Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/XEfIatCmoN7Pk2ZsDkPtsNTvDgc.roa
File: XEfIatCmoN7Pk2ZsDkPtsNTvDgc.roa (raw, json)
Hash identifier: FhgHhtu9Z2jKLtl/D8oUnPxILX9cXToQfubcmbpUZtY=
Subject key identifier: 5C:47:C8:6A:D0:A6:A0:DE:CF:93:66:6C:0E:43:ED:B0:D4:EF:0E:07
Certificate issuer: /CN=1a6a1413cc8965ee92416b6059f90b18778c8b38
Certificate serial: 018CC3B6BCB90F778AECAD7B5039FC33A346
Authority key identifier: 1A:6A:14:13:CC:89:65:EE:92:41:6B:60:59:F9:0B:18:77:8C:8B:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmoUE8yJZe6SQWtgWfkLGHeMizg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/XEfIatCmoN7Pk2ZsDkPtsNTvDgc.roa
Signing time: Mon 01 Jan 2024 06:29:42 +0000
ROA not before: Mon 01 Jan 2024 06:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5385
IP address blocks: 194.208.56.0/24 maxlen: 24
194.208.52.0/24 maxlen: 24
194.208.63.0/24 maxlen: 24
194.208.61.0/24 maxlen: 24
194.208.62.0/24 maxlen: 24
194.208.60.0/24 maxlen: 24
194.208.64.0/24 maxlen: 24
194.208.68.0/24 maxlen: 24
194.208.76.0/24 maxlen: 24
194.208.77.0/24 maxlen: 24
194.208.74.0/24 maxlen: 24
194.208.72.0/24 maxlen: 24
194.208.78.0/24 maxlen: 24
194.208.83.0/24 maxlen: 24
194.208.82.0/24 maxlen: 24
194.208.80.0/24 maxlen: 24
194.208.81.0/24 maxlen: 24
194.208.79.0/24 maxlen: 24
194.208.89.0/24 maxlen: 24
194.208.96.0/23 maxlen: 23
194.208.94.0/24 maxlen: 24
194.208.92.0/24 maxlen: 24
194.208.93.0/24 maxlen: 24
194.208.104.0/24 maxlen: 24
194.208.105.0/24 maxlen: 24
194.208.102.0/24 maxlen: 24
194.208.1.0/24 maxlen: 24
194.208.0.0/17 maxlen: 17
194.208.7.0/24 maxlen: 24
194.208.10.0/24 maxlen: 24
194.208.11.0/24 maxlen: 24
194.208.17.0/24 maxlen: 24
194.208.15.0/24 maxlen: 24
194.208.12.0/24 maxlen: 24
194.208.13.0/24 maxlen: 24
194.208.18.0/24 maxlen: 24
194.208.23.0/24 maxlen: 24
194.208.25.0/24 maxlen: 24
194.208.43.0/24 maxlen: 24
194.208.42.0/24 maxlen: 24
194.208.40.0/24 maxlen: 24
194.208.41.0/24 maxlen: 24
194.208.49.0/24 maxlen: 24
194.208.45.0/24 maxlen: 24
194.208.46.0/24 maxlen: 24
194.208.51.0/24 maxlen: 24
194.208.160.0/20 maxlen: 20
194.208.186.0/24 maxlen: 24
194.208.184.0/21 maxlen: 21
194.208.187.0/24 maxlen: 24
194.208.192.0/18 maxlen: 18
194.208.207.0/24 maxlen: 24
194.208.108.0/24 maxlen: 24
194.208.107.0/24 maxlen: 24
194.208.116.0/24 maxlen: 24
194.208.117.0/24 maxlen: 24
194.208.120.0/24 maxlen: 24
194.208.121.0/24 maxlen: 24
194.208.127.0/24 maxlen: 24
194.183.148.0/24 maxlen: 24
194.183.146.0/24 maxlen: 24
194.183.147.0/24 maxlen: 24
194.183.152.0/24 maxlen: 24
194.183.151.0/24 maxlen: 24
194.183.153.0/24 maxlen: 24
80.75.224.0/20 maxlen: 20
194.183.128.0/19 maxlen: 19
194.183.131.0/24 maxlen: 24
194.183.132.0/24 maxlen: 24
194.183.129.0/24 maxlen: 24
194.183.130.0/24 maxlen: 24
194.183.128.0/24 maxlen: 24
194.183.138.0/24 maxlen: 24
194.183.136.0/24 maxlen: 24
194.183.137.0/24 maxlen: 24
194.183.140.0/24 maxlen: 24
194.183.143.0/24 maxlen: 24
194.208.243.0/24 maxlen: 24
194.208.245.0/24 maxlen: 24
2001:af8:6106::/48 maxlen: 48
2001:af8::/32 maxlen: 32
2001:af8:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 Aug 2024 13:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:bc:b9:0f:77:8a:ec:ad:7b:50:39:fc:33:a3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a6a1413cc8965ee92416b6059f90b18778c8b38
Validity
Not Before: Jan 1 06:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c47c86ad0a6a0decf93666c0e43edb0d4ef0e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9c:b5:48:cc:64:33:b0:ed:c1:d2:69:6c:0e:
b2:f8:c6:e2:64:18:80:ea:a7:b8:80:84:83:d1:20:
54:95:ca:bb:8b:59:e1:17:a1:fc:9c:1e:fa:24:9c:
a8:c1:b6:0e:5e:30:f0:1a:80:59:65:87:26:70:65:
3d:0e:70:e2:98:99:04:71:af:25:48:b9:9a:8e:f3:
60:48:fd:a9:1d:57:7d:6a:7b:e3:61:b3:7b:07:7d:
2c:81:81:0d:67:28:3a:a7:d6:87:f6:77:fa:47:44:
fd:ee:22:7e:5c:db:57:92:83:9b:76:5a:3b:07:78:
52:fe:6e:e4:12:bd:b2:6f:23:75:b1:a0:24:a6:55:
f6:60:e9:1e:59:1c:8f:06:b0:b4:3d:f5:a3:7c:be:
cf:2a:db:95:85:58:a7:d4:9c:21:de:ed:1a:da:cf:
2f:34:5c:bf:58:be:d9:6b:6a:ae:09:95:ce:80:a4:
1d:9b:0b:51:3d:b5:0b:07:b6:cc:b6:ef:2a:89:ee:
1b:89:99:2c:fa:4a:ac:65:40:33:15:2a:d2:c4:55:
44:99:4c:d3:c7:8e:aa:ff:3d:4d:52:9a:97:a8:8d:
28:fb:d9:1c:9a:8d:55:03:40:07:13:14:04:ef:fc:
bd:fc:ee:9a:88:1e:96:11:e5:3e:a9:d0:bf:e6:2d:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:47:C8:6A:D0:A6:A0:DE:CF:93:66:6C:0E:43:ED:B0:D4:EF:0E:07
X509v3 Authority Key Identifier:
keyid:1A:6A:14:13:CC:89:65:EE:92:41:6B:60:59:F9:0B:18:77:8C:8B:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmoUE8yJZe6SQWtgWfkLGHeMizg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/XEfIatCmoN7Pk2ZsDkPtsNTvDgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/59a43f-881a-48ed-9c3e-82c085a92777/1/GmoUE8yJZe6SQWtgWfkLGHeMizg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.75.224.0/20
194.183.128.0/19
194.208.0.0/17
194.208.160.0/20
194.208.184.0-194.208.255.255
IPv6:
2001:af8::/32
Signature Algorithm: sha256WithRSAEncryption
58:4b:a0:e4:e6:b5:11:be:b7:59:a7:a2:3e:e9:26:5e:c6:cc:
67:44:15:b0:c7:d9:39:2b:b7:57:78:56:b8:6b:47:b1:6a:2a:
9e:ce:1a:0d:c2:ac:7e:43:0e:be:fd:58:e4:06:49:6f:8b:2c:
6a:bc:58:30:cc:1a:b9:0d:33:03:7f:3e:69:25:7a:f3:13:95:
de:53:dc:38:17:89:83:9f:45:9a:32:f1:bd:49:27:51:45:78:
a6:a7:8d:b5:46:70:47:73:8d:bd:b2:ff:f2:71:fe:58:44:3d:
3f:ef:2b:9b:3a:ba:38:13:ea:40:51:f5:6f:55:f2:bc:db:f4:
5b:80:73:16:0e:3d:16:fa:a0:77:5b:d5:dd:5f:9a:60:5f:8c:
c1:ef:20:e4:8a:4c:c3:6b:7d:bf:ef:33:64:5e:9c:fd:c4:71:
7f:14:93:8f:4b:e7:12:07:a3:d1:5a:02:2e:49:0e:ce:9a:57:
d8:23:fe:43:21:b8:60:dd:01:58:0f:e4:ce:3f:80:50:ab:96:
e2:28:0b:eb:4d:fb:24:a7:21:a4:96:f7:20:e0:e9:2d:94:88:
19:73:05:d9:0a:bb:2b:8b:28:9a:ba:92:33:04:59:d8:a2:d6:
35:08:99:ad:4b:6b:37:7d:6f:18:5e:c6:60:d7:12:e3:40:ac:
06:41:aa:ff
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzDtry5D3eK7K17UDn8M6NGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNmExNDEzY2M4OTY1ZWU5MjQxNmI2MDU5ZjkwYjE4Nzc4
YzhiMzgwHhcNMjQwMTAxMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzQ3Yzg2YWQwYTZhMGRlY2Y5MzY2NmMwZTQzZWRiMGQ0ZWYwZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpy1SMxkM7DtwdJpbA6y+MbiZBiA
6qe4gISD0SBUlcq7i1nhF6H8nB76JJyowbYOXjDwGoBZZYcmcGU9DnDimJkEca8l
SLmajvNgSP2pHVd9anvjYbN7B30sgYENZyg6p9aH9nf6R0T97iJ+XNtXkoObdlo7
B3hS/m7kEr2ybyN1saAkplX2YOkeWRyPBrC0PfWjfL7PKtuVhVin1Jwh3u0a2s8v
NFy/WL7Za2quCZXOgKQdmwtRPbULB7bMtu8qie4biZks+kqsZUAzFSrSxFVEmUzT
x46q/z1NUpqXqI0o+9kcmo1VA0AHExQE7/y9/O6aiB6WEeU+qdC/5i32jQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFFxHyGrQpqDez5NmbA5D7bDU7w4HMB8GA1UdIwQY
MBaAFBpqFBPMiWXukkFrYFn5Cxh3jIs4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR21vVUU4eUpaZTZTUVd0Z1dma0xHSGVNaXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81OWE0M2YtODgxYS00OGVkLTljM2Ut
ODJjMDg1YTkyNzc3LzEvWEVmSWF0Q21vTjdQazJac0RrUHRzTlR2RGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81OWE0M2YtODgxYS00OGVkLTljM2UtODJjMDg1YTkyNzc3
LzEvR21vVUU4eUpaZTZTUVd0Z1dma0xHSGVNaXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQEUEvgAwQF
wreAAwQHwtAAAwQEwtCgMAsDBAPC0LgDAwDC0DANBAIAAjAHAwUAIAEK+DANBgkq
hkiG9w0BAQsFAAOCAQEAWEug5Oa1Eb63WaeiPukmXsbMZ0QVsMfZOSu3V3hWuGtH
sWoqns4aDcKsfkMOvv1Y5AZJb4ssarxYMMwauQ0zA38+aSV68xOV3lPcOBeJg59F
mjLxvUknUUV4pqeNtUZwR3ONvbL/8nH+WEQ9P+8rmzq6OBPqQFH1b1XyvNv0W4Bz
Fg49Fvqgd1vV3V+aYF+Mwe8g5IpMw2t9v+8zZF6c/cRxfxSTj0vnEgej0VoCLkkO
zppX2CP+QyG4YN0BWA/kzj+AUKuW4igL6037JKchpJb3IODpLZSIGXMF2Qq7K4so
mrqSMwRZ2KLWNQiZrUtrN31vGF7GYNcS40CsBkGq/w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:26 2025 by rpki-client