162.0/23 maxlen: 23
83.239.168.0/23 maxlen: 23
83.239.167.0/24 maxlen: 24
83.239.172.0/22 maxlen: 22
83.239.176.0/24 maxlen: 24
83.239.179.0/24 maxlen: 24
85.174.0.0/17 maxlen: 17
83.239.184.0/22 maxlen: 22
83.239.180.0/22 maxlen: 22
83.239.188.0/23 maxlen: 23
83.239.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:dc:54:5f:2d:e8:90:2c:32:24:da:a3:ea:17:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 03:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3269a197ec3cee31f3f568b9457c3c43c77e4eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:cf:bd:ec:0a:83:f9:8d:e9:e0:f9:8f:d4:
88:a0:80:b6:a2:a8:e5:9e:63:3b:ea:3d:39:ab:64:
db:19:b1:4b:be:40:08:a1:cf:f5:68:38:28:5c:88:
58:a5:07:d6:51:a8:ed:e4:6d:a5:98:fa:df:3a:65:
c2:e1:6f:34:06:51:dd:50:7b:77:49:ab:b3:af:e1:
cf:8c:e2:75:38:7b:29:03:a9:76:e6:0a:66:c7:0b:
7f:1a:84:42:26:2e:b5:ed:08:ac:c5:d5:f5:39:ce:
32:a6:fe:cf:0a:0a:3b:29:0f:83:a2:3b:c1:5c:47:
5a:0a:c8:00:1e:2d:90:2b:6e:db:2b:92:0e:10:dc:
61:7c:c8:21:1c:bf:37:dd:a3:8b:5f:17:2a:7e:9d:
b5:b7:9c:21:59:be:aa:5e:05:af:52:5f:68:94:3c:
27:b1:b0:4e:95:2c:05:8e:c1:9f:b7:19:e9:9a:4c:
07:99:93:b6:72:e8:4e:41:5a:15:94:04:2f:ac:27:
81:4b:71:81:09:13:0b:5b:df:23:e0:e3:94:42:14:
9c:8b:6e:f6:29:ea:87:31:47:4f:5a:d5:0b:a3:11:
d6:ce:88:4c:f1:1e:91:d1:f0:f8:7c:cc:ea:f9:80:
b9:d4:03:7c:11:fd:38:85:f8:b6:a7:18:03:00:77:
67:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:26:9A:19:7E:C3:CE:E3:1F:3F:56:8B:94:57:C3:C4:3C:77:E4:EB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/0yaaGX7DzuMfP1aLlFfDxDx35Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.128.0/18
85.172.112.0/20
85.172.168.0/22
85.173.64.0/19
85.173.192.0/19
85.174.0.0/17
178.35.128.0/18
Signature Algorithm: sha256WithRSAEncryption
38:4d:63:23:27:5b:35:bc:20:99:06:ff:e4:a6:d6:53:bf:a3:
97:6d:c5:89:47:5d:dd:3f:11:59:87:0d:2f:52:0d:68:64:92:
56:58:e3:47:7a:3b:d5:c9:21:50:c7:db:7a:15:41:ab:00:c3:
82:a4:59:c7:35:6f:62:ca:14:ef:4a:8a:f3:d9:54:0c:c0:b7:
3d:de:33:44:96:0c:61:ca:c6:12:f7:81:50:24:63:9b:46:0c:
20:a9:af:2f:8f:58:4a:94:b9:55:f5:08:00:73:61:7c:4a:d6:
af:a9:12:85:37:1d:9f:fd:ce:22:14:fa:60:bf:1e:ba:24:e6:
1f:14:40:d7:88:f3:b3:86:4c:4b:73:e2:03:00:be:13:bf:98:
fe:57:c0:f4:b2:64:f2:cf:95:da:47:df:4b:f1:54:c1:2b:e9:
b9:fd:94:43:4c:f4:3b:a3:6b:45:bb:42:50:a9:91:b8:be:9f:
22:cb:78:93:38:6e:ba:75:01:74:a2:5e:e9:0f:87:a1:03:fb:
66:34:c6:7a:07:0f:89:f9:ff:86:38:ac:33:bd:36:b5:29:e9:
88:b2:7f:82:d3:72:0b:59:91:0d:b4:aa:34:2c:4c:ec:87:53:
cf:b8:71:9f:2a:1d:dc:e8:db:d7:0f:c8:46:86:dc:47:ec:e8:
64:44:58:04
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwjNxUXy3okCwyJNqj6hcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjMwMTAyMDMzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzI2OWExOTdlYzNjZWUzMWYzZjU2OGI5NDU3YzNjNDNjNzdlNGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+zPvewKg/mN6eD5j9SIoIC2oqjl
nmM76j05q2TbGbFLvkAIoc/1aDgoXIhYpQfWUajt5G2lmPrfOmXC4W80BlHdUHt3
Sauzr+HPjOJ1OHspA6l25gpmxwt/GoRCJi617QisxdX1Oc4ypv7PCgo7KQ+DojvB
XEdaCsgAHi2QK27bK5IOENxhfMghHL833aOLXxcqfp21t5whWb6qXgWvUl9olDwn
sbBOlSwFjsGftxnpmkwHmZO2cuhOQVoVlAQvrCeBS3GBCRMLW98j4OOUQhSci272
KeqHMUdPWtULoxHWzohM8R6R0fD4fMzq+YC51AN8Ef04hfi2pxgDAHdnMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNMmmhl+w87jHz9Wi5RXw8Q8d+TrMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMHlhYUdYN0R6dU1mUDFhTGxGZkR4RHgzNU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGU++AAwQE
VaxwAwQCVayoAwQFVa1AAwQFVa3AAwQHVa4AAwQGsiOAMA0GCSqGSIb3DQEBCwUA
A4IBAQA4TWMjJ1s1vCCZBv/kptZTv6OXbcWJR13dPxFZhw0vUg1oZJJWWONHejvV
ySFQx9t6FUGrAMOCpFnHNW9iyhTvSorz2VQMwLc93jNElgxhysYS94FQJGObRgwg
qa8vj1hKlLlV9QgAc2F8StavqRKFNx2f/c4iFPpgvx66JOYfFEDXiPOzhkxLc+ID
AL4Tv5j+V8D0smTyz5XaR99L8VTBK+m5/ZRDTPQ7o2tFu0JQqZG4vp8iy3iTOG66
dQF0ol7pD4ehA/tmNMZ6Bw+J+f+GOKwzvTa1KemIsn+C03ILWZENtKo0LEzsh1PP
uHGfKh3c6NvXD8hGhtxH7OhkRFgE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org