Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XGEDEybmpbyULeucG2VDJqGkE90.roa
File: XGEDEybmpbyULeucG2VDJqGkE90.roa (raw, json)
Hash identifier: hRjn7ZGjELI0zmyshrWHvYJDiGV6gLHbKRSBX6jkQeg=
Subject key identifier: 5C:61:03:13:26:E6:A5:BC:94:2D:EB:9C:1B:65:43:26:A1:A4:13:DD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E77078498076AC53CB27361770FE05008
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XGEDEybmpbyULeucG2VDJqGkE90.roa
Signing time: Mon 25 Mar 2024 19:12:45 +0000
ROA not before: Mon 25 Mar 2024 19:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 09:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:07:84:98:07:6a:c5:3c:b2:73:61:77:0f:e0:50:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 25 19:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c61031326e6a5bc942deb9c1b654326a1a413dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c4:97:cb:ac:e6:76:2c:ef:7f:de:fd:a6:28:
04:45:6a:92:86:07:17:7b:f5:9e:13:35:a1:63:61:
2c:6f:b8:17:cd:d4:2d:35:43:aa:d6:72:25:b7:6d:
b6:46:e9:28:cb:63:e8:b5:67:82:70:92:cb:0a:68:
83:92:84:5a:97:eb:a1:99:cf:c9:34:d0:d1:4d:99:
b6:76:da:0a:9d:e6:54:78:23:72:f1:f8:c1:af:a5:
5e:75:34:65:09:68:c2:13:81:26:1f:8c:17:1c:9e:
4e:39:20:a8:8b:c9:8a:a6:43:2a:0e:b5:81:6d:44:
3d:f5:cd:b7:49:5a:0e:b4:4a:48:9c:f8:cb:d8:97:
af:e7:02:ea:61:d2:ab:e7:2c:48:0b:c6:49:6f:60:
90:ec:b8:d9:86:97:df:06:d5:3b:c8:b4:cb:8d:e9:
0a:9d:be:8c:c3:d1:a6:e2:fd:e6:1d:ec:07:42:c7:
0a:25:c0:a3:10:63:13:48:0b:67:b2:15:88:97:04:
0d:03:7f:89:55:d3:59:b1:82:d5:86:19:c5:ad:9b:
5d:0c:ef:b2:c1:79:0e:e8:42:d5:e3:6b:23:70:37:
62:18:08:64:20:cf:94:da:a8:8c:4e:93:b2:ce:5a:
03:63:93:1e:30:19:0c:ce:cd:9e:90:7b:bb:dd:19:
5e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:61:03:13:26:E6:A5:BC:94:2D:EB:9C:1B:65:43:26:A1:A4:13:DD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XGEDEybmpbyULeucG2VDJqGkE90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.94.170.0/24
85.209.120.0/23
146.19.125.0/24
193.30.241.0/24
193.57.41.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:76:a0:e1:ec:9b:d6:b4:c1:a9:4d:01:18:c5:a8:00:30:52:
6d:ec:f5:2d:86:4c:da:d9:cd:76:a7:90:4f:19:12:d0:65:68:
52:1b:cf:5e:97:15:55:65:09:34:cf:82:6e:e2:dd:24:93:77:
ca:6e:b9:9a:36:0b:16:46:49:aa:d9:2e:5b:9c:5d:9d:7e:42:
d4:ac:e0:fa:3b:40:dc:be:f2:37:c4:56:91:e6:c5:34:7f:67:
86:e7:c5:f9:e9:88:db:e1:1f:e0:e6:dc:de:01:99:43:cf:30:
b9:7b:29:66:71:26:60:fc:60:aa:87:ca:bc:55:1b:a5:9b:f0:
4c:37:d3:d7:ad:8c:20:2d:0b:2a:9a:f4:2a:17:66:0e:7f:f2:
9a:37:2b:fe:62:82:d2:b6:2a:e7:49:6f:48:36:ac:3a:f0:ff:
83:c5:34:03:7e:97:3a:ef:7d:e0:30:82:1f:8f:f8:ad:12:7a:
a7:35:4c:4c:09:21:2e:4b:da:f7:11:58:f3:39:79:e3:4e:5b:
10:3c:2c:22:d0:55:46:bd:18:22:af:94:96:a5:78:fb:3a:6e:
a2:c9:38:26:e2:c4:e7:2e:59:8a:01:d6:76:44:c1:cd:ce:aa:
36:0b:75:61:bc:2c:0b:3c:24:96:8a:26:59:25:55:20:63:54:
e0:02:83:22
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY53B4SYB2rFPLJzYXcP4FAIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzI1MTkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzYxMDMxMzI2ZTZhNWJjOTQyZGViOWMxYjY1NDMyNmExYTQxM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsSXy6zmdizvf979pigERWqShgcX
e/WeEzWhY2Esb7gXzdQtNUOq1nIlt222Rukoy2PotWeCcJLLCmiDkoRal+uhmc/J
NNDRTZm2dtoKneZUeCNy8fjBr6VedTRlCWjCE4EmH4wXHJ5OOSCoi8mKpkMqDrWB
bUQ99c23SVoOtEpInPjL2Jev5wLqYdKr5yxIC8ZJb2CQ7LjZhpffBtU7yLTLjekK
nb6Mw9Gm4v3mHewHQscKJcCjEGMTSAtnshWIlwQNA3+JVdNZsYLVhhnFrZtdDO+y
wXkO6ELV42sjcDdiGAhkIM+U2qiMTpOyzloDY5MeMBkMzs2ekHu73RlehwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFxhAxMm5qW8lC3rnBtlQyahpBPdMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWEdFREV5Ym1wYnlVTGV1Y0cyVkRKcUdrRTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBbVUAwQA
BbVXAwQALV6qAwQBVdF4AwQAkhN9AwQAwR7xAwQAwTkpAwQAw7FfMA0GCSqGSIb3
DQEBCwUAA4IBAQBedqDh7JvWtMGpTQEYxagAMFJt7PUthkza2c12p5BPGRLQZWhS
G89elxVVZQk0z4Ju4t0kk3fKbrmaNgsWRkmq2S5bnF2dfkLUrOD6O0DcvvI3xFaR
5sU0f2eG58X56Yjb4R/g5tzeAZlDzzC5eylmcSZg/GCqh8q8VRulm/BMN9PXrYwg
LQsqmvQqF2YOf/KaNyv+YoLStirnSW9INqw68P+DxTQDfpc6733gMIIfj/itEnqn
NUxMCSEuS9r3EVjzOXnjTlsQPCwi0FVGvRgir5SWpXj7Om6iyTgm4sTnLlmKAdZ2
RMHNzqo2C3VhvCwLPCSWiiZZJVUgY1TgAoMi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org