Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/X8DJCU0Fe88yP5ZQp4LKqBvRsIM.roa
File: X8DJCU0Fe88yP5ZQp4LKqBvRsIM.roa (raw, json)
Hash identifier: rXk3pjzu2PrBU6y24vwzH5aFnLkDkWSxbaRRMP7KCZY=
Subject key identifier: 5F:C0:C9:09:4D:05:7B:CF:32:3F:96:50:A7:82:CA:A8:1B:D1:B0:83
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018D45E6A491B40EA9401D729B5FE7B1F5AA
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/X8DJCU0Fe88yP5ZQp4LKqBvRsIM.roa
Signing time: Fri 26 Jan 2024 13:12:39 +0000
ROA not before: Fri 26 Jan 2024 13:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 46.245.144.0/21 maxlen: 21
78.110.128.0/20 maxlen: 20
138.187.0.0/16 maxlen: 19
138.188.0.0/16 maxlen: 24
138.190.0.0/16 maxlen: 16
164.128.0.0/16 maxlen: 24
185.39.92.0/22 maxlen: 22
185.84.76.0/22 maxlen: 24
185.106.64.0/22 maxlen: 24
188.92.48.0/21 maxlen: 21
193.5.0.0/24 maxlen: 24
193.5.3.0/24 maxlen: 24
193.5.4.0/23 maxlen: 24
193.5.6.0/23 maxlen: 23
193.5.20.0/24 maxlen: 24
193.5.36.0/24 maxlen: 24
193.5.38.0/24 maxlen: 24
193.5.52.0/24 maxlen: 24
193.5.59.0/24 maxlen: 24
193.5.61.0/24 maxlen: 24
193.5.63.0/24 maxlen: 24
193.5.224.0/20 maxlen: 20
193.47.232.0/24 maxlen: 24
193.134.36.0/22 maxlen: 24
193.134.248.0/23 maxlen: 24
193.134.255.0/24 maxlen: 24
193.135.0.0/23 maxlen: 24
193.135.3.0/24 maxlen: 24
193.135.26.0/23 maxlen: 23
193.135.100.0/24 maxlen: 24
193.135.111.0/24 maxlen: 24
193.135.128.0/22 maxlen: 24
193.135.132.0/24 maxlen: 24
193.135.133.0/24 maxlen: 24
193.135.136.0/24 maxlen: 24
193.135.140.0/24 maxlen: 24
193.135.142.0/23 maxlen: 24
193.135.143.0/24 maxlen: 24
193.135.144.0/23 maxlen: 24
193.135.148.0/24 maxlen: 24
193.135.173.0/24 maxlen: 24
193.135.214.0/23 maxlen: 24
193.135.218.0/24 maxlen: 24
193.135.255.0/24 maxlen: 24
193.222.64.0/19 maxlen: 19
193.223.16.0/20 maxlen: 20
193.223.32.0/19 maxlen: 19
193.246.0.0/23 maxlen: 24
193.246.8.0/22 maxlen: 22
193.246.16.0/21 maxlen: 24
193.246.32.0/20 maxlen: 20
193.246.32.0/21 maxlen: 24
193.246.40.0/21 maxlen: 21
193.246.48.0/23 maxlen: 24
193.246.50.0/24 maxlen: 24
193.246.56.0/24 maxlen: 24
193.246.57.0/24 maxlen: 24
193.246.99.0/24 maxlen: 24
193.246.100.0/24 maxlen: 24
193.246.104.0/24 maxlen: 24
193.246.105.0/24 maxlen: 24
193.246.113.0/24 maxlen: 24
193.246.127.0/24 maxlen: 24
193.246.202.0/23 maxlen: 24
193.246.246.0/24 maxlen: 24
193.246.248.0/22 maxlen: 24
193.247.36.0/22 maxlen: 24
193.247.40.0/24 maxlen: 24
193.247.41.0/24 maxlen: 24
193.247.42.0/24 maxlen: 24
193.247.43.0/24 maxlen: 24
193.247.44.0/22 maxlen: 24
193.247.86.0/24 maxlen: 24
193.247.90.0/24 maxlen: 24
193.247.104.0/23 maxlen: 23
193.247.151.0/24 maxlen: 24
193.247.166.0/23 maxlen: 23
193.247.166.0/24 maxlen: 24
193.247.167.0/24 maxlen: 24
193.247.168.0/21 maxlen: 21
193.247.193.0/24 maxlen: 24
193.247.217.0/24 maxlen: 24
193.247.218.0/23 maxlen: 23
193.247.224.0/21 maxlen: 24
193.247.244.0/23 maxlen: 24
193.247.247.0/24 maxlen: 24
193.247.250.0/24 maxlen: 24
193.247.255.0/24 maxlen: 24
194.6.160.0/19 maxlen: 24
194.11.96.0/20 maxlen: 20
194.11.144.0/21 maxlen: 21
194.209.0.0/16 maxlen: 24
195.35.121.0/24 maxlen: 24
195.65.0.0/16 maxlen: 24
195.144.32.0/19 maxlen: 24
195.176.128.0/19 maxlen: 24
195.176.192.0/19 maxlen: 24
212.117.96.0/19 maxlen: 19
212.243.0.0/16 maxlen: 24
217.192.0.0/15 maxlen: 24
2001:918::/32 maxlen: 48
2001:91f::/32 maxlen: 32
2a01:8b00::/32 maxlen: 32
2a02:a90::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Feb 2024 10:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:e6:a4:91:b4:0e:a9:40:1d:72:9b:5f:e7:b1:f5:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 26 13:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fc0c9094d057bcf323f9650a782caa81bd1b083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c9:f6:25:8a:7c:f5:67:cb:6c:ff:ad:7d:2e:
8a:94:1e:79:eb:10:f9:e6:b5:fa:dd:a4:89:8f:7e:
a1:d7:32:11:75:c9:57:86:95:9f:70:a5:6a:01:be:
0f:6a:55:5a:bd:cf:cc:9b:eb:dd:c9:74:6b:c6:98:
ea:39:a6:4e:7d:80:c7:a7:a0:24:e1:19:b9:b6:e0:
8a:53:94:99:85:50:b6:e3:5f:42:3d:a7:bb:f4:fc:
20:7c:ca:e5:98:cf:c1:9d:f8:5b:48:c8:86:1c:ac:
24:3f:1e:e9:c4:eb:f7:0f:72:b0:26:c5:65:25:92:
8b:b2:28:8f:54:d4:20:63:60:7b:44:22:bf:19:6c:
51:07:58:97:32:71:d2:be:7c:cd:0e:c5:95:77:37:
91:d8:e3:9b:2b:da:27:25:55:05:68:1c:72:08:a9:
04:0f:4f:3b:90:c8:5b:7b:0a:be:54:68:46:c5:5e:
89:e3:e3:7a:75:d5:2e:7a:58:c8:52:99:19:6c:5c:
3e:dd:16:56:31:6e:84:0e:22:7e:33:01:88:ef:4a:
e7:5c:7b:cd:ad:58:11:1d:a1:36:04:4b:3c:f9:6e:
79:84:b8:bd:98:f2:93:15:e2:95:47:7b:ce:05:21:
76:b6:98:6a:d8:72:ac:b1:a5:80:35:18:60:b5:00:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C0:C9:09:4D:05:7B:CF:32:3F:96:50:A7:82:CA:A8:1B:D1:B0:83
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/X8DJCU0Fe88yP5ZQp4LKqBvRsIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.144.0/21
78.110.128.0/20
138.187.0.0-138.188.255.255
138.190.0.0/16
164.128.0.0/16
185.39.92.0/22
185.84.76.0/22
185.106.64.0/22
188.92.48.0/21
193.5.0.0/24
193.5.3.0-193.5.7.255
193.5.20.0/24
193.5.36.0/24
193.5.38.0/24
193.5.52.0/24
193.5.59.0/24
193.5.61.0/24
193.5.63.0/24
193.5.224.0/20
193.47.232.0/24
193.134.36.0/22
193.134.248.0/23
193.134.255.0-193.135.1.255
193.135.3.0/24
193.135.26.0/23
193.135.100.0/24
193.135.111.0/24
193.135.128.0-193.135.133.255
193.135.136.0/24
193.135.140.0/24
193.135.142.0-193.135.145.255
193.135.148.0/24
193.135.173.0/24
193.135.214.0/23
193.135.218.0/24
193.135.255.0/24
193.222.64.0/19
193.223.16.0-193.223.63.255
193.246.0.0/23
193.246.8.0/22
193.246.16.0/21
193.246.32.0-193.246.50.255
193.246.56.0/23
193.246.99.0-193.246.100.255
193.246.104.0/23
193.246.113.0/24
193.246.127.0/24
193.246.202.0/23
193.246.246.0/24
193.246.248.0/22
193.247.36.0-193.247.47.255
193.247.86.0/24
193.247.90.0/24
193.247.104.0/23
193.247.151.0/24
193.247.166.0-193.247.175.255
193.247.193.0/24
193.247.217.0-193.247.219.255
193.247.224.0/21
193.247.244.0/23
193.247.247.0/24
193.247.250.0/24
193.247.255.0/24
194.6.160.0/19
194.11.96.0/20
194.11.144.0/21
194.209.0.0/16
195.35.121.0/24
195.65.0.0/16
195.144.32.0/19
195.176.128.0/19
195.176.192.0/19
212.117.96.0/19
212.243.0.0/16
217.192.0.0/15
IPv6:
2001:918::/32
2001:91f::/32
2a01:8b00::/32
2a02:a90::/32
Signature Algorithm: sha256WithRSAEncryption
aa:b5:7e:09:75:4c:ab:62:1e:91:c2:7a:97:eb:5c:ad:7a:ee:
92:b1:98:03:90:4f:74:fe:ef:44:b2:6a:30:4d:6e:32:58:72:
35:88:67:c0:8f:07:a2:2b:59:41:00:de:6b:7e:f0:89:5d:70:
d3:a1:a1:4a:19:a3:9e:7d:1f:5f:0d:8a:63:33:1a:25:36:9b:
c7:93:96:4d:b7:7a:b1:a7:61:26:3c:d9:4e:7c:5b:83:3d:12:
91:30:91:9f:95:b1:51:f7:94:55:53:21:22:6a:02:22:c7:d5:
83:08:a8:bc:e9:55:64:46:a5:24:44:e0:b1:f9:be:53:03:4d:
5f:4a:70:46:79:f7:9b:90:2e:87:7e:bc:89:65:96:09:87:b3:
1f:06:65:c2:4f:13:c9:5d:09:93:0e:37:21:a0:67:5f:9a:dd:
0c:76:66:4e:ae:1d:15:ba:2e:2a:b7:00:10:09:68:b1:ae:7c:
0e:51:f8:5d:b2:25:35:01:89:8b:c2:8e:59:53:19:ad:56:47:
e9:19:99:9e:e4:1e:80:43:cf:98:7e:06:01:e5:65:e8:42:16:
01:58:e6:dc:89:be:f3:e0:5a:a0:9e:48:a2:5c:2c:5c:c8:f7:
d7:06:71:bc:16:72:d9:5d:f9:71:58:ad:95:81:a9:6b:b5:57:
c0:0b:63:9c
-----BEGIN CERTIFICATE-----
MIIHNzCCBh+gAwIBAgISAY1F5qSRtA6pQB1ym1/nsfWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTI2MTMxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMwYzkwOTRkMDU3YmNmMzIzZjk2NTBhNzgyY2FhODFiZDFiMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsn2JYp89WfLbP+tfS6KlB556xD5
5rX63aSJj36h1zIRdclXhpWfcKVqAb4PalVavc/Mm+vdyXRrxpjqOaZOfYDHp6Ak
4Rm5tuCKU5SZhVC2419CPae79PwgfMrlmM/BnfhbSMiGHKwkPx7pxOv3D3KwJsVl
JZKLsiiPVNQgY2B7RCK/GWxRB1iXMnHSvnzNDsWVdzeR2OObK9onJVUFaBxyCKkE
D087kMhbewq+VGhGxV6J4+N6ddUueljIUpkZbFw+3RZWMW6EDiJ+MwGI70rnXHvN
rVgRHaE2BEs8+W55hLi9mPKTFeKVR3vOBSF2tphq2HKssaWANRhgtQDnwQIDAQAB
o4IEQzCCBD8wHQYDVR0OBBYEFF/AyQlNBXvPMj+WUKeCyqgb0bCDMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvWDhESkNVMEZlODh5UDVaUXA0TEtxQnZSc0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICVwYIKwYBBQUHAQcBAf8EggJGMIICQjCCAhoEAgABMIIC
EgMEAy71kAMEBE5ugDAKAwMAirsDAwCKvAMDAIq+AwMApIADBAK5J1wDBAK5VEwD
BAK5akADBAO8XDADBADBBQAwDAMEAMEFAwMEA8EFAAMEAMEFFAMEAMEFJAMEAMEF
JgMEAMEFNAMEAMEFOwMEAMEFPQMEAMEFPwMEBMEF4AMEAMEv6AMEAsGGJAMEAcGG
+DAMAwQAwYb/AwQBwYcAAwQAwYcDAwQBwYcaAwQAwYdkAwQAwYdvMAwDBAfBh4AD
BAHBh4QDBADBh4gDBADBh4wwDAMEAcGHjgMEAcGHkAMEAMGHlAMEAMGHrQMEAcGH
1gMEAMGH2gMEAMGH/wMEBcHeQDAMAwQEwd8QAwQGwd8AAwQBwfYAAwQCwfYIAwQD
wfYQMAwDBAXB9iADBADB9jIDBAHB9jgwDAMEAMH2YwMEAMH2ZAMEAcH2aAMEAMH2
cQMEAMH2fwMEAcH2ygMEAMH29gMEAsH2+DAMAwQCwfckAwQEwfcgAwQAwfdWAwQA
wfdaAwQBwfdoAwQAwfeXMAwDBAHB96YDBATB96ADBADB98EwDAMEAMH32QMEAsH3
2AMEA8H34AMEAcH39AMEAMH39wMEAMH3+gMEAMH3/wMEBcIGoAMEBMILYAMEA8IL
kAMDAMLRAwQAwyN5AwMAw0EDBAXDkCADBAXDsIADBAXDsMADBAXUdWADAwDU8wMD
AdnAMCIEAgACMBwDBQAgAQkYAwUAIAEJHwMFACoBiwADBQAqAgqQMA0GCSqGSIb3
DQEBCwUAA4IBAQCqtX4JdUyrYh6RwnqX61yteu6SsZgDkE90/u9EsmowTW4yWHI1
iGfAjweiK1lBAN5rfvCJXXDToaFKGaOefR9fDYpjMxolNpvHk5ZNt3qxp2EmPNlO
fFuDPRKRMJGflbFR95RVUyEiagIix9WDCKi86VVkRqUkROCx+b5TA01fSnBGefeb
kC6HfryJZZYJh7MfBmXCTxPJXQmTDjchoGdfmt0MdmZOrh0Vui4qtwAQCWixrnwO
UfhdsiU1AYmLwo5ZUxmtVkfpGZme5B6AQ8+YfgYB5WXoQhYBWObcib7z4Fqgnkii
XCxcyPfXBnG8FnLZXflxWK2VgalrtVfAC2Oc
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:26:41 2025 by rpki-client