Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Xyf8S-mOny7aphbMAtlrxqy2I-s.roa
File: Xyf8S-mOny7aphbMAtlrxqy2I-s.roa (raw, json)
Hash identifier: ipKDM97ciWtA1I6uN0XsMJpH+YaBNj95Pz6W1+c1z7E=
Subject key identifier: 5F:27:FC:4B:E9:8E:9F:2E:DA:A6:16:CC:02:D9:6B:C6:AC:B6:23:EB
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0187B241FB8B5DD33D9209248658291BE105
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Xyf8S-mOny7aphbMAtlrxqy2I-s.roa
Signing time: Mon 24 Apr 2023 07:54:41 +0000
ROA not before: Mon 24 Apr 2023 07:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208258
IP address blocks: 185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
195.88.227.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
193.109.137.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
45.144.247.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Apr 2023 15:08:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:41:fb:8b:5d:d3:3d:92:09:24:86:58:29:1b:e1:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 24 07:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f27fc4be98e9f2edaa616cc02d96bc6acb623eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a4:77:33:ca:de:34:ea:75:a3:b1:5b:14:c8:
e4:eb:a6:c3:f9:86:5e:0b:ef:10:e9:38:aa:f0:7f:
42:11:01:2c:8a:ae:ba:73:d8:d4:a3:10:1b:be:43:
e1:56:91:3e:9d:5c:99:bf:49:0c:a0:62:41:44:17:
3c:1d:38:2a:e8:76:e6:dd:71:86:37:9c:7c:0c:b0:
4d:37:3c:b0:eb:a9:5f:36:3e:fd:37:a1:dd:c1:1b:
48:9a:5d:7b:1b:a2:23:a7:88:e1:95:49:53:64:02:
d1:de:7a:7c:60:15:de:b5:65:6b:c6:0f:99:5b:e8:
bc:f0:cf:11:46:10:d8:9a:49:ec:ba:f7:17:45:44:
66:19:dd:f9:23:37:02:03:8e:bf:8e:47:9f:12:65:
38:6d:85:38:d4:76:7d:67:43:f5:ca:fa:42:42:5f:
6a:9a:f4:c3:44:46:ae:d5:30:f2:85:87:9b:2a:3a:
7b:38:30:d3:b6:f1:3e:e1:1c:4d:11:46:0d:3a:73:
80:ea:6b:ad:07:53:59:35:e0:fa:ab:d6:73:d8:c1:
b5:dc:dd:66:b6:fe:19:26:f1:19:74:98:da:4d:c4:
7e:98:69:8a:4e:df:0e:1f:b1:92:97:0d:b4:42:84:
24:70:ec:d1:e5:dc:3c:8d:de:aa:8f:08:95:71:2d:
c6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:27:FC:4B:E9:8E:9F:2E:DA:A6:16:CC:02:D9:6B:C6:AC:B6:23:EB
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Xyf8S-mOny7aphbMAtlrxqy2I-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0/23
45.144.247.0/24
45.151.156.0-45.151.158.255
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
193.109.137.0/24
194.146.48.0/24
195.26.6.0/23
195.88.227.0/24
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
75:5a:73:86:39:77:64:95:f4:3f:56:3b:2b:51:32:76:45:5e:
00:ce:fa:e5:6b:64:70:44:7e:c7:b7:7a:55:2d:03:de:16:72:
b8:a4:8e:e0:0d:51:12:19:9b:9b:81:0e:6c:52:28:d7:64:73:
d4:67:df:33:6c:60:9c:c3:75:f3:38:cd:56:8b:38:56:41:da:
dc:35:2c:8a:c0:f4:96:55:2a:43:b5:46:d7:67:77:25:f5:42:
03:6f:46:e1:a2:44:2b:f6:58:e2:7c:2a:12:8a:a1:65:57:12:
03:cf:3c:c4:43:bc:88:f6:fa:1f:be:64:06:de:15:4b:14:43:
24:81:67:ff:ad:fc:e7:4a:b4:9f:77:19:95:7e:74:7b:b1:e0:
5d:1a:5d:2d:58:81:9c:ee:d5:f6:6e:ed:d5:63:1e:69:44:7b:
df:a2:cd:d1:8c:f0:26:78:e9:d9:f6:16:7d:74:04:3e:2c:0a:
38:a9:ae:4a:5f:c2:5c:2e:a3:58:26:5d:ef:f2:77:a2:8d:07:
c0:e7:33:a0:2f:d3:0d:fb:98:63:d3:2f:4f:5b:7d:ce:79:93:
d4:38:f4:db:2d:8b:34:bd:6f:9a:f4:be:39:40:87:14:d9:5e:
7a:4e:76:6f:55:20:dc:9d:c9:2c:bd:dd:07:54:56:c0:d7:a7:
b7:6e:cf:7f
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYeyQfuLXdM9kgkkhlgpG+EFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwNDI0MDc1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI3ZmM0YmU5OGU5ZjJlZGFhNjE2Y2MwMmQ5NmJjNmFjYjYyM2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaR3M8reNOp1o7FbFMjk66bD+YZe
C+8Q6Tiq8H9CEQEsiq66c9jUoxAbvkPhVpE+nVyZv0kMoGJBRBc8HTgq6Hbm3XGG
N5x8DLBNNzyw66lfNj79N6HdwRtIml17G6Ijp4jhlUlTZALR3np8YBXetWVrxg+Z
W+i88M8RRhDYmknsuvcXRURmGd35IzcCA46/jkefEmU4bYU41HZ9Z0P1yvpCQl9q
mvTDREau1TDyhYebKjp7ODDTtvE+4RxNEUYNOnOA6mutB1NZNeD6q9Zz2MG13N1m
tv4ZJvEZdJjaTcR+mGmKTt8OH7GSlw20QoQkcOzR5dw8jd6qjwiVcS3GcQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFF8n/Evpjp8u2qYWzALZa8astiPrMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWHlmOFMtbU9ueTdhcGhiTUF0bHJ4cXkySS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jBQBAIAATBKAwQBLZD0
AwQALZD3MAwDBAItl5wDBAAtl54DBAK50NADBAC541IDBAC55FMDBAG583ADBADB
bYkDBADCkjADBAHDGgYDBADDWOMwgYEEAgACMHsDBwAqCzxAAAEDBwAqCzxAAAkw
EgMHACoLPEAAEQMHACoLPEAAEjASAwcAKgs8QAAVAwcDKgs8QAAQAwcBKgs8QAAg
AwcAKgs8QAAlAwcAKgs8QPymAwcAKg5VQAAAMBIDBwQqDlVAABADBwAqDlVAABID
BwAqDlVAAQAwDQYJKoZIhvcNAQELBQADggEBAHVac4Y5d2SV9D9WOytRMnZFXgDO
+uVrZHBEfse3elUtA94WcrikjuANURIZm5uBDmxSKNdkc9Rn3zNsYJzDdfM4zVaL
OFZB2tw1LIrA9JZVKkO1RtdndyX1QgNvRuGiRCv2WOJ8KhKKoWVXEgPPPMRDvIj2
+h++ZAbeFUsUQySBZ/+t/OdKtJ93GZV+dHux4F0aXS1YgZzu1fZu7dVjHmlEe9+i
zdGM8CZ46dn2Fn10BD4sCjiprkpfwlwuo1gmXe/yd6KNB8DnM6Av0w37mGPTL09b
fc55k9Q49NstizS9b5r0vjlAhxTZXnpOdm9VINydySy93QdUVsDXp7duz38=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org