Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xsKVNVcob-xs0iTFVKrhcckWqXY.roa
File: xsKVNVcob-xs0iTFVKrhcckWqXY.roa (raw, json)
Hash identifier: +F8PFvfP3qIknEuon/cUD2m7WchBuB+wV6hE3nZkm/c=
Subject key identifier: C6:C2:95:35:57:28:6F:EC:6C:D2:24:C5:54:AA:E1:71:C9:16:A9:76
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A99516AADDCB530B05AFEA92A6BF13C
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xsKVNVcob-xs0iTFVKrhcckWqXY.roa
Signing time: Sat 25 Mar 2023 21:07:48 +0000
ROA not before: Sat 25 Mar 2023 21:07:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 88.218.80.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 21:12:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:99:51:6a:ad:dc:b5:30:b0:5a:fe:a9:2a:6b:f1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:07:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6c2953557286fec6cd224c554aae171c916a976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:63:ca:0d:78:73:e7:cd:33:78:f0:78:eb:ca:
2b:db:28:8b:46:08:53:81:18:50:96:b8:4b:9b:65:
94:8c:66:0a:f2:f3:bf:bf:43:80:01:b6:ad:21:51:
5c:07:63:bf:40:9a:1e:11:cf:63:67:79:93:fa:95:
92:58:41:59:4a:d2:0e:c3:67:0b:56:06:8a:98:6f:
75:14:46:e0:f7:51:32:88:81:2e:b4:31:32:50:87:
ac:59:bf:b3:ba:39:f2:69:7a:f3:a4:fa:94:b6:fc:
15:52:ee:e8:36:c0:84:e5:97:78:66:28:06:a2:b2:
83:e7:83:b1:d3:a8:e0:3e:c9:83:53:fe:e8:a1:ad:
0f:c0:19:17:4d:d9:50:05:96:75:79:38:e7:66:bf:
8e:e0:44:88:b0:93:76:87:18:98:e1:4d:1d:8d:ff:
63:c3:7f:2c:cb:d6:94:80:76:58:45:77:a8:cd:f2:
35:d0:5a:e0:a2:c9:f1:bc:19:29:c4:2c:b9:00:61:
ca:b8:ae:99:f2:27:df:d3:e0:d9:86:83:09:65:99:
f6:e1:5c:27:7d:59:25:f9:93:63:0b:cc:32:3b:2a:
a7:1d:7f:14:02:5d:35:28:80:56:07:6c:5e:64:a5:
eb:83:b0:69:cb:9d:e3:37:e0:28:c7:fc:f1:c3:0c:
3d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C2:95:35:57:28:6F:EC:6C:D2:24:C5:54:AA:E1:71:C9:16:A9:76
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/xsKVNVcob-xs0iTFVKrhcckWqXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.75.0/24
45.130.184.0-45.130.186.255
45.140.7.0/24
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
54:9c:3e:0f:f0:32:16:54:7d:12:42:76:b2:56:72:0f:3e:e8:
32:aa:d5:9d:d2:4c:b6:de:64:33:db:7c:df:0a:cd:9f:17:7c:
66:07:50:43:6b:0f:7d:52:3e:fa:65:fc:e7:d1:a9:e2:2e:94:
c0:b7:f6:6e:0c:38:ad:f2:df:70:95:e8:df:a7:8a:92:5a:3d:
e4:b9:89:3c:de:59:5e:1b:21:e4:62:28:72:7b:90:10:ec:3f:
67:7f:37:81:c9:9b:91:b0:7d:8c:e7:af:73:57:ae:cf:5b:2d:
b5:8f:ae:5c:d0:c6:b1:a2:f1:17:89:05:64:bc:a1:18:9a:6a:
69:31:6b:27:ac:f4:57:70:13:a7:ae:35:c0:9b:e1:61:c2:92:
98:58:ab:52:d8:c7:76:d9:40:b7:6b:50:84:da:e9:94:79:a6:
11:f1:36:eb:31:1d:59:14:10:e3:d9:83:a8:bd:97:45:89:30:
bf:7e:66:fb:12:86:83:3a:07:bd:1f:bf:e1:66:37:a5:79:ae:
24:69:4a:0c:d0:25:8e:24:81:eb:c6:6f:ba:1a:06:08:bc:9c:
4a:54:fd:88:a6:5d:41:5d:64:03:d1:a8:a4:31:d7:4c:d9:b7:
2b:bd:9b:2a:3b:34:d2:a7:9d:06:15:11:30:e6:7e:ad:c8:a9:
a7:05:47:57
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYcamVFqrdy1MLBa/qkqa/E8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmMyOTUzNTU3Mjg2ZmVjNmNkMjI0YzU1NGFhZTE3MWM5MTZhOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWPKDXhz580zePB468or2yiLRghT
gRhQlrhLm2WUjGYK8vO/v0OAAbatIVFcB2O/QJoeEc9jZ3mT+pWSWEFZStIOw2cL
VgaKmG91FEbg91EyiIEutDEyUIesWb+zujnyaXrzpPqUtvwVUu7oNsCE5Zd4ZigG
orKD54Ox06jgPsmDU/7ooa0PwBkXTdlQBZZ1eTjnZr+O4ESIsJN2hxiY4U0djf9j
w38sy9aUgHZYRXeozfI10FrgosnxvBkpxCy5AGHKuK6Z8iff0+DZhoMJZZn24Vwn
fVkl+ZNjC8wyOyqnHX8UAl01KIBWB2xeZKXrg7Bpy53jN+Aox/zxwww96wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFMbClTVXKG/sbNIkxVSq4XHJFql2MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEveHNLVk5WY29iLXhzMGlURlZLcmhjY2tXcVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAAVo
SAMEAAVoSzAMAwQDLYK4AwQALYK6AwQALYwHAwQCVPxAAwQAWNpQAwQAWNrvAwQA
W/XvAwQAX9ZTAwQBX9ZcAwQAX9ZfAwQBsHa8AwQAsHa/AwQBubFMAwQAwaBEAwQA
waBIAwQCweQwAwQAwhydAwQA1EWHMA0GCSqGSIb3DQEBCwUAA4IBAQBUnD4P8DIW
VH0SQnayVnIPPugyqtWd0ky23mQz23zfCs2fF3xmB1BDaw99Uj76Zfzn0aniLpTA
t/ZuDDit8t9wlejfp4qSWj3kuYk83lleGyHkYihye5AQ7D9nfzeByZuRsH2M569z
V67PWy21j65c0MaxovEXiQVkvKEYmmppMWsnrPRXcBOnrjXAm+FhwpKYWKtS2Md2
2UC3a1CE2umUeaYR8TbrMR1ZFBDj2YOovZdFiTC/fmb7EoaDOge9H7/hZjelea4k
aUoM0CWOJIHrxm+6GgYIvJxKVP2Ipl1BXWQD0aikMddM2bcrvZsqOzTSp50GFREw
5n6tyKmnBUdX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org