Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/XqZ3qdUpQYoJ1N8Su_K_cU3Vhb4.roa
File: XqZ3qdUpQYoJ1N8Su_K_cU3Vhb4.roa (raw, json)
Hash identifier: x1SS7mGN+lvTaehT72QrI0DDQQHSbdlQmcrkMCoBwcc=
Subject key identifier: 5E:A6:77:A9:D5:29:41:8A:09:D4:DF:12:BB:F2:BF:71:4D:D5:85:BE
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018CC348ED3663C1CA9B22D0034A3E901DFC
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/XqZ3qdUpQYoJ1N8Su_K_cU3Vhb4.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34587
IP address blocks: 178.237.173.0/24 maxlen: 24
81.94.213.0/24 maxlen: 24
81.94.208.0/20 maxlen: 24
81.94.214.0/24 maxlen: 24
5.226.176.0/21 maxlen: 24
178.237.160.0/23 maxlen: 24
178.237.163.0/24 maxlen: 24
178.237.165.0/24 maxlen: 24
178.237.170.0/24 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
2a03:a860:10::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Mar 2024 08:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ed:36:63:c1:ca:9b:22:d0:03:4a:3e:90:1d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ea677a9d529418a09d4df12bbf2bf714dd585be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:71:d7:51:96:92:b3:0f:a1:e6:f2:08:ba:76:
bd:76:f3:90:5b:cd:7a:15:17:d8:2e:df:b7:26:e4:
4f:7a:de:01:b9:9d:8f:7e:ef:13:ec:34:44:01:bb:
5e:b4:7c:dd:0b:d0:77:e6:5f:fe:72:1b:25:a4:9e:
2b:3a:fe:ff:f9:d3:f0:f8:5b:9d:14:47:c2:0c:f4:
93:d4:96:db:cb:63:1e:26:2c:3c:86:44:98:9e:2d:
fb:5f:8a:15:b4:3a:17:52:a1:ae:9e:75:7a:ae:6f:
79:78:90:81:d7:53:f8:7f:cc:36:4f:11:83:4d:9f:
08:40:04:e3:ad:cd:ea:1c:c7:47:f1:d2:f5:10:a7:
2e:6c:4a:22:a6:c4:32:a9:ca:b1:eb:c0:22:92:02:
9e:68:07:1c:55:1e:18:b8:c3:4a:42:5b:b8:94:9a:
46:34:c9:4a:7e:b5:5e:70:9c:30:88:2f:a3:81:d6:
e1:bb:9f:54:cf:29:9c:0a:40:bd:b8:4e:b1:ca:84:
cd:3b:6f:39:a9:3c:be:cd:0b:76:b5:64:80:37:e6:
67:f1:db:8f:bd:a0:7d:a8:33:b1:0e:81:72:9c:10:
17:cf:1f:41:d9:35:6f:bc:91:d5:6d:18:60:99:5d:
14:53:92:70:b1:fb:f5:70:30:1a:60:2a:0c:bc:e2:
cd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A6:77:A9:D5:29:41:8A:09:D4:DF:12:BB:F2:BF:71:4D:D5:85:BE
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/XqZ3qdUpQYoJ1N8Su_K_cU3Vhb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
81.94.208.0/20
178.237.160.0/23
178.237.163.0/24
178.237.165.0/24
178.237.170.0/24
178.237.173.0/24
IPv6:
2a03:a860:10::/44
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
2c:7c:35:8a:0d:0b:b2:40:de:91:5b:e7:8d:8f:5d:c6:b5:f3:
16:b8:73:43:45:85:10:ec:a3:23:79:13:62:09:0a:ab:e9:9e:
7c:fc:d1:5e:85:9c:94:75:62:cb:32:d3:9b:be:10:ab:a1:9a:
89:92:de:08:28:75:d9:23:ff:29:fa:8b:ab:52:10:e9:93:50:
c6:1c:c9:b4:e9:e8:dc:4d:08:36:10:95:ee:0b:20:05:1e:b5:
1b:d8:12:c3:40:25:dc:24:93:c8:9f:d4:41:60:66:0d:4e:dc:
6d:4e:00:5e:bb:7b:c1:54:8b:7e:df:b8:18:66:70:96:96:af:
be:d6:21:9d:d2:6d:86:74:b8:9a:b7:54:98:6f:70:9f:61:c2:
83:22:20:df:5f:f0:29:65:62:4c:e3:a7:45:41:e8:74:9b:ee:
57:72:45:89:3e:ea:da:c1:24:8d:27:ea:56:cf:4c:0e:5a:53:
9d:ff:8f:2d:39:89:f2:eb:4a:80:ed:97:2d:08:45:9f:fc:20:
0e:26:f3:9a:e0:73:53:c9:11:5a:bb:ac:9e:8a:6c:93:ac:8d:
44:98:f2:44:2c:c3:a8:6e:b1:0f:53:48:b1:ba:5e:3a:3b:78:
fc:33:53:0c:91:fd:e6:c4:db:65:47:c2:71:9c:0d:db:e3:12:
56:6d:d1:fe
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzDSO02Y8HKmyLQA0o+kB38MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE2NzdhOWQ1Mjk0MThhMDlkNGRmMTJiYmYyYmY3MTRkZDU4NWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXHXUZaSsw+h5vIIuna9dvOQW816
FRfYLt+3JuRPet4BuZ2Pfu8T7DREAbtetHzdC9B35l/+chslpJ4rOv7/+dPw+Fud
FEfCDPST1Jbby2MeJiw8hkSYni37X4oVtDoXUqGunnV6rm95eJCB11P4f8w2TxGD
TZ8IQATjrc3qHMdH8dL1EKcubEoipsQyqcqx68AikgKeaAccVR4YuMNKQlu4lJpG
NMlKfrVecJwwiC+jgdbhu59UzymcCkC9uE6xyoTNO285qTy+zQt2tWSAN+Zn8duP
vaB9qDOxDoFynBAXzx9B2TVvvJHVbRhgmV0UU5Jwsfv1cDAaYCoMvOLNuwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFF6md6nVKUGKCdTfErvyv3FN1YW+MB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvWHFaM3FkVXBRWW9KMU44U3VfS19jVTNWaGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAwBAIAATAqAwQDBeKwAwQE
UV7QAwQBsu2gAwQAsu2jAwQAsu2lAwQAsu2qAwQAsu2tMBcEAgACMBEDBwQqA6hg
ABADBgAqA6hgCjANBgkqhkiG9w0BAQsFAAOCAQEALHw1ig0LskDekVvnjY9dxrXz
FrhzQ0WFEOyjI3kTYgkKq+mefPzRXoWclHViyzLTm74Qq6GaiZLeCCh12SP/KfqL
q1IQ6ZNQxhzJtOno3E0INhCV7gsgBR61G9gSw0Al3CSTyJ/UQWBmDU7cbU4AXrt7
wVSLft+4GGZwlpavvtYhndJthnS4mrdUmG9wn2HCgyIg31/wKWViTOOnRUHodJvu
V3JFiT7q2sEkjSfqVs9MDlpTnf+PLTmJ8utKgO2XLQhFn/wgDibzmuBzU8kRWrus
nopsk6yNRJjyRCzDqG6xD1NIsbpeOjt4/DNTDJH95sTbZUfCcZwN2+MSVm3R/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:53 2024 by rpki-client on console-ams.rpki-client.org