Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/XAJ2F_dsuUqO_W09ZJXk6VF-41g.roa
File: XAJ2F_dsuUqO_W09ZJXk6VF-41g.roa (raw, json)
Hash identifier: u+aCKhk+R4UvydN6bxwpLldlM+nkzd7DxRqfbc+K1/M=
Subject key identifier: 5C:02:76:17:F7:6C:B9:4A:8E:FD:6D:3D:64:95:E4:E9:51:7E:E3:58
Certificate issuer: /CN=903ec4c502a42c5bbfdb70ea9f440ca1500acc50
Certificate serial: 01856C780EF703E70CDD79C970E49391F6C1
Authority key identifier: 90:3E:C4:C5:02:A4:2C:5B:BF:DB:70:EA:9F:44:0C:A1:50:0A:CC:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kD7ExQKkLFu_23Dqn0QMoVAKzFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/XAJ2F_dsuUqO_W09ZJXk6VF-41g.roa
Signing time: Sun 01 Jan 2023 08:34:45 +0000
ROA not before: Sun 01 Jan 2023 08:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15595
IP address blocks: 81.25.229.0/24 maxlen: 24
81.25.230.0/24 maxlen: 24
81.25.228.0/24 maxlen: 24
81.25.233.0/24 maxlen: 24
81.25.227.0/24 maxlen: 24
81.25.231.0/24 maxlen: 24
81.25.232.0/24 maxlen: 24
81.25.236.0/24 maxlen: 24
81.25.237.0/24 maxlen: 24
81.25.235.0/24 maxlen: 24
81.25.234.0/24 maxlen: 24
81.25.238.0/24 maxlen: 24
81.25.239.0/24 maxlen: 24
81.25.226.0/24 maxlen: 24
81.25.224.0/20 maxlen: 20
81.25.224.0/24 maxlen: 24
81.25.225.0/24 maxlen: 24
2a02:d300::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:0e:f7:03:e7:0c:dd:79:c9:70:e4:93:91:f6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=903ec4c502a42c5bbfdb70ea9f440ca1500acc50
Validity
Not Before: Jan 1 08:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c027617f76cb94a8efd6d3d6495e4e9517ee358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:05:2d:de:23:7a:0c:0d:60:4b:0b:f8:3b:
e7:f2:32:5b:79:77:05:46:fa:e3:46:9c:3f:a7:15:
c6:0f:6e:5a:fc:fd:20:86:46:de:46:34:0a:6f:fb:
95:1d:fe:22:5e:74:85:ba:47:c6:d1:ad:73:fa:ce:
c3:2f:f1:24:59:86:c5:8e:10:1d:29:1a:be:59:64:
73:fd:3f:88:ae:64:c2:8b:57:a1:93:34:be:b1:ad:
e3:c3:06:f4:4e:32:0f:5b:21:17:f7:f9:97:73:37:
e9:bc:e6:c1:7f:d2:95:4e:a0:42:56:af:f5:29:43:
4e:85:26:33:10:40:98:e8:ab:b9:6a:9d:da:71:ff:
4d:25:4f:ef:81:ac:09:2f:ee:b1:42:ed:d0:4c:b3:
ec:c7:9a:a5:ab:95:4d:9e:73:b0:55:d4:16:98:ab:
31:21:3c:40:29:10:f9:0c:b6:1d:6b:8c:08:1d:f7:
e9:57:f8:5c:62:31:65:07:c6:ce:49:14:95:a3:8e:
a5:53:1c:e6:ae:f1:66:de:03:af:8d:b1:dc:1a:c5:
5e:8c:d9:e2:80:f9:8f:55:1b:ca:57:6c:9c:76:4a:
0c:87:15:57:be:97:71:04:a4:cc:e0:cf:46:66:12:
63:2e:d3:7e:fc:22:07:30:a0:1f:02:77:dd:d5:f1:
8a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:02:76:17:F7:6C:B9:4A:8E:FD:6D:3D:64:95:E4:E9:51:7E:E3:58
X509v3 Authority Key Identifier:
keyid:90:3E:C4:C5:02:A4:2C:5B:BF:DB:70:EA:9F:44:0C:A1:50:0A:CC:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kD7ExQKkLFu_23Dqn0QMoVAKzFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/XAJ2F_dsuUqO_W09ZJXk6VF-41g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/40c548-5cc6-47c3-9e8f-bddb29f85fb8/1/kD7ExQKkLFu_23Dqn0QMoVAKzFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.224.0/20
IPv6:
2a02:d300::/29
Signature Algorithm: sha256WithRSAEncryption
44:38:42:ec:dd:94:0e:2a:6d:fa:b9:b2:b0:46:cb:67:24:4e:
09:7e:e2:3f:dd:3f:f9:56:fd:1f:99:2c:00:86:c2:78:bb:25:
3a:83:a8:13:9c:05:34:96:8c:88:5c:58:90:31:30:65:45:75:
51:04:99:c4:e5:6a:c6:0f:05:66:09:3c:a8:65:9b:f1:aa:6e:
fd:70:3a:f2:d0:22:0d:b5:55:e7:e0:8c:8b:26:6e:46:bb:b6:
8e:f0:28:72:b7:db:83:bf:00:85:24:cd:7e:48:da:fc:4f:8c:
c2:a8:48:65:d8:bc:54:c7:bf:bc:1a:85:54:b7:c9:2c:df:9a:
93:5e:24:86:13:5e:c5:fc:c8:fc:78:4b:a0:0e:33:e5:e7:12:
d8:f3:53:a8:f2:18:49:37:91:8e:db:ee:e5:89:08:66:7a:2a:
0e:0e:b6:8e:23:b4:96:e4:23:17:bf:58:02:71:75:5f:ec:00:
db:87:21:40:db:73:0c:2a:ce:dc:c7:f3:78:94:1a:e6:71:a9:
3f:d7:fe:1f:9c:27:17:73:20:1d:1a:35:6c:9c:61:6a:03:d7:
65:41:32:52:17:40:8b:d7:42:5c:14:ab:09:c3:a4:c5:18:4b:
25:92:53:89:01:d9:13:68:f9:7b:90:cd:60:f6:a1:54:a5:ab:
22:20:31:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVseA73A+cM3XnJcOSTkfbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwM2VjNGM1MDJhNDJjNWJiZmRiNzBlYTlmNDQwY2ExNTAw
YWNjNTAwHhcNMjMwMTAxMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzAyNzYxN2Y3NmNiOTRhOGVmZDZkM2Q2NDk1ZTRlOTUxN2VlMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp88FLd4jegwNYEsL+Dvn8jJbeXcF
RvrjRpw/pxXGD25a/P0ghkbeRjQKb/uVHf4iXnSFukfG0a1z+s7DL/EkWYbFjhAd
KRq+WWRz/T+IrmTCi1ehkzS+sa3jwwb0TjIPWyEX9/mXczfpvObBf9KVTqBCVq/1
KUNOhSYzEECY6Ku5ap3acf9NJU/vgawJL+6xQu3QTLPsx5qlq5VNnnOwVdQWmKsx
ITxAKRD5DLYda4wIHffpV/hcYjFlB8bOSRSVo46lUxzmrvFm3gOvjbHcGsVejNni
gPmPVRvKV2ycdkoMhxVXvpdxBKTM4M9GZhJjLtN+/CIHMKAfAnfd1fGKGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwCdhf3bLlKjv1tPWSV5OlRfuNYMB8GA1UdIwQY
MBaAFJA+xMUCpCxbv9tw6p9EDKFQCsxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0Q3RXhRS2tMRnVfMjNEcW4wUU1vVkFLekZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MGM1NDgtNWNjNi00N2MzLTllOGYt
YmRkYjI5Zjg1ZmI4LzEvWEFKMkZfZHN1VXFPX1cwOVpKWGs2VkYtNDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MGM1NDgtNWNjNi00N2MzLTllOGYtYmRkYjI5Zjg1ZmI4
LzEva0Q3RXhRS2tMRnVfMjNEcW4wUU1vVkFLekZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEURngMA0E
AgACMAcDBQMqAtMAMA0GCSqGSIb3DQEBCwUAA4IBAQBEOELs3ZQOKm36ubKwRstn
JE4JfuI/3T/5Vv0fmSwAhsJ4uyU6g6gTnAU0loyIXFiQMTBlRXVRBJnE5WrGDwVm
CTyoZZvxqm79cDry0CINtVXn4IyLJm5Gu7aO8Chyt9uDvwCFJM1+SNr8T4zCqEhl
2LxUx7+8GoVUt8ks35qTXiSGE17F/Mj8eEugDjPl5xLY81Oo8hhJN5GO2+7liQhm
eioODraOI7SW5CMXv1gCcXVf7ADbhyFA23MMKs7cx/N4lBrmcak/1/4fnCcXcyAd
GjVsnGFqA9dlQTJSF0CL10JcFKsJw6TFGEslklOJAdkTaPl7kM1g9qFUpasiIDG0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:16 2024 by rpki-client on console-ams.rpki-client.org