Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/XE-shc9BSe5tny9-Ksr1R7JRmEY.roa
File: XE-shc9BSe5tny9-Ksr1R7JRmEY.roa (raw, json)
Hash identifier: ScAonKyxJril6zzdLGm8HS4eKgCRIkT9zXIcuE39E7g=
Subject key identifier: 5C:4F:AC:85:CF:41:49:EE:6D:9F:2F:7E:2A:CA:F5:47:B2:51:98:46
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0185EF8C0232C745DE8898A1FCA86BAC0E00
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/XE-shc9BSe5tny9-Ksr1R7JRmEY.roa
Signing time: Thu 26 Jan 2023 19:26:48 +0000
ROA not before: Thu 26 Jan 2023 19:26:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Jan 2023 12:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ef:8c:02:32:c7:45:de:88:98:a1:fc:a8:6b:ac:0e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 26 19:26:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c4fac85cf4149ee6d9f2f7e2acaf547b2519846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:64:eb:14:ca:87:6d:e8:33:5b:e2:18:b3:e3:
64:27:57:44:8b:82:f1:8f:80:87:e9:fe:38:50:57:
7b:df:cb:08:d5:b5:a4:56:c4:83:f4:c3:73:35:46:
4b:19:07:d4:fa:47:82:68:ba:54:83:9f:f8:11:62:
0a:f0:e0:8d:ac:0e:ef:2d:f5:2d:5f:f7:d2:a9:5d:
fc:08:9a:0a:66:15:cb:0d:de:19:3a:30:55:aa:26:
68:e7:7a:67:5d:26:87:e7:87:b6:48:e3:c0:8f:a3:
50:6e:9c:8f:14:bf:08:2d:f6:19:e3:c9:06:f3:ee:
dc:ce:51:cc:77:4e:99:97:d4:91:9c:be:b0:32:16:
06:b7:03:af:c6:3e:84:35:cc:03:c7:7f:01:40:f0:
f3:12:a2:46:48:68:49:9c:31:31:70:66:b4:fb:d5:
0d:9a:de:dc:0c:ed:9f:ac:77:68:e3:35:be:a9:51:
55:a2:af:c1:a2:08:bf:50:d7:d6:43:38:63:25:43:
67:3a:bf:d5:80:ac:89:fd:2e:cc:b9:ac:e5:72:74:
3c:e1:21:c4:1b:9c:76:d0:7c:53:c2:b4:16:cd:d8:
3c:44:87:3d:9c:e8:c5:22:2b:e3:0c:ce:56:59:e0:
99:55:4f:4e:08:fd:3a:0c:44:01:14:ef:20:17:98:
44:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4F:AC:85:CF:41:49:EE:6D:9F:2F:7E:2A:CA:F5:47:B2:51:98:46
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/XE-shc9BSe5tny9-Ksr1R7JRmEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.42.255
89.43.44.0/24
89.43.73.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
7c:65:f5:5d:c2:9c:f5:bd:0b:6b:b9:4d:b5:78:18:be:7c:a2:
08:8a:3f:ac:0b:54:88:82:5b:ed:73:9c:50:a6:7a:6a:07:6b:
4d:41:c6:6e:26:23:89:90:b3:7d:7b:ae:0c:cb:4e:e0:ae:5b:
2a:d1:4e:9e:ae:f9:c6:5a:53:e2:1a:34:67:5f:50:6e:8e:57:
1d:e5:ff:d8:3d:8b:c0:5a:cd:f7:00:f6:cc:89:d8:5d:46:5f:
d8:5c:95:53:ea:d5:84:0e:78:bc:58:1b:af:5a:ff:a3:4f:f5:
0f:c2:91:da:c0:14:f5:1e:fd:38:86:bd:37:b6:d4:77:4a:08:
c3:97:84:ca:27:b2:bc:07:b6:65:f6:c4:d5:59:54:d0:8c:e8:
b8:f5:64:91:1c:5e:76:3d:6d:b7:2c:c5:3b:5b:e5:bc:e3:22:
fa:09:8b:f0:22:30:50:6d:91:49:02:89:7a:32:35:2d:c0:32:
e2:f9:dd:47:05:63:87:e8:1d:44:23:5c:8c:d7:da:64:b1:b0:
e6:3f:6e:6a:2a:bb:36:cc:4e:f6:65:b8:3e:12:00:e2:6a:d5:
46:15:88:e5:72:9a:12:ec:a1:03:e1:64:22:43:ce:d5:4a:36:
24:9a:d4:8c:6a:dd:00:e2:3f:be:96:74:71:03:76:cc:06:7e:
0d:36:90:4a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYXvjAIyx0XeiJih/KhrrA4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTI2MTkyNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRmYWM4NWNmNDE0OWVlNmQ5ZjJmN2UyYWNhZjU0N2IyNTE5ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GTrFMqHbegzW+IYs+NkJ1dEi4Lx
j4CH6f44UFd738sI1bWkVsSD9MNzNUZLGQfU+keCaLpUg5/4EWIK8OCNrA7vLfUt
X/fSqV38CJoKZhXLDd4ZOjBVqiZo53pnXSaH54e2SOPAj6NQbpyPFL8ILfYZ48kG
8+7czlHMd06Zl9SRnL6wMhYGtwOvxj6ENcwDx38BQPDzEqJGSGhJnDExcGa0+9UN
mt7cDO2frHdo4zW+qVFVoq/Bogi/UNfWQzhjJUNnOr/VgKyJ/S7MuazlcnQ84SHE
G5x20HxTwrQWzdg8RIc9nOjFIivjDM5WWeCZVU9OCP06DEQBFO8gF5hEHwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFFxPrIXPQUnubZ8vfirK9UeyUZhGMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvWEUtc2hjOUJTZTV0bnk5LUtzcjFSN0pSbUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB0BAIAATBuAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8MAwDBANZKygDBABZ
KyoDBABZKywDBABZK0kDBABdcZ4DBABdcjcDBABdcmMDBABdcrsDBAC81RIDBAG8
10gDBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAfGX1
XcKc9b0La7lNtXgYvnyiCIo/rAtUiIJb7XOcUKZ6agdrTUHGbiYjiZCzfXuuDMtO
4K5bKtFOnq75xlpT4ho0Z19Qbo5XHeX/2D2LwFrN9wD2zInYXUZf2FyVU+rVhA54
vFgbr1r/o0/1D8KR2sAU9R79OIa9N7bUd0oIw5eEyieyvAe2ZfbE1VlU0IzouPVk
kRxedj1ttyzFO1vlvOMi+gmL8CIwUG2RSQKJejI1LcAy4vndRwVjh+gdRCNcjNfa
ZLGw5j9uaiq7NsxO9mW4PhIA4mrVRhWI5XKaEuyhA+FkIkPO1Uo2JJrUjGrdAOI/
vpZ0cQN2zAZ+DTaQSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org