Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XFzgDUS4t9ZNHRqzT3HzKDlW9FE.roa
File: XFzgDUS4t9ZNHRqzT3HzKDlW9FE.roa (raw, json)
Hash identifier: bL5xj2D9lfxJvrtooWayk3CxUVNuk2ZpCaeRItpgId8=
Subject key identifier: 5C:5C:E0:0D:44:B8:B7:D6:4D:1D:1A:B3:4F:71:F3:28:39:56:F4:51
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0187B3CF586CD91BE1FE2505E735457AB4AE
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XFzgDUS4t9ZNHRqzT3HzKDlW9FE.roa
Signing time: Mon 24 Apr 2023 15:08:42 +0000
ROA not before: Mon 24 Apr 2023 15:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208258
IP address blocks: 185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
193.109.137.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 May 2023 08:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:cf:58:6c:d9:1b:e1:fe:25:05:e7:35:45:7a:b4:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 24 15:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c5ce00d44b8b7d64d1d1ab34f71f3283956f451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:56:62:c7:e0:58:0c:8e:ee:19:19:4f:59:
47:5a:7a:1d:b9:ab:29:22:1a:6d:6e:25:1e:5c:70:
b0:01:fd:35:32:4b:d3:5d:88:a6:df:7b:d5:4f:b2:
d3:18:2c:24:dd:4d:2a:8d:a7:2f:f7:ac:a9:e4:3e:
57:1d:3d:9d:96:9b:77:99:8c:fc:1c:e1:50:ec:0f:
26:96:5e:e7:2f:8e:8a:48:3d:de:25:6f:88:be:9e:
d2:b7:46:d0:1b:b0:89:3c:6c:66:7f:c9:a5:e6:dc:
2d:8f:24:8a:41:ba:63:32:2c:08:20:fe:64:19:5f:
3f:81:e5:73:cb:ff:09:20:9a:7f:b0:27:30:97:37:
91:a2:21:2e:fc:25:f6:eb:72:45:d9:80:96:ad:c0:
8c:90:3c:5d:50:74:f0:bf:1a:03:f1:1b:54:22:f7:
ef:81:f5:32:fa:a0:34:fc:f8:44:c1:89:4e:24:0f:
58:69:30:f3:3d:1d:18:4c:68:de:0d:09:5b:54:c4:
a6:4a:9e:e8:2c:ff:2b:f9:35:f7:36:7b:71:cb:71:
b6:d5:69:a9:03:5f:ca:8f:c6:92:06:8f:f3:29:5e:
01:ba:6f:31:a1:fb:96:fd:6e:8c:cf:c0:fa:6e:ac:
14:03:7b:9a:b9:58:5c:fa:13:b0:9f:34:b9:5b:3e:
b0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5C:E0:0D:44:B8:B7:D6:4D:1D:1A:B3:4F:71:F3:28:39:56:F4:51
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/XFzgDUS4t9ZNHRqzT3HzKDlW9FE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0/23
45.151.156.0-45.151.158.255
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
193.109.137.0/24
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
8c:b4:d8:41:91:b2:69:72:bb:55:0d:bd:7a:0d:14:11:27:5d:
3c:3a:63:33:c9:b7:97:1d:26:41:cc:c0:00:b3:4e:c9:3c:9f:
c5:6a:13:f2:6c:e8:70:ef:47:2f:92:39:66:47:0f:91:dd:52:
08:29:b1:95:40:25:49:0f:86:a8:c3:8c:b5:88:e0:98:88:06:
b1:80:4c:11:0e:b7:3d:d3:91:4e:21:89:a7:e5:ee:7d:70:53:
12:04:79:b2:3d:cc:22:98:73:fc:5b:a7:25:dd:e6:d5:3c:c4:
11:4d:8a:69:f9:2b:09:9d:8e:65:fa:70:78:94:f6:e4:c6:a6:
6d:8f:82:58:36:09:94:7c:00:86:8b:a8:6a:ff:a7:ef:d5:41:
e9:df:04:03:1f:21:8e:39:32:31:83:28:19:8f:6b:69:ba:5d:
18:b0:a9:6e:6e:ab:5e:4c:0b:0e:4e:c4:41:89:95:df:26:77:
88:44:fc:a5:0c:a5:24:52:66:2b:8f:15:d9:9a:56:87:dd:e1:
e9:12:1c:84:4f:29:a6:fc:63:d3:ed:94:64:db:5b:2a:3c:cf:
32:83:f8:39:12:9a:a4:db:4d:9c:25:fe:24:02:da:31:b4:5d:
a2:f9:35:8d:75:91:b1:48:c9:da:91:8e:b9:d0:2d:33:22:fb:
e0:e9:a7:48
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYezz1hs2Rvh/iUF5zVFerSuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwNDI0MTUwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVjZTAwZDQ0YjhiN2Q2NGQxZDFhYjM0ZjcxZjMyODM5NTZmNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQFWYsfgWAyO7hkZT1lHWnoduasp
IhptbiUeXHCwAf01MkvTXYim33vVT7LTGCwk3U0qjacv96yp5D5XHT2dlpt3mYz8
HOFQ7A8mll7nL46KSD3eJW+Ivp7St0bQG7CJPGxmf8ml5twtjySKQbpjMiwIIP5k
GV8/geVzy/8JIJp/sCcwlzeRoiEu/CX263JF2YCWrcCMkDxdUHTwvxoD8RtUIvfv
gfUy+qA0/PhEwYlOJA9YaTDzPR0YTGjeDQlbVMSmSp7oLP8r+TX3Nntxy3G21Wmp
A1/Kj8aSBo/zKV4Bum8xofuW/W6Mz8D6bqwUA3uauVhc+hOwnzS5Wz6w8QIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFFxc4A1EuLfWTR0as09x8yg5VvRRMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWEZ6Z0RVUzR0OVpOSFJxelQzSHpLRGxXOUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjBEBAIAATA+AwQBLZD0
MAwDBAItl5wDBAAtl54DBAK50NADBAC541IDBAC55FMDBAG583ADBADBbYkDBADC
kjADBAHDGgYwgYEEAgACMHsDBwAqCzxAAAEDBwAqCzxAAAkwEgMHACoLPEAAEQMH
ACoLPEAAEjASAwcAKgs8QAAVAwcDKgs8QAAQAwcBKgs8QAAgAwcAKgs8QAAlAwcA
Kgs8QPymAwcAKg5VQAAAMBIDBwQqDlVAABADBwAqDlVAABIDBwAqDlVAAQAwDQYJ
KoZIhvcNAQELBQADggEBAIy02EGRsmlyu1UNvXoNFBEnXTw6YzPJt5cdJkHMwACz
Tsk8n8VqE/Js6HDvRy+SOWZHD5HdUggpsZVAJUkPhqjDjLWI4JiIBrGATBEOtz3T
kU4hiafl7n1wUxIEebI9zCKYc/xbpyXd5tU8xBFNimn5KwmdjmX6cHiU9uTGpm2P
glg2CZR8AIaLqGr/p+/VQenfBAMfIY45MjGDKBmPa2m6XRiwqW5uq15MCw5OxEGJ
ld8md4hE/KUMpSRSZiuPFdmaVofd4ekSHIRPKab8Y9PtlGTbWyo8zzKD+DkSmqTb
TZwl/iQC2jG0XaL5NY11kbFIydqRjrnQLTMi++Dpp0g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org