Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/X9GtHIVz2NJzi9lfTi8spGRp9ZE.roa
File: X9GtHIVz2NJzi9lfTi8spGRp9ZE.roa (raw, json)
Hash identifier: aPQIYhzXQyaSEHkdxF/+XzpSp0d9MMj/DwQNj+wBniA=
Subject key identifier: 5F:D1:AD:1C:85:73:D8:D2:73:8B:D9:5F:4E:2F:2C:A4:64:69:F5:91
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 0192DCF8F85F0BB9244329C88525D4F88629
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/X9GtHIVz2NJzi9lfTi8spGRp9ZE.roa
Signing time: Wed 30 Oct 2024 10:29:16 +0000
ROA not before: Wed 30 Oct 2024 10:29:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202958
IP address blocks: 37.140.243.0/24 maxlen: 24
46.226.123.0/24 maxlen: 24
77.246.247.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
91.243.71.0/24 maxlen: 24
93.115.14.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
188.244.115.0/24 maxlen: 24
194.4.56.0/24 maxlen: 24
194.4.57.0/24 maxlen: 24
194.4.58.0/24 maxlen: 24
194.4.59.0/24 maxlen: 24
194.146.40.0/24 maxlen: 24
194.146.41.0/24 maxlen: 24
194.146.42.0/24 maxlen: 24
194.146.43.0/24 maxlen: 24
213.109.146.0/24 maxlen: 24
2a06:941::/48 maxlen: 48
2a06:941:1::/48 maxlen: 48
2a06:941:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Dec 2024 11:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:f8:f8:5f:0b:b9:24:43:29:c8:85:25:d4:f8:86:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Oct 30 10:29:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fd1ad1c8573d8d2738bd95f4e2f2ca46469f591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:c6:d8:56:f6:35:c9:7e:c1:de:0b:1a:fb:
ab:cf:55:b3:24:5d:bd:86:6e:9b:60:b7:1b:37:61:
49:a1:9d:a4:be:b9:b6:04:af:e9:9e:d2:e1:4b:8f:
a5:a1:cf:7a:81:28:b3:60:86:27:fb:56:1b:58:90:
96:09:5e:8e:e1:0b:0a:ae:36:6b:84:98:5f:97:8e:
9a:cc:90:a8:ca:96:bf:00:7d:e7:87:c2:b6:0f:e1:
0b:91:07:4e:4d:37:10:ae:82:08:ce:46:35:9e:70:
27:d2:69:ec:29:59:3a:cf:3c:28:b2:01:c2:cf:9f:
6d:27:c5:eb:b7:36:b6:14:35:cc:6b:8b:2c:31:2d:
6c:47:6d:d5:33:7b:74:b9:cc:9c:50:2d:79:3f:0c:
cb:7f:fc:8e:eb:e6:af:17:1e:28:54:58:f8:5a:eb:
c6:a3:55:cf:1f:01:80:df:e1:92:ae:17:c3:4e:3d:
9c:8c:c5:be:74:b8:44:2c:85:7e:80:df:6c:ec:26:
9d:58:cc:f1:22:11:9f:91:c4:5b:ba:b7:3f:ef:94:
11:49:ca:ba:cf:91:d6:c8:90:ab:f0:98:35:76:f0:
e6:44:f9:f9:f0:16:8b:0a:bf:af:83:29:9b:b8:a5:
cb:fe:6c:5f:ec:e5:e4:0e:51:07:40:64:74:2a:d1:
da:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D1:AD:1C:85:73:D8:D2:73:8B:D9:5F:4E:2F:2C:A4:64:69:F5:91
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/X9GtHIVz2NJzi9lfTi8spGRp9ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.243.0/24
46.226.123.0/24
77.246.247.0/24
86.107.198.0/23
91.243.71.0/24
93.115.14.0/24
185.98.4.0/24
185.100.66.0/24
185.113.133.0/24
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
188.244.115.0/24
194.4.56.0/22
194.146.40.0/22
213.109.146.0/24
IPv6:
2a06:941::-2a06:941:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:1e:bf:3a:05:9d:c2:ee:56:f4:20:83:16:2a:28:30:49:b7:
36:7f:bc:bd:ed:3f:0f:55:58:eb:4c:d7:c6:69:84:05:ec:85:
a6:f7:d6:11:88:9f:8f:ee:50:f7:64:ec:34:d5:b3:f6:2c:5a:
ae:c3:0a:4f:a5:d7:45:6e:3b:30:e3:f6:f4:cd:31:86:ce:90:
c2:c5:32:9d:87:a1:6f:9d:32:b1:25:de:4b:d8:c9:4b:b2:c7:
b8:83:6e:21:f2:97:48:dd:2b:32:ea:eb:4b:bf:4c:ec:24:75:
00:d4:bb:d5:2e:45:ee:2d:4b:fd:61:86:d0:67:ed:9a:75:91:
79:5d:6b:fd:08:34:01:76:2e:aa:ea:63:36:98:f6:3f:cd:bd:
78:19:03:55:fa:e8:e1:35:9e:ff:a0:7d:bb:3b:93:de:60:c3:
3d:80:b9:47:7a:9c:3d:1b:d6:63:bc:19:40:2d:6f:48:65:b2:
67:a2:96:0c:1b:05:d5:b5:a9:45:37:97:c7:46:d0:7f:41:4d:
11:b1:94:a3:19:db:71:42:bf:3a:32:e2:45:f4:9d:99:eb:36:
a6:6f:55:92:aa:93:2a:52:98:a1:fa:46:23:d1:b8:5b:0e:15:
a1:7a:0e:2b:c2:de:65:03:3e:2f:2e:92:4d:c6:72:51:b9:82:
24:f6:20:e9
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZLc+PhfC7kkQynIhSXU+IYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjQxMDMwMTAyOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmQxYWQxYzg1NzNkOGQyNzM4YmQ5NWY0ZTJmMmNhNDY0NjlmNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3bG2Fb2Ncl+wd4LGvurz1WzJF29
hm6bYLcbN2FJoZ2kvrm2BK/pntLhS4+loc96gSizYIYn+1YbWJCWCV6O4QsKrjZr
hJhfl46azJCoypa/AH3nh8K2D+ELkQdOTTcQroIIzkY1nnAn0mnsKVk6zzwosgHC
z59tJ8Xrtza2FDXMa4ssMS1sR23VM3t0ucycUC15PwzLf/yO6+avFx4oVFj4WuvG
o1XPHwGA3+GSrhfDTj2cjMW+dLhELIV+gN9s7CadWMzxIhGfkcRburc/75QRScq6
z5HWyJCr8Jg1dvDmRPn58BaLCr+vgymbuKXL/mxf7OXkDlEHQGR0KtHaMQIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFF/RrRyFc9jSc4vZX04vLKRkafWRMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvWDlHdEhJVnoyTkp6aTlsZlRpOHNwR1JwOVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBmBAIAATBgAwQAJYzz
AwQALuJ7AwQATfb3AwQBVmvGAwQAW/NHAwQAXXMOAwQAuWIEAwQAuWRCAwQAuXGF
AwQCuXTAAwQCuXlQAwQCuX1YAwQAvPRzAwQCwgQ4AwQCwpIoAwQA1W2SMBgEAgAC
MBIwEAMFACoGCUEDBwAqBglBAAIwDQYJKoZIhvcNAQELBQADggEBACYevzoFncLu
VvQggxYqKDBJtzZ/vL3tPw9VWOtM18ZphAXshab31hGIn4/uUPdk7DTVs/YsWq7D
Ck+l10VuOzDj9vTNMYbOkMLFMp2HoW+dMrEl3kvYyUuyx7iDbiHyl0jdKzLq60u/
TOwkdQDUu9UuRe4tS/1hhtBn7Zp1kXlda/0INAF2LqrqYzaY9j/NvXgZA1X66OE1
nv+gfbs7k95gwz2AuUd6nD0b1mO8GUAtb0hlsmeilgwbBdW1qUU3l8dG0H9BTRGx
lKMZ23FCvzoy4kX0nZnrNqZvVZKqkypSmKH6RiPRuFsOFaF6DivC3mUDPi8ukk3G
clG5giT2IOk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:33:56 2025 by rpki-client