Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/XBWSU08yl6lp2i3_CSKrin3hYBA.roa
File: XBWSU08yl6lp2i3_CSKrin3hYBA.roa (raw, json)
Hash identifier: LRnLXEFcRZZsVxJu++PQDohntdS8ysfxk/N6QCozXD8=
Subject key identifier: 5C:15:92:53:4F:32:97:A9:69:DA:2D:FF:09:22:AB:8A:7D:E1:60:10
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3DCD3FC31423C29CD4C13F041F7FE21B
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/XBWSU08yl6lp2i3_CSKrin3hYBA.roa
Signing time: Thu 14 Mar 2024 16:30:45 +0000
ROA not before: Thu 14 Mar 2024 16:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 5.159.208.0/21 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Apr 2024 15:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:cd:3f:c3:14:23:c2:9c:d4:c1:3f:04:1f:7f:e2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 14 16:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1592534f3297a969da2dff0922ab8a7de16010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e2:32:90:66:4f:40:a4:85:84:5e:b3:51:00:
5f:a8:40:da:31:a5:88:9e:d0:f5:a8:f1:f0:80:78:
46:26:3a:aa:20:75:b9:27:dd:0a:45:87:0f:5b:ac:
2a:b0:5a:73:72:f2:d4:23:8a:31:77:69:18:fe:ca:
16:44:19:84:64:1c:af:21:74:ee:65:b6:cd:77:28:
1d:fc:0b:05:da:25:4f:99:b5:43:99:2c:c9:37:83:
fa:ee:19:a2:61:bb:6b:d7:21:39:04:fa:1b:24:db:
60:1a:9d:d5:d0:c2:88:84:70:da:15:ac:e6:06:e7:
5f:aa:60:e8:3e:66:0e:c7:34:37:78:a0:10:69:75:
f2:7a:de:54:08:4f:c4:e8:46:24:6c:3e:4a:64:02:
75:f3:03:6b:93:14:40:15:06:02:64:fd:ee:89:cb:
be:2f:b3:77:43:24:19:2d:0d:6c:cd:b3:9b:f7:03:
ca:d3:ef:8a:31:aa:08:bd:cc:a5:63:21:c9:e8:36:
53:76:ea:f3:e6:c5:8f:e4:c1:95:cc:06:fd:ca:41:
5c:78:bf:29:28:b1:29:8b:88:42:73:0e:98:9e:f0:
9a:97:cc:b2:cf:15:63:94:46:10:5a:e0:b2:5a:b3:
d9:5a:96:c0:2b:d3:08:fb:eb:aa:0d:3a:db:55:94:
d3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:15:92:53:4F:32:97:A9:69:DA:2D:FF:09:22:AB:8A:7D:E1:60:10
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/XBWSU08yl6lp2i3_CSKrin3hYBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:2c:37:41:4c:51:d8:21:39:3d:cf:03:8f:30:31:b7:70:e5:
4a:c0:63:b1:77:e9:0e:39:1d:05:af:2a:db:fb:16:86:25:16:
ee:26:41:37:30:c5:87:39:61:22:50:0a:c1:25:fe:56:1b:3c:
b6:b3:38:22:ce:2a:82:91:db:8f:86:78:57:78:33:6d:54:4e:
90:0d:82:d4:bf:6f:68:57:59:92:32:84:61:64:92:f7:08:67:
f2:d1:98:20:89:21:ed:b1:cb:a6:1e:08:3e:31:8a:d3:fd:0f:
2b:97:ae:7b:49:87:1f:65:13:0a:cb:5d:aa:b3:4e:c9:2c:cd:
a1:fa:24:69:f1:6a:82:55:a5:e7:4f:c5:e7:d0:1f:c6:e3:bb:
86:39:a7:b2:1a:5f:70:36:b0:d0:11:06:b5:a0:d4:b3:b9:1d:
5f:9c:1d:cb:62:36:e4:f3:cd:15:a7:f3:64:9b:c4:00:c1:a1:
30:3b:4e:a2:85:2b:df:27:d5:69:56:cb:fa:63:b6:11:b2:79:
11:44:0d:64:d9:bb:80:6c:a7:a8:64:13:48:53:84:5e:57:1f:
2e:89:95:96:19:01:d7:1a:a9:79:5f:03:4e:37:01:20:2e:da:
32:01:69:e0:f2:ee:f6:fb:07:40:db:3a:4d:48:ca:3f:ce:ce:
61:54:9d:da
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY49zT/DFCPCnNTBPwQff+IbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzE0MTYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzE1OTI1MzRmMzI5N2E5NjlkYTJkZmYwOTIyYWI4YTdkZTE2MDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+IykGZPQKSFhF6zUQBfqEDaMaWI
ntD1qPHwgHhGJjqqIHW5J90KRYcPW6wqsFpzcvLUI4oxd2kY/soWRBmEZByvIXTu
ZbbNdygd/AsF2iVPmbVDmSzJN4P67hmiYbtr1yE5BPobJNtgGp3V0MKIhHDaFazm
BudfqmDoPmYOxzQ3eKAQaXXyet5UCE/E6EYkbD5KZAJ18wNrkxRAFQYCZP3uicu+
L7N3QyQZLQ1szbOb9wPK0++KMaoIvcylYyHJ6DZTdurz5sWP5MGVzAb9ykFceL8p
KLEpi4hCcw6YnvCal8yyzxVjlEYQWuCyWrPZWpbAK9MI++uqDTrbVZTTiwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFFwVklNPMpepadot/wkiq4p94WAQMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvWEJXU1UwOHlsNmxwMmkzX0NTS3JpbjNoWUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAMF
n9ADBAMfwGADBAItCGQDBAIthGwDBARQSvADBAVVX2ADBANcKngDBANfgUADBAOw
OgADBAK5T7gDBAK5XswDBAK5Y0wDBAK5kVgDBAK5stgDBAK5zNQDBAO8XhADBADB
GAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQLRAMEAtQLSAME
BNmRgDAUBAIAAjAOAwUAKgDxwAMFAyoE6cAwDQYJKoZIhvcNAQELBQADggEBAIks
N0FMUdghOT3PA48wMbdw5UrAY7F36Q45HQWvKtv7FoYlFu4mQTcwxYc5YSJQCsEl
/lYbPLazOCLOKoKR24+GeFd4M21UTpANgtS/b2hXWZIyhGFkkvcIZ/LRmCCJIe2x
y6YeCD4xitP9DyuXrntJhx9lEwrLXaqzTskszaH6JGnxaoJVpedPxefQH8bju4Y5
p7IaX3A2sNARBrWg1LO5HV+cHctiNuTzzRWn82SbxADBoTA7TqKFK98n1WlWy/pj
thGyeRFEDWTZu4Bsp6hkE0hThF5XHy6JlZYZAdcaqXlfA043ASAu2jIBaeDy7vb7
B0DbOk1Iyj/OzmFUndo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org