Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/XgMyUDBHAGrb4pvni7JTPdvAAyM.roa
File: XgMyUDBHAGrb4pvni7JTPdvAAyM.roa (raw, json)
Hash identifier: lePRUlfsJE9OiBGauqUPHLzVMmSXucWqhtOqzwpIRC0=
Subject key identifier: 5E:03:32:50:30:47:00:6A:DB:E2:9B:E7:8B:B2:53:3D:DB:C0:03:23
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018CC801C5DAD288BC894BE94E2E4A807732
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/XgMyUDBHAGrb4pvni7JTPdvAAyM.roa
Signing time: Tue 02 Jan 2024 02:30:08 +0000
ROA not before: Tue 02 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44208
IP address blocks: 94.74.190.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
31.170.48.0/20 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:05:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c5:da:d2:88:bc:89:4b:e9:4e:2e:4a:80:77:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e0332503047006adbe29be78bb2533ddbc00323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:32:7b:02:fa:39:58:bc:3a:93:dd:23:31:33:
d1:d7:50:50:98:5c:39:02:09:5f:e9:83:54:4e:09:
0b:90:c5:b9:8f:5f:3e:e7:b7:28:63:44:17:57:2a:
5d:60:c4:03:1c:d5:1a:b9:21:8e:cd:e4:49:14:12:
ff:02:79:db:96:fe:dd:e8:a3:fe:cd:b2:ce:40:09:
98:55:c0:7a:23:4b:29:24:d7:18:f5:c1:cf:58:61:
1b:2a:d5:4e:62:82:a1:6d:8b:5e:a2:0b:d5:eb:ca:
ab:bd:b0:34:b2:14:7b:57:c1:56:db:91:9d:50:73:
55:91:21:b1:6e:3e:5c:16:76:8b:5c:1e:da:44:d8:
41:47:bc:8a:98:29:ed:b6:bd:29:26:e2:b4:81:89:
4a:34:c6:c9:a7:ea:b8:66:53:f9:e6:0f:f6:bc:b3:
26:f3:14:fa:78:8d:7f:ff:c5:ce:49:fe:c1:3e:75:
7c:a3:b0:9c:d1:e1:3d:fe:11:1f:46:89:30:65:dd:
e1:a0:14:61:74:df:e9:3b:33:f6:19:09:b1:44:e9:
d5:94:df:70:b8:4a:8a:58:2d:59:40:ac:2e:5d:c3:
89:c5:f9:da:8c:ae:5b:89:0c:a7:50:0f:47:92:a3:
30:42:ef:06:18:b3:8e:23:ba:4c:bc:a3:43:7c:69:
b2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:03:32:50:30:47:00:6A:DB:E2:9B:E7:8B:B2:53:3D:DB:C0:03:23
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/XgMyUDBHAGrb4pvni7JTPdvAAyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
109.203.161.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e5:c8:8f:4c:d3:57:9f:dc:41:8b:c1:6f:1e:dc:e7:59:91:
91:78:01:aa:64:2d:5b:36:17:48:98:ac:b9:6d:f8:d8:d3:64:
c1:76:5b:8d:04:1e:2f:84:eb:55:d4:c9:19:14:7b:10:ab:9e:
e3:68:a9:ac:fc:54:50:ae:7f:a0:d9:5b:ae:29:33:3a:d0:f4:
20:c9:a2:ae:cd:cf:ae:62:26:c7:3c:21:d6:d8:3a:e3:97:c1:
58:fe:af:23:93:ac:08:29:72:f1:6c:7e:44:61:4d:29:c6:d4:
43:50:a3:0b:9a:2a:7e:c6:86:1e:f9:75:27:bf:36:c0:aa:82:
cd:1d:86:13:fe:ed:58:16:90:3f:d2:28:f8:3e:73:75:db:d0:
c5:3d:d5:19:4c:f6:f9:9b:51:4f:f9:d8:c4:a4:6a:f4:a0:d4:
3c:ed:02:fa:cc:4b:b4:58:6d:5c:1b:8a:61:fc:4a:09:39:3c:
13:cc:f4:83:f9:6f:b0:bd:f5:a4:8d:36:06:a6:60:6e:29:1a:
5b:00:86:65:c8:c3:77:42:10:44:23:91:b4:97:84:45:4e:40:
02:5a:e4:26:73:8a:ee:90:58:7f:4c:86:fb:2b:fe:5d:b1:30:
3d:8d:2e:78:54:fa:f1:79:38:0d:7b:df:e2:cb:75:e5:5f:d7:
d9:b8:20:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAcXa0oi8iUvpTi5KgHcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTAyMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAzMzI1MDMwNDcwMDZhZGJlMjliZTc4YmIyNTMzZGRiYzAwMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDJ7Avo5WLw6k90jMTPR11BQmFw5
Aglf6YNUTgkLkMW5j18+57coY0QXVypdYMQDHNUauSGOzeRJFBL/Annblv7d6KP+
zbLOQAmYVcB6I0spJNcY9cHPWGEbKtVOYoKhbYteogvV68qrvbA0shR7V8FW25Gd
UHNVkSGxbj5cFnaLXB7aRNhBR7yKmCnttr0pJuK0gYlKNMbJp+q4ZlP55g/2vLMm
8xT6eI1//8XOSf7BPnV8o7Cc0eE9/hEfRokwZd3hoBRhdN/pOzP2GQmxROnVlN9w
uEqKWC1ZQKwuXcOJxfnajK5biQynUA9HkqMwQu8GGLOOI7pMvKNDfGmyywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF4DMlAwRwBq2+Kb54uyUz3bwAMjMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWGdNeVVEQkhBR3JiNHB2bmk3SlRQZHZBQXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH6owAwQG
XkqAAwQAbcuhMA0GCSqGSIb3DQEBCwUAA4IBAQAP5ciPTNNXn9xBi8FvHtznWZGR
eAGqZC1bNhdImKy5bfjY02TBdluNBB4vhOtV1MkZFHsQq57jaKms/FRQrn+g2Vuu
KTM60PQgyaKuzc+uYibHPCHW2Drjl8FY/q8jk6wIKXLxbH5EYU0pxtRDUKMLmip+
xoYe+XUnvzbAqoLNHYYT/u1YFpA/0ij4PnN129DFPdUZTPb5m1FP+djEpGr0oNQ8
7QL6zEu0WG1cG4ph/EoJOTwTzPSD+W+wvfWkjTYGpmBuKRpbAIZlyMN3QhBEI5G0
l4RFTkACWuQmc4rukFh/TIb7K/5dsTA9jS54VPrxeTgNe9/iy3XlX9fZuCB1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:32 2025 by rpki-client