Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/XLvbfJTqXkBFi5lTWCiXT-hh9IQ.roa
File: XLvbfJTqXkBFi5lTWCiXT-hh9IQ.roa (raw, json)
Hash identifier: VZL9IGlDAFFuyKoWoN1xwRhY9obbfSnUAYzgSe+w4aE=
Subject key identifier: 5C:BB:DB:7C:94:EA:5E:40:45:8B:99:53:58:28:97:4F:E8:61:F4:84
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 0185CF55B167F8507D8BF1BA82E9911D39E0
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/XLvbfJTqXkBFi5lTWCiXT-hh9IQ.roa
Signing time: Fri 20 Jan 2023 13:19:37 +0000
ROA not before: Fri 20 Jan 2023 13:19:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199256
IP address blocks: 93.119.24.0/22 maxlen: 24
159.253.224.0/22 maxlen: 24
185.122.132.0/22 maxlen: 24
185.57.100.0/22 maxlen: 24
185.156.196.0/22 maxlen: 24
81.173.12.0/22 maxlen: 24
144.2.240.0/21 maxlen: 24
45.137.184.0/22 maxlen: 22
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.32.152.0/22 maxlen: 24
5.149.168.0/21 maxlen: 24
2a04:b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:55:b1:67:f8:50:7d:8b:f1:ba:82:e9:91:1d:39:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jan 20 13:19:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cbbdb7c94ea5e40458b99535828974fe861f484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fb:e7:5f:3e:bd:89:b2:d2:1f:64:65:b7:61:
e2:fc:4d:78:ef:a9:e6:d3:84:10:95:3d:60:52:1c:
4e:7d:73:f3:fe:58:0a:ae:e5:97:d0:31:62:7a:89:
1b:64:ff:23:0a:dd:3f:cc:70:ea:5f:be:e7:b8:c8:
f7:b8:1b:d4:4a:7c:04:75:ee:9c:f2:7d:87:1e:2e:
48:50:94:9e:1b:bf:31:dc:d8:07:f9:ea:fc:0b:6c:
7c:78:0f:0e:ac:ff:28:d4:77:3e:ce:4b:f6:30:5f:
b9:6f:e2:46:55:96:be:79:22:b4:52:d4:2e:77:22:
fa:15:b7:71:0b:9b:31:5f:9a:43:66:f1:9a:59:cb:
8c:cf:3e:e7:0d:fa:22:97:51:3b:ea:6b:bd:f4:ab:
db:c6:93:f9:0d:a7:df:cc:a8:bb:35:85:99:70:31:
5c:40:ea:4f:00:71:c8:8e:32:ee:c0:46:f0:60:4b:
ca:f0:a0:60:96:16:db:0a:a4:ab:f9:a6:2c:97:6f:
1a:08:37:49:7f:22:8b:2e:4d:97:2e:e8:2a:ae:93:
2a:b5:d9:dd:7b:ad:23:eb:41:13:b1:f9:68:c6:90:
38:09:c1:2c:09:a8:0e:91:72:a5:53:5d:c8:7c:65:
99:01:78:94:82:ca:a2:40:4d:3c:df:87:a0:eb:ba:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BB:DB:7C:94:EA:5E:40:45:8B:99:53:58:28:97:4F:E8:61:F4:84
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/XLvbfJTqXkBFi5lTWCiXT-hh9IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
45.137.184.0/22
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
ac:28:a0:1d:5c:c4:8c:a7:f0:f6:e3:70:ce:0b:30:1a:ed:2b:
38:a3:d6:10:32:28:f3:b6:48:b4:3c:85:bb:ed:fe:9c:42:9a:
6a:af:22:d6:7b:b3:4f:cf:72:ca:a6:88:21:38:c6:01:90:37:
a6:81:d5:15:53:8e:c0:29:f5:04:8b:3b:bd:60:23:87:cc:13:
64:61:44:3b:02:c5:56:ad:ff:74:9b:a9:06:4c:4a:29:59:1c:
14:44:7d:99:43:de:58:d5:10:3d:81:81:f7:45:88:c9:9f:39:
bc:1a:4a:63:06:a7:44:46:55:02:f6:4a:72:af:6b:51:04:ea:
59:7f:90:7e:af:8b:6f:e7:96:9f:61:87:d7:b5:eb:44:83:bc:
de:a1:3b:d6:78:b6:b5:37:1a:30:c3:d4:21:63:b4:0f:85:86:
e3:cc:cd:e7:02:92:d1:db:ed:af:31:2d:b5:7e:26:21:cc:a9:
9e:a2:df:8e:99:0c:b4:89:34:60:90:17:48:58:31:5e:b8:e3:
1c:64:07:4b:22:f2:63:f5:af:6c:73:dc:42:0d:b4:f8:6b:06:
5e:e5:3c:1f:51:18:d9:8c:25:03:9f:c5:2c:2a:09:cc:40:a7:
56:4f:a0:5d:89:75:c7:9d:53:0d:a4:66:fb:de:0a:f6:8b:2a:
17:f7:a8:fa
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYXPVbFn+FB9i/G6gumRHTngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjMwMTIwMTMxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JiZGI3Yzk0ZWE1ZTQwNDU4Yjk5NTM1ODI4OTc0ZmU4NjFmNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfvnXz69ibLSH2Rlt2Hi/E1476nm
04QQlT1gUhxOfXPz/lgKruWX0DFieokbZP8jCt0/zHDqX77nuMj3uBvUSnwEde6c
8n2HHi5IUJSeG78x3NgH+er8C2x8eA8OrP8o1Hc+zkv2MF+5b+JGVZa+eSK0UtQu
dyL6FbdxC5sxX5pDZvGaWcuMzz7nDfoil1E76mu99KvbxpP5DaffzKi7NYWZcDFc
QOpPAHHIjjLuwEbwYEvK8KBglhbbCqSr+aYsl28aCDdJfyKLLk2XLugqrpMqtdnd
e60j60ETsfloxpA4CcEsCagOkXKlU13IfGWZAXiUgsqiQE0834eg67pacQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFFy723yU6l5ARYuZU1gol0/oYfSEMB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvWEx2YmZKVHFYa0JGaTVsVFdDaVhULWhoOUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBZWoAwQC
LYm4AwQCUa0MAwQAW9jsAwQAW9jxAwQCXXcYAwQDkALwAwQCn/3gAwQCuSCYAwQC
uTlkAwQCuXqEAwQCuZzEMA0EAgACMAcDBQMqBAsAMA0GCSqGSIb3DQEBCwUAA4IB
AQCsKKAdXMSMp/D243DOCzAa7Ss4o9YQMijztki0PIW77f6cQppqryLWe7NPz3LK
poghOMYBkDemgdUVU47AKfUEizu9YCOHzBNkYUQ7AsVWrf90m6kGTEopWRwURH2Z
Q95Y1RA9gYH3RYjJnzm8GkpjBqdERlUC9kpyr2tRBOpZf5B+r4tv55afYYfXtetE
g7zeoTvWeLa1Nxoww9QhY7QPhYbjzM3nApLR2+2vMS21fiYhzKmeot+OmQy0iTRg
kBdIWDFeuOMcZAdLIvJj9a9sc9xCDbT4awZe5TwfURjZjCUDn8UsKgnMQKdWT6Bd
iXXHnVMNpGb73gr2iyoX96j6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:54 2024 by rpki-client on console-ams.rpki-client.org