Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/X5DnniXALOcct14HnScdxxOhO78.roa
File: X5DnniXALOcct14HnScdxxOhO78.roa (raw, json)
Hash identifier: Jo4XktSkSttg3CN4EhGcfKk9MQLyTZrGK5vHocOe1Hs=
Subject key identifier: 5F:90:E7:9E:25:C0:2C:E7:1C:B7:5E:07:9D:27:1D:C7:13:A1:3B:BF
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 019127F8D54526E58FCEDAA9C30AAC272A90
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/X5DnniXALOcct14HnScdxxOhO78.roa
Signing time: Tue 06 Aug 2024 13:55:04 +0000
ROA not before: Tue 06 Aug 2024 13:55:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206805
IP address blocks: 45.84.152.0/23 maxlen: 24
45.84.154.0/24 maxlen: 24
45.84.155.0/24 maxlen: 24
45.145.188.0/23 maxlen: 23
45.145.190.0/23 maxlen: 23
45.145.190.0/24 maxlen: 24
45.145.191.0/24 maxlen: 24
80.85.248.0/23 maxlen: 23
80.85.250.0/23 maxlen: 23
80.85.252.0/24 maxlen: 24
80.85.253.0/24 maxlen: 24
80.85.254.0/23 maxlen: 24
178.159.32.0/23 maxlen: 24
185.159.111.0/24 maxlen: 24
185.228.48.0/22 maxlen: 24
185.247.192.0/22 maxlen: 24
188.64.149.0/24 maxlen: 24
188.64.150.0/23 maxlen: 24
193.19.100.0/23 maxlen: 24
193.246.144.0/24 maxlen: 24
193.246.150.0/24 maxlen: 24
193.246.159.0/24 maxlen: 24
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00:200::/40 maxlen: 40
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:300::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 26 Aug 2024 13:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:f8:d5:45:26:e5:8f:ce:da:a9:c3:0a:ac:27:2a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Aug 6 13:55:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f90e79e25c02ce71cb75e079d271dc713a13bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:dd:55:11:43:de:d0:6e:c5:b5:07:79:2b:
7e:97:e0:e1:19:80:43:ba:7d:fa:05:29:a6:d7:1a:
f0:e2:84:fc:4d:72:2b:30:f6:dc:48:80:a9:99:8c:
66:46:55:a0:fc:4a:16:cc:10:00:91:bd:f1:02:a2:
12:8c:fc:a2:cb:bf:f7:af:0a:95:00:fa:82:ff:f9:
c5:4b:0a:2a:2d:93:6c:ca:4f:7c:59:e7:9c:d4:cc:
55:5c:c4:90:a8:1c:b6:87:3a:24:5e:91:e2:16:ee:
d2:6b:4d:85:af:da:53:75:ee:5a:8e:17:f9:5d:86:
13:98:81:30:51:28:3f:f7:21:7d:fe:7e:31:72:97:
24:73:5c:1d:37:da:e0:eb:de:6b:1b:bc:bb:69:73:
89:10:56:88:a0:68:3a:35:65:7b:e8:97:7e:32:66:
ec:b5:bd:64:85:c0:ae:79:32:4a:41:7a:45:b5:95:
b3:42:02:58:50:a5:85:91:25:9b:3b:87:fa:fe:af:
5a:f0:c6:36:2f:f2:ec:42:88:5d:13:aa:11:90:f9:
f2:4f:89:fd:04:2d:e3:4d:45:86:e4:e6:47:44:a4:
42:7c:c7:3c:5d:6c:23:29:56:0f:8a:64:65:99:bf:
71:af:ac:e0:c0:6b:46:7a:46:30:4b:7d:2f:8a:99:
eb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:90:E7:9E:25:C0:2C:E7:1C:B7:5E:07:9D:27:1D:C7:13:A1:3B:BF
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/X5DnniXALOcct14HnScdxxOhO78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/21
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
193.246.144.0/24
193.246.150.0/24
193.246.159.0/24
IPv6:
2a0c:ee00::/38
Signature Algorithm: sha256WithRSAEncryption
2f:f2:98:be:7f:de:7b:e0:f2:38:c5:53:ec:1b:a0:9f:b3:e2:
0b:fa:5b:a5:cf:1a:ef:d0:4c:6d:31:18:c0:a8:f8:c2:f1:de:
b2:04:61:3b:e4:48:1c:94:ed:7b:97:66:13:9a:b1:b1:e0:fe:
50:e3:d1:64:a7:bf:e2:d5:f7:40:c6:60:9d:34:88:32:92:21:
a0:9f:af:5c:36:30:41:11:48:8d:10:f6:31:20:1f:73:26:c6:
9d:5e:e6:41:ba:9a:29:1b:fa:8c:e8:26:90:74:1c:18:5e:16:
1f:9b:85:e4:a7:17:14:ef:ad:85:84:d4:e5:37:a6:c0:4a:9d:
9d:cd:f6:2f:9d:28:11:9a:88:f7:53:76:28:b6:af:13:5f:8f:
72:85:6f:3b:f7:cc:f1:07:bb:62:4a:bd:45:e2:6c:df:67:72:
29:eb:4c:5c:bb:db:0b:2a:43:f0:48:13:ab:37:36:5c:1d:db:
e1:e4:be:7f:fd:da:5a:77:46:4f:1b:ba:6a:87:bb:f9:cc:83:
15:3c:49:4b:65:77:94:fb:ce:de:38:b2:f3:34:72:92:1f:74:
9c:bc:db:91:4f:cf:1b:85:04:2b:9a:99:b0:99:18:cc:3f:a9:
78:d8:4e:91:f4:c8:36:36:3c:54:d9:6a:f6:0a:82:4c:b9:63:
c3:59:89:58
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZEn+NVFJuWPztqpwwqsJyqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjQwODA2MTM1NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjkwZTc5ZTI1YzAyY2U3MWNiNzVlMDc5ZDI3MWRjNzEzYTEzYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H/dVRFD3tBuxbUHeSt+l+DhGYBD
un36BSmm1xrw4oT8TXIrMPbcSICpmYxmRlWg/EoWzBAAkb3xAqISjPyiy7/3rwqV
APqC//nFSwoqLZNsyk98Weec1MxVXMSQqBy2hzokXpHiFu7Sa02Fr9pTde5ajhf5
XYYTmIEwUSg/9yF9/n4xcpckc1wdN9rg695rG7y7aXOJEFaIoGg6NWV76Jd+Mmbs
tb1khcCueTJKQXpFtZWzQgJYUKWFkSWbO4f6/q9a8MY2L/LsQohdE6oRkPnyT4n9
BC3jTUWG5OZHRKRCfMc8XWwjKVYPimRlmb9xr6zgwGtGekYwS30vipnrtwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFF+Q554lwCznHLdeB50nHccToTu/MB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvWDVEbm5pWEFMT2NjdDE0SG5TY2R4eE9oTzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBWBAIAATBQAwQCLVSYAwQC
LZG8AwQDUFX4AwQBsp8gAwQAuZ9vAwQCueQwAwQCuffAMAwDBAC8QJUDBAO8QJAD
BAHBE2QDBADB9pADBADB9pYDBADB9p8wDgQCAAIwCAMGAioM7gAAMA0GCSqGSIb3
DQEBCwUAA4IBAQAv8pi+f9574PI4xVPsG6Cfs+IL+lulzxrv0ExtMRjAqPjC8d6y
BGE75EgclO17l2YTmrGx4P5Q49Fkp7/i1fdAxmCdNIgykiGgn69cNjBBEUiNEPYx
IB9zJsadXuZBupopG/qM6CaQdBwYXhYfm4XkpxcU762FhNTlN6bASp2dzfYvnSgR
moj3U3Yotq8TX49yhW8798zxB7tiSr1F4mzfZ3Ip60xcu9sLKkPwSBOrNzZcHdvh
5L5//dpad0ZPG7pqh7v5zIMVPElLZXeU+87eOLLzNHKSH3ScvNuRT88bhQQrmpmw
mRjMP6l42E6R9Mg2NjxU2Wr2CoJMuWPDWYlY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:15 2025 by rpki-client