Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/XF8c4RLdgIWQcv9aP_yximgC6nI.roa
File: XF8c4RLdgIWQcv9aP_yximgC6nI.roa (raw, json)
Hash identifier: S23RdKmu2WLF//3tVlrbtmFD53PazJ1XgapllD5JCJ8=
Subject key identifier: 5C:5F:1C:E1:12:DD:80:85:90:72:FF:5A:3F:FC:B1:8A:68:02:EA:72
Certificate issuer: /CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Certificate serial: 018F6732D99E35576B432551339085D2C378
Authority key identifier: EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/XF8c4RLdgIWQcv9aP_yximgC6nI.roa
Signing time: Sat 11 May 2024 10:28:56 +0000
ROA not before: Sat 11 May 2024 10:28:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8903
IP address blocks: 84.18.0.0/19 maxlen: 19
92.60.160.0/20 maxlen: 20
92.60.170.0/24 maxlen: 24
92.60.173.0/24 maxlen: 24
92.60.174.0/24 maxlen: 24
185.66.60.0/22 maxlen: 22
185.66.60.0/24 maxlen: 24
185.66.61.0/24 maxlen: 24
185.66.62.0/24 maxlen: 24
195.5.64.0/19 maxlen: 19
212.49.128.0/18 maxlen: 18
212.49.129.0/24 maxlen: 24
212.49.189.0/24 maxlen: 24
212.59.192.0/19 maxlen: 19
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 23
212.66.163.0/24 maxlen: 24
212.66.164.0/22 maxlen: 22
212.66.168.0/21 maxlen: 21
212.66.176.0/20 maxlen: 20
212.163.0.0/16 maxlen: 16
212.163.1.0/24 maxlen: 24
212.163.5.0/24 maxlen: 24
212.163.31.0/24 maxlen: 24
212.163.48.0/24 maxlen: 24
212.163.91.0/24 maxlen: 24
212.163.92.0/24 maxlen: 24
212.163.94.0/24 maxlen: 24
212.163.130.0/24 maxlen: 24
212.163.185.0/24 maxlen: 24
212.163.193.0/24 maxlen: 24
212.163.216.0/22 maxlen: 22
212.163.220.0/22 maxlen: 22
212.163.225.0/24 maxlen: 24
212.163.226.0/24 maxlen: 24
212.163.227.0/24 maxlen: 24
212.163.235.0/24 maxlen: 24
212.163.240.0/20 maxlen: 20
213.9.128.0/17 maxlen: 17
213.9.142.0/23 maxlen: 23
213.9.144.0/24 maxlen: 24
213.9.162.0/23 maxlen: 23
213.9.182.0/24 maxlen: 24
213.9.185.0/24 maxlen: 24
213.9.186.0/24 maxlen: 24
213.9.190.0/23 maxlen: 23
213.9.217.0/24 maxlen: 24
213.9.224.0/20 maxlen: 20
213.9.240.0/23 maxlen: 23
213.9.244.0/24 maxlen: 24
213.9.245.0/24 maxlen: 24
213.9.246.0/24 maxlen: 24
213.9.247.0/24 maxlen: 24
213.9.248.0/24 maxlen: 24
213.192.192.0/18 maxlen: 18
213.192.193.0/24 maxlen: 24
213.192.195.0/24 maxlen: 24
213.192.200.0/22 maxlen: 22
213.192.203.0/24 maxlen: 24
213.192.206.0/23 maxlen: 23
213.192.212.0/22 maxlen: 22
213.192.213.0/24 maxlen: 24
213.192.216.0/21 maxlen: 21
213.192.224.0/22 maxlen: 22
213.192.228.0/23 maxlen: 23
213.192.232.0/22 maxlen: 22
213.192.238.0/24 maxlen: 24
213.192.239.0/24 maxlen: 24
213.192.240.0/24 maxlen: 24
213.192.241.0/24 maxlen: 24
213.192.242.0/23 maxlen: 23
213.192.244.0/23 maxlen: 23
213.192.246.0/24 maxlen: 24
213.192.247.0/24 maxlen: 24
213.192.248.0/21 maxlen: 21
213.192.249.0/24 maxlen: 24
213.192.251.0/24 maxlen: 24
213.192.252.0/23 maxlen: 23
213.192.253.0/24 maxlen: 24
213.192.254.0/24 maxlen: 24
213.192.255.0/24 maxlen: 24
2001:ac0::/29 maxlen: 29
2001:ac0::/32 maxlen: 32
2001:ac0:30fd::/48 maxlen: 48
2001:ac0:c040::/44 maxlen: 44
2001:ac0:c0c0::/44 maxlen: 44
2001:ac0:c880::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 11 Jul 2024 19:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:67:32:d9:9e:35:57:6b:43:25:51:33:90:85:d2:c3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3e71b96992da3d91c88dd74ef41f9b95b9485b
Validity
Not Before: May 11 10:28:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c5f1ce112dd80859072ff5a3ffcb18a6802ea72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5f:50:96:7b:bf:8d:93:f4:b7:fd:39:7c:95:
fd:86:84:9a:aa:66:6b:5b:cf:43:12:28:f9:45:e5:
36:54:98:15:c2:ee:20:d1:7c:e1:e5:04:95:01:d4:
4c:be:63:78:fd:bb:c2:8c:7c:cd:2a:c3:5d:2a:f9:
4b:03:98:27:6f:41:73:74:c5:5c:fb:81:1a:9e:46:
2c:ee:06:4d:d6:3f:54:33:9b:bf:bd:f6:00:f8:02:
04:cb:01:ea:4a:9d:2f:ef:bc:30:c7:1e:d7:73:ce:
86:1b:a4:61:58:02:45:29:1f:24:44:c7:bd:2d:97:
25:74:83:3a:fd:fa:d5:ad:1f:f3:63:6e:04:46:04:
50:28:b6:44:ae:34:63:b7:01:d6:ea:3b:d3:4e:61:
34:d3:b3:d3:a7:1f:5c:65:85:fe:e3:6f:c1:54:92:
d7:d9:11:3b:f1:77:d2:e9:e0:b4:52:48:40:41:90:
07:1d:d8:e4:da:14:4b:ae:23:58:43:89:cc:e8:cc:
42:28:b2:c0:99:63:47:81:14:16:c3:ae:46:d9:2e:
91:49:90:ba:00:15:4d:d4:6d:91:ea:79:d5:67:f7:
b0:1f:fa:84:35:32:e8:3c:ac:96:5e:1e:1a:77:a0:
a5:da:94:67:0f:b5:08:5f:a5:e3:c9:af:bd:2e:ef:
65:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5F:1C:E1:12:DD:80:85:90:72:FF:5A:3F:FC:B1:8A:68:02:EA:72
X509v3 Authority Key Identifier:
keyid:EF:3E:71:B9:69:92:DA:3D:91:C8:8D:D7:4E:F4:1F:9B:95:B9:48:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7z5xuWmS2j2RyI3XTvQfm5W5SFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/XF8c4RLdgIWQcv9aP_yximgC6nI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/ad4e57-d901-4485-98d2-9196ce446527/1/7z5xuWmS2j2RyI3XTvQfm5W5SFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
185.66.60.0/22
195.5.64.0/19
212.49.128.0/18
212.59.192.0/19
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/29
Signature Algorithm: sha256WithRSAEncryption
83:9b:53:4d:2c:20:ce:0e:92:af:18:eb:87:87:e7:3b:8c:0f:
31:4e:2c:2c:55:fc:01:6d:d4:67:fc:5d:c0:69:b3:85:db:46:
ef:26:5c:23:df:51:c6:ca:4f:20:90:ef:a7:70:91:a3:64:92:
3d:35:df:c7:e6:92:b5:3e:e1:e2:57:4b:56:c7:e5:19:32:bf:
ef:24:e7:85:e7:de:70:79:c5:6a:06:39:8f:aa:30:af:b4:68:
cc:8c:4b:31:c5:f9:5d:1d:d1:8a:6c:24:4e:2a:ea:10:04:ad:
18:a2:a2:b5:fa:b4:c7:c3:52:69:90:e1:cc:a0:8c:42:08:d0:
b6:68:7e:f7:3c:35:6d:a1:96:2e:c7:b3:60:5c:93:75:4d:a9:
a9:c7:1b:71:3e:06:15:23:15:b5:94:20:b4:bc:4e:7e:b8:79:
02:ed:c7:b6:2f:d4:88:fa:e2:eb:54:9e:3f:03:c8:27:d0:6b:
20:fd:10:8f:26:26:87:bd:58:5c:87:d3:b0:38:bc:8c:b5:85:
b8:7d:3a:ca:99:02:ff:fd:c2:81:b9:ca:c1:c8:66:c7:fb:52:
78:ad:fd:9d:1e:24:ce:0c:06:37:4d:d3:38:97:d1:54:06:7c:
4c:63:aa:42:92:ef:85:1e:ae:ab:7b:77:03:37:51:83:fe:3e:
c3:9b:ca:11
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY9nMtmeNVdrQyVRM5CF0sN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmM2U3MWI5Njk5MmRhM2Q5MWM4OGRkNzRlZjQxZjliOTVi
OTQ4NWIwHhcNMjQwNTExMTAyODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVmMWNlMTEyZGQ4MDg1OTA3MmZmNWEzZmZjYjE4YTY4MDJlYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2V9Qlnu/jZP0t/05fJX9hoSaqmZr
W89DEij5ReU2VJgVwu4g0Xzh5QSVAdRMvmN4/bvCjHzNKsNdKvlLA5gnb0FzdMVc
+4EankYs7gZN1j9UM5u/vfYA+AIEywHqSp0v77wwxx7Xc86GG6RhWAJFKR8kRMe9
LZcldIM6/frVrR/zY24ERgRQKLZErjRjtwHW6jvTTmE007PTpx9cZYX+42/BVJLX
2RE78XfS6eC0UkhAQZAHHdjk2hRLriNYQ4nM6MxCKLLAmWNHgRQWw65G2S6RSZC6
ABVN1G2R6nnVZ/ewH/qENTLoPKyWXh4ad6Cl2pRnD7UIX6Xjya+9Lu9lpQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFFxfHOES3YCFkHL/Wj/8sYpoAupyMB8GA1UdIwQY
MBaAFO8+cblpkto9kciN1070H5uVuUhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDIt
OTE5NmNlNDQ2NTI3LzEvWEY4YzRSTGRnSVdRY3Y5YVBfeXhpbWdDNm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hZDRlNTctZDkwMS00NDg1LTk4ZDItOTE5NmNlNDQ2NTI3
LzEvN3o1eHVXbVMyajJSeUkzWFR2UWZtNVc1U0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBJBAIAATBDAwQFVBIAAwQE
XDygAwQCuUI8AwQFwwVAAwQG1DGAAwQF1DvAMAwDBADUQqEDBAbUQoADAwDUowME
B9UJgAMEBtXAwDANBAIAAjAHAwUDIAEKwDANBgkqhkiG9w0BAQsFAAOCAQEAg5tT
TSwgzg6Srxjrh4fnO4wPMU4sLFX8AW3UZ/xdwGmzhdtG7yZcI99RxspPIJDvp3CR
o2SSPTXfx+aStT7h4ldLVsflGTK/7yTnhefecHnFagY5j6owr7RozIxLMcX5XR3R
imwkTirqEAStGKKitfq0x8NSaZDhzKCMQgjQtmh+9zw1baGWLsezYFyTdU2pqccb
cT4GFSMVtZQgtLxOfrh5Au3Hti/UiPri61SePwPIJ9BrIP0QjyYmh71YXIfTsDi8
jLWFuH06ypkC//3CgbnKwchmx/tSeK39nR4kzgwGN03TOJfRVAZ8TGOqQpLvhR6u
q3t3AzdRg/4+w5vKEQ==
-----END CERTIFICATE-----
Generated at Thu Jul 11 20:57:29 2024 by rpki-client on console-ams.rpki-client.org