Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XzRKu2GdlXObPzjhCPCmXXErbwQ.roa
File: XzRKu2GdlXObPzjhCPCmXXErbwQ.roa (raw, json)
Hash identifier: lxIjfTsQPvPWXqM8rRaTZlHMCFPtpxs8bXMJijmnulA=
Subject key identifier: 5F:34:4A:BB:61:9D:95:73:9B:3F:38:E1:08:F0:A6:5D:71:2B:6F:04
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018DEFD094D256D4EA00E9D71319E35D311F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XzRKu2GdlXObPzjhCPCmXXErbwQ.roa
Signing time: Wed 28 Feb 2024 13:04:00 +0000
ROA not before: Wed 28 Feb 2024 13:04:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 2.56.246.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.90.96.0/24 maxlen: 24
45.90.97.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.137.70.0/24 maxlen: 24
45.145.226.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
194.62.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 10:06:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:d0:94:d2:56:d4:ea:00:e9:d7:13:19:e3:5d:31:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Feb 28 13:04:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f344abb619d95739b3f38e108f0a65d712b6f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:0a:a6:89:ed:fc:b0:8c:a3:a8:a4:bc:cb:
a6:80:4a:00:66:34:ed:af:bf:60:06:80:75:89:bf:
4f:f8:b4:20:51:e4:d5:e5:37:94:af:e3:ca:ac:64:
31:7c:96:ea:80:46:59:40:99:9f:c4:45:79:a9:42:
8b:f2:61:38:0b:ca:1c:9d:47:7c:e5:6b:b5:ab:05:
70:ba:31:87:06:d2:f5:84:12:95:fc:8b:5e:57:98:
90:ff:41:0c:78:eb:56:9f:7d:80:e2:2d:4f:95:fd:
3f:4a:92:95:71:75:fe:22:8f:44:7a:ec:bf:60:83:
c4:8d:84:3a:0d:85:91:c5:01:bf:70:15:2f:33:8a:
d8:09:31:18:b4:92:e0:96:83:bb:1d:c7:8a:92:71:
70:de:6d:5e:58:bd:cc:50:fa:d8:0b:1b:ce:73:59:
0c:af:1c:25:18:77:fd:af:e8:3f:4e:91:6d:b3:11:
50:77:89:b0:01:78:64:cb:f4:85:f6:e9:92:2c:b1:
e7:03:15:e0:37:84:09:4a:6d:39:c4:3c:4d:74:21:
01:29:ed:63:fe:61:0b:67:4a:31:7e:7e:9a:34:83:
36:39:3c:3f:60:c2:bc:b6:03:0f:8e:ce:9f:6c:dc:
6b:79:33:cd:a9:97:52:64:52:aa:66:f8:d0:18:06:
43:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:34:4A:BB:61:9D:95:73:9B:3F:38:E1:08:F0:A6:5D:71:2B:6F:04
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XzRKu2GdlXObPzjhCPCmXXErbwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.13.226.0/24
45.67.139.0/24
45.90.96.0/23
45.131.65.0/24
45.134.39.0/24
45.137.70.0/24
45.145.226.0/24
185.117.0.0/24
194.62.248.0/24
Signature Algorithm: sha256WithRSAEncryption
49:cd:89:1d:eb:93:c4:36:a6:10:b4:6c:d4:99:69:12:a7:0b:
f5:e6:bf:47:1a:88:76:03:cf:28:3f:8e:49:1f:6c:87:fd:3c:
c3:47:8c:2e:a5:48:bd:42:97:33:77:9c:60:28:b7:82:df:77:
3a:b5:4c:6d:8b:b3:2d:cf:3d:a5:28:99:ce:d3:8d:1a:5d:9f:
71:17:09:de:7f:92:46:f1:cb:cb:38:bc:38:4a:0a:8d:af:a0:
8d:e1:bd:73:ff:36:77:4a:5b:4e:9b:74:09:12:c3:37:9b:da:
61:c7:93:22:46:f2:d1:ec:61:df:18:a6:93:35:78:3e:07:c7:
69:9f:e6:f9:75:64:28:c0:bd:a2:73:1b:37:70:d1:87:14:26:
c8:28:cd:2c:19:6b:47:80:df:be:f4:1c:b3:93:c6:eb:00:70:
8a:2b:5d:2a:1f:ed:62:e0:6c:52:e8:71:22:36:2c:9d:e6:0d:
3f:ab:0e:b7:06:a6:9e:46:34:7d:44:e4:27:2b:0d:31:b6:3c:
f8:46:dd:f0:5d:a3:1d:88:8f:42:b7:c3:73:62:75:6f:bf:87:
71:d0:71:f9:05:ef:04:06:70:52:21:45:e2:41:4d:ba:6f:2e:
55:f8:5b:c2:cc:c3:22:11:e5:e4:97:4e:68:43:f7:65:4d:33:
ae:0a:91:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3v0JTSVtTqAOnXExnjXTEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwMjI4MTMwNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM0NGFiYjYxOWQ5NTczOWIzZjM4ZTEwOGYwYTY1ZDcxMmI2ZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlksKpont/LCMo6ikvMumgEoAZjTt
r79gBoB1ib9P+LQgUeTV5TeUr+PKrGQxfJbqgEZZQJmfxEV5qUKL8mE4C8ocnUd8
5Wu1qwVwujGHBtL1hBKV/IteV5iQ/0EMeOtWn32A4i1Plf0/SpKVcXX+Io9Eeuy/
YIPEjYQ6DYWRxQG/cBUvM4rYCTEYtJLgloO7HceKknFw3m1eWL3MUPrYCxvOc1kM
rxwlGHf9r+g/TpFtsxFQd4mwAXhky/SF9umSLLHnAxXgN4QJSm05xDxNdCEBKe1j
/mELZ0oxfn6aNIM2OTw/YMK8tgMPjs6fbNxreTPNqZdSZFKqZvjQGAZDVwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFF80SrthnZVzmz844Qjwpl1xK28EMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWHpSS3UyR2RsWE9iUHpqaENQQ21YWEVyYndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjj2AwQA
LQ3iAwQALUOLAwQBLVpgAwQALYNBAwQALYYnAwQALYlGAwQALZHiAwQAuXUAAwQA
wj74MA0GCSqGSIb3DQEBCwUAA4IBAQBJzYkd65PENqYQtGzUmWkSpwv15r9HGoh2
A88oP45JH2yH/TzDR4wupUi9Qpczd5xgKLeC33c6tUxti7Mtzz2lKJnO040aXZ9x
Fwnef5JG8cvLOLw4SgqNr6CN4b1z/zZ3SltOm3QJEsM3m9phx5MiRvLR7GHfGKaT
NXg+B8dpn+b5dWQowL2icxs3cNGHFCbIKM0sGWtHgN++9Byzk8brAHCKK10qH+1i
4GxS6HEiNiyd5g0/qw63BqaeRjR9ROQnKw0xtjz4Rt3wXaMdiI9Ct8NzYnVvv4dx
0HH5Be8EBnBSIUXiQU26by5V+FvCzMMiEeXkl05oQ/dlTTOuCpH/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org