Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/XWJNxgD5Rq3yUqH_oadDmxeQHCU.roa
File: XWJNxgD5Rq3yUqH_oadDmxeQHCU.roa (raw, json)
Hash identifier: stWqaMKaz4LYEb4NZcrj1/oWyHKwWs66us3AwEtbaL8=
Subject key identifier: 5D:62:4D:C6:00:F9:46:AD:F2:52:A1:FF:A1:A7:43:9B:17:90:1C:25
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 0193910B7F3716492D3F26D204777A32ED2A
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/XWJNxgD5Rq3yUqH_oadDmxeQHCU.roa
Signing time: Wed 04 Dec 2024 09:41:10 +0000
ROA not before: Wed 04 Dec 2024 09:41:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24582
IP address blocks: 5.61.80.0/21 maxlen: 24
80.87.160.0/20 maxlen: 24
185.32.32.0/22 maxlen: 24
195.135.178.240/29 maxlen: 29
212.237.160.0/21 maxlen: 24
2a00:5f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 11 Dec 2024 16:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:0b:7f:37:16:49:2d:3f:26:d2:04:77:7a:32:ed:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Dec 4 09:41:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d624dc600f946adf252a1ffa1a7439b17901c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:17:f9:2e:a9:9b:2d:c3:8f:40:d8:a1:fe:5c:
52:de:51:47:e3:41:f3:ba:82:0f:63:de:4d:1c:fa:
1f:77:1e:86:90:e9:0b:ce:e7:3b:09:87:b3:7b:61:
4c:33:9e:19:ad:d7:8f:a8:25:79:0c:0a:de:3b:a0:
44:c9:3a:49:4a:44:39:1c:78:de:00:59:67:df:4f:
17:fa:28:fd:ca:b6:ad:de:34:ab:30:11:f9:7b:e7:
dd:79:b2:ab:07:91:d3:49:52:c4:1e:6e:b1:7c:be:
dd:16:40:5c:fe:c6:c3:40:bf:cb:66:55:bb:ea:e9:
15:04:db:89:ce:bf:5a:54:96:45:ec:64:ed:91:a7:
e5:78:eb:64:06:6f:52:63:b5:77:52:77:82:b9:d5:
54:18:39:4b:e3:9c:b0:73:9f:ad:fe:71:c4:1b:b2:
27:94:2a:c7:f3:c3:dd:86:c1:27:cf:b5:20:c1:95:
1e:20:14:79:c1:3e:b9:b1:09:76:76:b5:99:39:af:
8e:b8:5f:a4:c8:fe:07:16:7b:98:08:3a:ca:ca:36:
3c:f6:6b:86:e4:51:f4:d9:81:f5:29:13:88:05:73:
a0:9c:9a:d3:37:6d:b8:0c:ea:a1:a7:9a:a8:9d:6d:
82:0e:2e:c4:d6:53:eb:4e:11:d9:b9:b1:c7:4b:dc:
11:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:62:4D:C6:00:F9:46:AD:F2:52:A1:FF:A1:A7:43:9B:17:90:1C:25
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/XWJNxgD5Rq3yUqH_oadDmxeQHCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
80.87.160.0/20
185.32.32.0/22
195.135.178.240/29
212.237.160.0/21
IPv6:
2a00:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
2d:60:6b:31:9b:97:44:00:28:bf:0b:1a:15:c8:7a:4f:19:67:
e1:4f:ab:3a:e9:de:75:42:80:fc:54:6e:41:8c:07:27:46:bc:
39:2f:e1:36:b5:c1:06:60:a9:5e:e8:0f:ef:7e:97:51:de:04:
cd:4e:ee:ec:b7:ee:ea:ee:18:02:2e:6b:a8:d4:03:f9:2f:e1:
26:a4:24:e1:41:95:71:3d:45:0f:97:3f:e6:6e:a2:39:a5:5d:
5b:a3:a9:41:71:36:89:18:5d:06:38:a8:90:5b:b4:25:ae:3e:
08:32:96:3b:27:8f:20:bd:2c:85:21:8c:36:7a:c5:cb:da:7b:
06:55:47:78:c9:67:e8:fa:84:f5:b5:b0:b7:ec:33:3a:63:cd:
b5:2b:1b:af:46:f5:d4:b7:18:fd:eb:c4:bc:5e:46:be:cb:8f:
bc:e0:87:d1:00:18:5b:fb:4e:9d:da:02:60:94:e0:f5:f1:3e:
4d:5a:ef:fc:68:87:5e:5e:65:cd:23:f1:1d:a3:e8:0d:a0:3f:
5c:12:a0:cd:37:ee:42:7d:31:75:ed:d1:1f:bf:46:f1:92:ab:
b9:96:15:f9:e5:72:1e:3e:0d:16:e2:f7:7e:b7:20:74:aa:db:
94:4e:0c:b4:4c:02:82:95:50:6c:f0:4c:84:7f:89:f0:59:54:
03:1e:52:7c
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZORC383FkktPybSBHd6Mu0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjQxMjA0MDk0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDYyNGRjNjAwZjk0NmFkZjI1MmExZmZhMWE3NDM5YjE3OTAxYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hf5LqmbLcOPQNih/lxS3lFH40Hz
uoIPY95NHPofdx6GkOkLzuc7CYeze2FMM54ZrdePqCV5DAreO6BEyTpJSkQ5HHje
AFln308X+ij9yrat3jSrMBH5e+fdebKrB5HTSVLEHm6xfL7dFkBc/sbDQL/LZlW7
6ukVBNuJzr9aVJZF7GTtkafleOtkBm9SY7V3UneCudVUGDlL45ywc5+t/nHEG7In
lCrH88PdhsEnz7UgwZUeIBR5wT65sQl2drWZOa+OuF+kyP4HFnuYCDrKyjY89muG
5FH02YH1KROIBXOgnJrTN224DOqhp5qonW2CDi7E1lPrThHZubHHS9wR8wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFF1iTcYA+Uat8lKh/6GnQ5sXkBwlMB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvWFdKTnhnRDVScTN5VXFIX29hZERteGVRSENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQDBT1QAwQE
UFegAwQCuSAgAwUDw4ey8AMEA9TtoDANBAIAAjAHAwUDKgBfQDANBgkqhkiG9w0B
AQsFAAOCAQEALWBrMZuXRAAovwsaFch6Txln4U+rOunedUKA/FRuQYwHJ0a8OS/h
NrXBBmCpXugP736XUd4EzU7u7Lfu6u4YAi5rqNQD+S/hJqQk4UGVcT1FD5c/5m6i
OaVdW6OpQXE2iRhdBjiokFu0Ja4+CDKWOyePIL0shSGMNnrFy9p7BlVHeMln6PqE
9bWwt+wzOmPNtSsbr0b11LcY/evEvF5GvsuPvOCH0QAYW/tOndoCYJTg9fE+TVrv
/GiHXl5lzSPxHaPoDaA/XBKgzTfuQn0xde3RH79G8ZKruZYV+eVyHj4NFuL3frcg
dKrblE4MtEwCgpVQbPBMhH+J8FlUAx5SfA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:08 2025 by rpki-client