Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/xcHdiyU09JpS-EWOXGY_mRtgA7o.roa
File: xcHdiyU09JpS-EWOXGY_mRtgA7o.roa (raw, json)
Hash identifier: SkVMzP1venCmDV/tnZ73RCzg6cqfuG6z/opfFlECWkQ=
Subject key identifier: C5:C1:DD:8B:25:34:F4:9A:52:F8:45:8E:5C:66:3F:99:1B:60:03:BA
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018C29FC7A699FB8CDB9F9C750DA3DE95F62
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/xcHdiyU09JpS-EWOXGY_mRtgA7o.roa
Signing time: Sat 02 Dec 2023 10:04:21 +0000
ROA not before: Sat 02 Dec 2023 10:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.100.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:29:fc:7a:69:9f:b8:cd:b9:f9:c7:50:da:3d:e9:5f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Dec 2 10:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5c1dd8b2534f49a52f8458e5c663f991b6003ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:fc:28:51:d7:3e:ca:66:c8:5e:88:37:f5:92:
be:9d:aa:97:89:28:fd:80:93:f1:6b:ea:32:fd:67:
2c:47:03:a1:f1:15:cd:ad:a2:bc:7c:9d:99:e1:a2:
c1:10:68:1f:01:59:77:69:c4:e2:42:18:a3:0a:97:
54:2e:4c:38:35:55:f7:17:87:8d:3a:88:b5:87:a8:
5f:97:05:d3:34:be:a0:66:b8:3f:86:c0:0c:54:9f:
8d:19:f3:a2:2c:0f:e5:89:84:46:54:63:5d:c7:ef:
52:ec:3a:04:ae:ff:53:ae:cd:ee:2f:8d:8c:83:da:
e5:c2:a1:e3:bc:02:e5:70:85:72:76:55:ea:86:ff:
0b:19:d7:53:0a:23:a0:a6:67:1d:54:a8:24:80:94:
31:c6:9b:40:a9:11:8e:31:96:9f:52:46:27:f0:b1:
15:d9:f6:c6:c4:e3:c8:36:18:94:98:70:63:63:36:
60:bd:08:aa:bf:0a:26:2f:03:3e:c2:72:d7:8c:a5:
25:dc:69:02:1a:5e:5a:31:09:8d:ce:c4:db:95:e5:
8b:31:b6:2a:7c:36:13:b4:ba:8c:cf:9f:7a:68:d2:
2a:8d:87:b9:9c:59:b7:de:ca:ec:3d:ef:6f:0e:ea:
05:9e:bb:c6:4b:de:3f:87:d2:82:a6:5a:43:86:5d:
00:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C1:DD:8B:25:34:F4:9A:52:F8:45:8E:5C:66:3F:99:1B:60:03:BA
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/xcHdiyU09JpS-EWOXGY_mRtgA7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.178.96.0-5.178.100.255
5.178.104.0-5.178.106.255
5.178.109.0/24
31.192.240.0/21
45.12.216.0/24
45.12.219.0/24
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
93:72:fd:f0:82:6c:72:be:72:23:79:d8:0b:86:16:b4:c8:ba:
41:15:2b:31:ee:0f:dd:dd:94:40:e1:95:ff:ec:f8:6e:a6:5d:
4c:a7:df:8a:31:a0:89:3d:0f:41:86:8c:43:1b:ee:e5:48:94:
96:38:94:20:19:18:a7:ef:88:cf:60:b9:e6:ac:b7:b7:e1:fe:
00:59:b7:4e:7e:ef:1d:62:b9:bb:e9:0a:f9:26:db:cd:5f:8d:
4e:50:7e:94:0f:ab:a5:dd:90:83:b8:4b:05:0e:fa:9d:3a:03:
d1:2f:12:4a:3a:fb:42:19:68:fe:92:c8:38:f1:8f:9e:30:df:
6a:1f:de:35:5b:19:83:fd:d5:c9:0e:25:93:6c:92:0f:cf:fc:
1e:cd:c3:cd:85:c8:2b:6c:4e:de:4d:60:e3:8e:bc:d9:d9:23:
b1:e5:21:50:41:26:b3:dd:d9:8d:f6:77:9b:82:5a:73:14:d6:
ab:37:c9:50:c7:c5:93:b2:3f:46:64:4b:0b:8b:61:44:e3:50:
5d:fa:48:0d:40:2c:2e:d8:6f:97:5f:d5:56:4c:fb:32:6e:1b:
a4:ff:7b:55:8d:bc:62:49:01:2f:fa:10:50:5a:2c:2f:b0:f0:
13:dc:0c:c6:d3:7c:3c:af:90:7c:d5:4a:a5:a8:33:55:d8:01:
e7:93:22:bf
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYwp/Hppn7jNufnHUNo96V9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjMxMjAyMTAwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWMxZGQ4YjI1MzRmNDlhNTJmODQ1OGU1YzY2M2Y5OTFiNjAwM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PwoUdc+ymbIXog39ZK+naqXiSj9
gJPxa+oy/WcsRwOh8RXNraK8fJ2Z4aLBEGgfAVl3acTiQhijCpdULkw4NVX3F4eN
Ooi1h6hflwXTNL6gZrg/hsAMVJ+NGfOiLA/liYRGVGNdx+9S7DoErv9Trs3uL42M
g9rlwqHjvALlcIVydlXqhv8LGddTCiOgpmcdVKgkgJQxxptAqRGOMZafUkYn8LEV
2fbGxOPINhiUmHBjYzZgvQiqvwomLwM+wnLXjKUl3GkCGl5aMQmNzsTbleWLMbYq
fDYTtLqMz596aNIqjYe5nFm33srsPe9vDuoFnrvGS94/h9KCplpDhl0A+wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMXB3YslNPSaUvhFjlxmP5kbYAO6MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEveGNIZGl5VTA5SnBTLUVXT1hHWV9tUnRnQTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNAwQABSf4MAsD
BAEFJ/oDAwMFIDAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmoDBAAFsm0DBAMf
wPADBAAtDNgDBAAtDNsDBAK5BSQwDQYJKoZIhvcNAQELBQADggEBAJNy/fCCbHK+
ciN52AuGFrTIukEVKzHuD93dlEDhlf/s+G6mXUyn34oxoIk9D0GGjEMb7uVIlJY4
lCAZGKfviM9gueast7fh/gBZt05+7x1iubvpCvkm281fjU5QfpQPq6XdkIO4SwUO
+p06A9EvEko6+0IZaP6SyDjxj54w32of3jVbGYP91ckOJZNskg/P/B7Nw82FyCts
Tt5NYOOOvNnZI7HlIVBBJrPd2Y32d5uCWnMU1qs3yVDHxZOyP0ZkSwuLYUTjUF36
SA1ALC7Yb5df1VZM+zJuG6T/e1WNvGJJAS/6EFBaLC+w8BPcDMbTfDyvkHzVSqWo
M1XYAeeTIr8=
-----END CERTIFICATE-----
Generated at Sun Dec 10 10:31:10 2023 by rpki-client on console-ams.rpki-client.org