Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3XscIiipA36sfCK2Z3J45AFrbKQ.roa
File: 3XscIiipA36sfCK2Z3J45AFrbKQ.roa (raw, json)
Hash identifier: qt2NMNfapwB8TojVQy/spZA12CvXffcsPMcyqPvmBIU=
Subject key identifier: DD:7B:1C:22:28:A9:03:7E:AC:7C:22:B6:67:72:78:E4:01:6B:6C:A4
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018ECC4691F5C35804735E2BDC6B38DE394F
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3XscIiipA36sfCK2Z3J45AFrbKQ.roa
Signing time: Thu 11 Apr 2024 08:29:20 +0000
ROA not before: Thu 11 Apr 2024 08:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12668
IP address blocks: 5.141.234.0/23 maxlen: 23
31.192.171.0/24 maxlen: 24
31.192.180.0/24 maxlen: 24
46.229.96.0/20 maxlen: 20
90.157.5.0/24 maxlen: 24
90.157.16.0/24 maxlen: 24
90.157.30.0/24 maxlen: 24
90.157.58.0/24 maxlen: 24
90.157.68.0/23 maxlen: 23
90.157.80.0/23 maxlen: 23
90.157.109.0/24 maxlen: 24
90.157.115.0/24 maxlen: 24
92.54.69.0/24 maxlen: 24
92.54.90.0/24 maxlen: 24
92.54.117.0/24 maxlen: 24
94.31.134.0/24 maxlen: 24
94.31.135.0/24 maxlen: 24
94.31.136.0/24 maxlen: 24
94.31.147.0/24 maxlen: 24
94.31.158.0/24 maxlen: 24
94.31.159.0/24 maxlen: 24
94.31.176.0/24 maxlen: 24
94.31.195.0/24 maxlen: 24
94.31.202.0/24 maxlen: 24
94.31.250.0/24 maxlen: 24
94.31.255.0/24 maxlen: 24
188.17.116.0/23 maxlen: 23
188.18.112.0/24 maxlen: 24
188.18.113.0/24 maxlen: 24
188.18.116.0/24 maxlen: 24
188.73.139.0/24 maxlen: 24
188.73.141.0/24 maxlen: 24
188.73.144.0/23 maxlen: 23
188.73.144.0/24 maxlen: 24
188.73.147.0/24 maxlen: 24
188.73.151.0/24 maxlen: 24
188.73.154.0/24 maxlen: 24
188.73.158.0/24 maxlen: 24
188.73.168.0/24 maxlen: 24
188.73.170.0/23 maxlen: 23
188.73.183.0/24 maxlen: 24
213.142.34.0/24 maxlen: 24
213.142.40.0/24 maxlen: 24
213.142.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 08:44:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:46:91:f5:c3:58:04:73:5e:2b:dc:6b:38:de:39:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 11 08:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd7b1c2228a9037eac7c22b6677278e4016b6ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1c:76:5f:ab:73:49:b4:86:f7:bc:ac:b4:be:
58:91:e5:f6:9e:40:55:14:b0:cb:bb:b9:9a:83:76:
22:ee:08:1c:dd:e8:27:67:cc:f6:a4:1c:8c:a0:51:
15:8f:79:41:19:0f:e1:2e:35:18:2a:4f:af:cf:95:
e7:4d:49:64:99:70:88:c5:27:9f:fc:96:8a:3b:da:
42:40:da:49:4f:70:ba:61:02:8b:76:78:21:0f:a1:
78:ed:0d:35:19:66:f5:8d:44:ce:89:9c:12:5f:2d:
2b:58:70:e8:ae:ca:c7:5b:29:86:ce:f1:12:62:10:
27:66:6c:eb:9c:c9:b9:fa:75:e8:eb:9d:08:1e:1b:
69:ff:71:66:4c:70:a4:52:d6:34:43:a1:76:7b:50:
01:1a:e0:9f:89:01:4e:72:58:20:77:0f:ee:8b:f4:
0c:57:0b:13:05:09:65:25:29:91:4a:02:05:56:22:
28:c5:ed:1a:d9:b0:fe:e4:61:53:59:34:f2:e1:6e:
5e:f2:b7:90:90:cf:25:81:ce:ce:b0:04:99:8e:d9:
81:c0:f8:85:54:8b:19:ea:94:de:29:a7:53:03:4a:
1b:15:8f:e2:e0:2d:fc:e1:45:30:7f:8a:e2:be:e5:
ab:2d:bc:d7:9d:ce:50:32:a1:54:5f:47:f3:80:3a:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7B:1C:22:28:A9:03:7E:AC:7C:22:B6:67:72:78:E4:01:6B:6C:A4
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/3XscIiipA36sfCK2Z3J45AFrbKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.141.234.0/23
31.192.171.0/24
31.192.180.0/24
46.229.96.0/20
90.157.5.0/24
90.157.16.0/24
90.157.30.0/24
90.157.58.0/24
90.157.68.0/23
90.157.80.0/23
90.157.109.0/24
90.157.115.0/24
92.54.69.0/24
92.54.90.0/24
92.54.117.0/24
94.31.134.0-94.31.136.255
94.31.147.0/24
94.31.158.0/23
94.31.176.0/24
94.31.195.0/24
94.31.202.0/24
94.31.250.0/24
94.31.255.0/24
188.17.116.0/23
188.18.112.0/23
188.18.116.0/24
188.73.139.0/24
188.73.141.0/24
188.73.144.0/23
188.73.147.0/24
188.73.151.0/24
188.73.154.0/24
188.73.158.0/24
188.73.168.0/24
188.73.170.0/23
188.73.183.0/24
213.142.34.0/24
213.142.40.0/24
213.142.57.0/24
Signature Algorithm: sha256WithRSAEncryption
62:1d:33:81:c1:33:bf:e9:79:12:88:ba:9d:d4:c0:ed:6f:b6:
d3:fb:59:6a:a9:02:47:8d:0b:53:4e:1d:82:ab:ac:bf:7d:28:
4e:0f:e8:29:b8:e4:1d:61:c5:7a:32:f3:50:00:08:b5:aa:fe:
3d:59:c4:04:3a:63:c9:4a:1c:30:13:5a:0c:b1:83:a3:de:e0:
93:43:52:da:12:55:7d:94:a8:ee:78:95:26:3c:57:74:0f:f8:
9f:58:c0:da:14:1a:55:f6:66:17:d5:94:16:6c:1f:75:3a:48:
7d:e0:64:6b:3d:b7:27:bc:df:25:30:a1:c0:58:37:66:fe:ac:
eb:0a:82:0d:e3:71:15:5d:48:d8:ac:ad:fc:6d:c1:c2:a2:0c:
3c:67:32:2a:41:e0:35:c7:8e:10:2c:93:da:f0:78:f1:6e:ba:
59:35:b4:dd:41:6f:9a:17:39:3d:e1:45:47:42:22:8b:51:56:
e4:a8:f4:bc:2a:ef:67:bc:91:4f:b7:4d:a2:eb:a9:f0:d6:ca:
20:eb:ef:92:f3:49:c5:de:3d:a6:8d:cd:69:b2:3f:78:7a:33:
8a:c8:a0:98:6d:26:a0:d8:06:ec:f3:37:ef:91:6f:55:05:f0:
4e:2b:69:e9:c2:82:4b:4f:a7:c6:40:42:14:a3:f5:5d:c5:cb:
e3:27:66:5a
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAY7MRpH1w1gEc14r3Gs43jlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDExMDgyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdiMWMyMjI4YTkwMzdlYWM3YzIyYjY2NzcyNzhlNDAxNmI2Y2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxx2X6tzSbSG97ystL5YkeX2nkBV
FLDLu7mag3Yi7ggc3egnZ8z2pByMoFEVj3lBGQ/hLjUYKk+vz5XnTUlkmXCIxSef
/JaKO9pCQNpJT3C6YQKLdnghD6F47Q01GWb1jUTOiZwSXy0rWHDorsrHWymGzvES
YhAnZmzrnMm5+nXo650IHhtp/3FmTHCkUtY0Q6F2e1ABGuCfiQFOclggdw/ui/QM
VwsTBQllJSmRSgIFViIoxe0a2bD+5GFTWTTy4W5e8reQkM8lgc7OsASZjtmBwPiF
VIsZ6pTeKadTA0obFY/i4C384UUwf4rivuWrLbzXnc5QMqFUX0fzgDoPMQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFN17HCIoqQN+rHwitmdyeOQBa2ykMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvM1hzY0lpaXBBMzZzZkNLMlozSjQ1QUZyYktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQB
BY3qAwQAH8CrAwQAH8C0AwQELuVgAwQAWp0FAwQAWp0QAwQAWp0eAwQAWp06AwQB
Wp1EAwQBWp1QAwQAWp1tAwQAWp1zAwQAXDZFAwQAXDZaAwQAXDZ1MAwDBAFeH4YD
BABeH4gDBABeH5MDBAFeH54DBABeH7ADBABeH8MDBABeH8oDBABeH/oDBABeH/8D
BAG8EXQDBAG8EnADBAC8EnQDBAC8SYsDBAC8SY0DBAG8SZADBAC8SZMDBAC8SZcD
BAC8SZoDBAC8SZ4DBAC8SagDBAG8SaoDBAC8SbcDBADVjiIDBADVjigDBADVjjkw
DQYJKoZIhvcNAQELBQADggEBAGIdM4HBM7/peRKIup3UwO1vttP7WWqpAkeNC1NO
HYKrrL99KE4P6Cm45B1hxXoy81AACLWq/j1ZxAQ6Y8lKHDATWgyxg6Pe4JNDUtoS
VX2UqO54lSY8V3QP+J9YwNoUGlX2ZhfVlBZsH3U6SH3gZGs9tye83yUwocBYN2b+
rOsKgg3jcRVdSNisrfxtwcKiDDxnMipB4DXHjhAsk9rwePFuulk1tN1Bb5oXOT3h
RUdCIotRVuSo9Lwq72e8kU+3TaLrqfDWyiDr75LzScXePaaNzWmyP3h6M4rIoJht
JqDYBuzzN++Rb1UF8E4raenCgktPp8ZAQhSj9V3Fy+MnZlo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:24 2024 by rpki-client on console-ams.rpki-client.org