Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/Xud3Eo9v9z--5rjfVXXnwP2I05I.roa
File: Xud3Eo9v9z--5rjfVXXnwP2I05I.roa (raw, json)
Hash identifier: LapdOfz+71mdEszCylYXU7P7nowWHJAfa3br08Rt4s4=
Subject key identifier: 5E:E7:77:12:8F:6F:F7:3F:BE:E6:B8:DF:55:75:E7:C0:FD:88:D3:92
Certificate issuer: /CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Certificate serial: 018CC8013B0F08C3ADB16C9EBAB203CED0F1
Authority key identifier: BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/Xud3Eo9v9z--5rjfVXXnwP2I05I.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25248
IP address blocks: 85.207.0.0/16 maxlen: 16
84.244.64.0/18 maxlen: 18
82.99.128.0/18 maxlen: 18
212.158.128.0/19 maxlen: 19
2a02:a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3b:0f:08:c3:ad:b1:6c:9e:ba:b2:03:ce:d0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bef5252ccac3f6dc1426b553f2c1c7233acc894b
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ee777128f6ff73fbee6b8df5575e7c0fd88d392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3f:93:00:f9:91:a6:b4:d8:cd:75:57:b9:4c:
c8:51:33:88:a2:a5:16:17:68:e8:e3:27:ee:3a:02:
0f:2f:66:08:ee:39:96:70:eb:ab:2b:9f:eb:46:7a:
18:7a:f8:e1:ae:df:57:3b:a7:63:fd:0a:2d:46:bf:
a9:54:af:cf:f6:ca:89:2d:14:f1:8d:52:d9:40:1f:
d4:6f:93:c6:20:26:14:53:fb:61:41:fe:59:f9:96:
dd:ea:9d:89:d8:e0:4e:46:93:b1:5b:f7:bd:48:29:
f2:3a:9b:b5:22:cd:84:40:8b:45:c3:73:72:9f:8f:
cd:5a:5c:b6:79:e6:fb:dd:ca:1f:e8:4e:0d:ee:31:
93:bd:42:48:91:4e:a7:bd:b4:fb:13:8d:5e:04:3a:
e8:e6:a5:b5:dc:f2:0b:f7:86:a1:66:29:7c:6e:6b:
e7:26:44:12:88:8b:9b:2d:d4:e2:d0:f4:04:f3:cc:
e7:f0:da:44:52:67:83:a7:e1:14:8d:18:16:b9:8b:
f3:48:b9:14:f2:99:1b:d1:12:88:6e:11:f2:3b:de:
4e:b8:ce:b3:6f:c0:cf:2e:14:f6:48:0a:9c:0e:5a:
9a:e8:b6:60:28:06:e8:d2:03:0c:31:76:12:ca:59:
3b:14:16:63:81:3d:95:fd:18:d2:1c:d6:92:6d:27:
e4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E7:77:12:8F:6F:F7:3F:BE:E6:B8:DF:55:75:E7:C0:FD:88:D3:92
X509v3 Authority Key Identifier:
keyid:BE:F5:25:2C:CA:C3:F6:DC:14:26:B5:53:F2:C1:C7:23:3A:CC:89:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vvUlLMrD9twUJrVT8sHHIzrMiUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/Xud3Eo9v9z--5rjfVXXnwP2I05I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e7fc98-128a-453d-bdfb-11e5f6d12ef1/1/vvUlLMrD9twUJrVT8sHHIzrMiUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.99.128.0/18
84.244.64.0/18
85.207.0.0/16
212.158.128.0/19
IPv6:
2a02:a40::/32
Signature Algorithm: sha256WithRSAEncryption
00:66:93:d8:55:c6:5b:06:35:91:fc:bf:9a:10:5e:bd:e8:73:
6a:d9:71:bb:6b:fe:3b:92:94:b9:16:09:34:ed:44:0c:3b:c7:
22:ec:3b:4e:79:6a:89:2b:f6:f5:23:23:82:57:42:67:fb:66:
9e:82:5d:ae:35:f8:ec:44:30:64:1f:f4:7a:94:3e:c9:bb:de:
77:5f:6f:86:65:fe:6a:d9:03:7a:20:ab:e3:f4:a8:38:c4:82:
46:16:32:b0:66:48:e8:3d:43:e0:44:5c:0f:03:7c:af:95:58:
87:68:7b:38:69:96:42:fa:2f:39:5c:1d:19:62:9b:61:c3:7a:
c8:83:d5:07:20:f9:2a:eb:be:d3:f9:64:f9:3d:ad:99:cf:9a:
0d:93:10:ea:6f:db:57:10:23:12:32:5c:24:00:9d:37:7d:d1:
52:3d:f2:cc:fc:1e:2d:59:9e:93:5e:1a:1d:a9:db:1c:de:68:
34:0d:56:9f:77:b7:95:65:49:48:e2:fe:34:37:48:93:f6:f6:
29:9f:0e:f7:d1:7b:3a:7e:4c:a3:e5:62:a7:43:29:96:98:b6:
d3:eb:3c:c0:a4:dd:de:ed:22:e3:e0:6c:62:15:4c:57:63:ad:
8e:9d:9f:38:bf:d8:04:3a:aa:81:39:b8:14:58:9d:42:b3:c7:
ed:f6:fb:7c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIATsPCMOtsWyeurIDztDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZjUyNTJjY2FjM2Y2ZGMxNDI2YjU1M2YyYzFjNzIzM2Fj
Yzg5NGIwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWU3NzcxMjhmNmZmNzNmYmVlNmI4ZGY1NTc1ZTdjMGZkODhkMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj+TAPmRprTYzXVXuUzIUTOIoqUW
F2jo4yfuOgIPL2YI7jmWcOurK5/rRnoYevjhrt9XO6dj/QotRr+pVK/P9sqJLRTx
jVLZQB/Ub5PGICYUU/thQf5Z+Zbd6p2J2OBORpOxW/e9SCnyOpu1Is2EQItFw3Ny
n4/NWly2eeb73cof6E4N7jGTvUJIkU6nvbT7E41eBDro5qW13PIL94ahZil8bmvn
JkQSiIubLdTi0PQE88zn8NpEUmeDp+EUjRgWuYvzSLkU8pkb0RKIbhHyO95OuM6z
b8DPLhT2SAqcDlqa6LZgKAbo0gMMMXYSylk7FBZjgT2V/RjSHNaSbSfkTwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF7ndxKPb/c/vua431V158D9iNOSMB8GA1UdIwQY
MBaAFL71JSzKw/bcFCa1U/LBxyM6zIlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmIt
MTFlNWY2ZDEyZWYxLzEvWHVkM0VvOXY5ei0tNXJqZlZYWG53UDJJMDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lN2ZjOTgtMTI4YS00NTNkLWJkZmItMTFlNWY2ZDEyZWYx
LzEvdnZVbExNckQ5dHdVSnJWVDhzSEhJenJNaVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGUmOAAwQG
VPRAAwMAVc8DBAXUnoAwDQQCAAIwBwMFACoCCkAwDQYJKoZIhvcNAQELBQADggEB
AABmk9hVxlsGNZH8v5oQXr3oc2rZcbtr/juSlLkWCTTtRAw7xyLsO055aokr9vUj
I4JXQmf7Zp6CXa41+OxEMGQf9HqUPsm73ndfb4Zl/mrZA3ogq+P0qDjEgkYWMrBm
SOg9Q+BEXA8DfK+VWIdoezhplkL6LzlcHRlim2HDesiD1Qcg+SrrvtP5ZPk9rZnP
mg2TEOpv21cQIxIyXCQAnTd90VI98sz8Hi1ZnpNeGh2p2xzeaDQNVp93t5VlSUji
/jQ3SJP29imfDvfRezp+TKPlYqdDKZaYttPrPMCk3d7tIuPgbGIVTFdjrY6dnzi/
2AQ6qoE5uBRYnUKzx+32+3w=
-----END CERTIFICATE-----
Generated at Fri Apr 5 13:01:16 2024 by rpki-client on console-ams.rpki-client.org