Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/xbi7Cl6h56FweboPT1Kaukf5Lec.roa
File: xbi7Cl6h56FweboPT1Kaukf5Lec.roa (raw, json)
Hash identifier: SNziME2sBA/EhTl/EFW4rsXk/gBrvp8ZklAiVmNwxOM=
Subject key identifier: C5:B8:BB:0A:5E:A1:E7:A1:70:79:BA:0F:4F:52:9A:BA:47:F9:2D:E7
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 01919E698B1823D297143F49928187C1AD76
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/xbi7Cl6h56FweboPT1Kaukf5Lec.roa
Signing time: Thu 29 Aug 2024 13:53:22 +0000
ROA not before: Thu 29 Aug 2024 13:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51531
IP address blocks: 45.129.80.0/22 maxlen: 24
46.31.120.0/21 maxlen: 24
81.89.88.0/21 maxlen: 24
185.70.20.0/22 maxlen: 24
185.176.194.0/23 maxlen: 24
2a02:c50::/32 maxlen: 32
2a02:c50::/34 maxlen: 34
2a02:c50:6000::/35 maxlen: 35
2a02:c50:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 23 Dec 2024 17:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:69:8b:18:23:d2:97:14:3f:49:92:81:87:c1:ad:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Aug 29 13:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5b8bb0a5ea1e7a17079ba0f4f529aba47f92de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:9b:2b:d0:b7:74:6f:56:c9:b4:14:99:03:
a2:6c:9d:ef:41:f7:a3:a0:06:75:c5:3b:c8:1f:e7:
35:65:b2:9d:cc:94:8f:39:b7:4c:01:da:d2:61:eb:
8a:fd:2a:f2:10:7a:08:72:2c:72:2d:11:68:5a:e4:
ed:3e:01:d0:cd:e7:7f:66:61:f6:83:9a:f6:7b:60:
07:f6:3d:95:90:83:0b:e1:7f:2b:8d:15:9b:a1:c5:
e7:cc:fc:c4:43:e2:42:e2:5d:62:3a:c4:db:7d:95:
bf:75:de:5c:c7:06:66:ea:16:b5:c6:5b:70:37:2b:
87:a3:7f:76:27:f6:64:6e:61:5e:cd:d3:46:2e:cc:
72:60:86:a1:fa:0c:f4:45:04:a9:03:6c:9c:c2:f5:
9a:a2:ea:3c:61:4a:16:90:f3:b3:62:90:97:44:ca:
dd:a3:9b:4b:e5:81:94:bd:ad:a8:8f:7d:7b:cc:93:
55:2e:54:6d:ae:63:aa:62:fb:88:9c:95:a3:35:33:
28:ca:54:dc:52:35:3e:4e:0b:6f:fa:3e:d8:3d:ef:
04:85:8f:4b:e1:d7:25:6d:87:d0:f0:a9:6a:0e:dc:
3e:5d:3e:d3:39:f4:84:4d:a4:18:63:12:03:93:6b:
85:10:ab:bb:83:8b:a0:a2:97:38:a0:34:aa:96:b4:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B8:BB:0A:5E:A1:E7:A1:70:79:BA:0F:4F:52:9A:BA:47:F9:2D:E7
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/xbi7Cl6h56FweboPT1Kaukf5Lec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.80.0/22
46.31.120.0/21
81.89.88.0/21
185.70.20.0/22
185.176.194.0/23
IPv6:
2a02:c50::/32
Signature Algorithm: sha256WithRSAEncryption
67:1c:5b:b3:82:69:78:69:36:13:61:a0:40:54:9d:21:2f:b1:
10:09:70:68:35:66:0d:43:3a:fe:7b:46:a2:64:45:b8:71:26:
cf:b0:d8:90:d3:c3:4f:0a:95:1f:98:7f:44:d0:a7:d1:84:82:
a2:26:b1:ec:7c:d8:34:7f:12:ec:28:03:e2:62:d8:65:af:7f:
25:b7:d8:29:43:6b:12:0a:5f:48:cc:e1:3a:7a:42:d2:25:fd:
73:9b:e1:8a:a9:6f:c3:ae:8b:15:8a:55:24:4a:52:6d:a5:44:
84:56:f0:e2:26:d6:1a:3d:ae:16:46:98:8e:c1:70:69:0d:53:
3f:9e:63:98:6b:4f:3f:c7:03:f2:66:c6:54:14:0b:ef:73:a6:
7c:eb:61:db:c4:6b:70:3d:5e:10:84:53:c4:de:c8:11:0f:68:
52:52:d8:1d:20:8d:2e:d6:fb:c2:bb:25:57:ea:dd:fe:da:de:
fa:ae:61:7d:22:c0:21:ab:9a:a3:35:54:b8:d6:83:06:e0:3a:
44:d3:dd:60:69:8a:52:73:72:1c:25:e7:a1:9a:10:36:b5:44:
27:66:d2:fd:81:37:86:bb:e0:97:43:6c:02:d5:7d:10:e2:b7:
3b:cc:22:95:19:e8:3b:ba:0e:cf:ac:32:b3:bd:f1:5e:72:51:
95:e0:84:d3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZGeaYsYI9KXFD9JkoGHwa12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjQwODI5MTM1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWI4YmIwYTVlYTFlN2ExNzA3OWJhMGY0ZjUyOWFiYTQ3ZjkyZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCKbK9C3dG9WybQUmQOibJ3vQfej
oAZ1xTvIH+c1ZbKdzJSPObdMAdrSYeuK/SryEHoIcixyLRFoWuTtPgHQzed/ZmH2
g5r2e2AH9j2VkIML4X8rjRWbocXnzPzEQ+JC4l1iOsTbfZW/dd5cxwZm6ha1xltw
NyuHo392J/ZkbmFezdNGLsxyYIah+gz0RQSpA2ycwvWaouo8YUoWkPOzYpCXRMrd
o5tL5YGUva2oj317zJNVLlRtrmOqYvuInJWjNTMoylTcUjU+Tgtv+j7YPe8EhY9L
4dclbYfQ8KlqDtw+XT7TOfSETaQYYxIDk2uFEKu7g4ugopc4oDSqlrRgcwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMW4uwpeoeehcHm6D09SmrpH+S3nMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEveGJpN0NsNmg1NkZ3ZWJvUFQxS2F1a2Y1TGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYFQAwQD
Lh94AwQDUVlYAwQCuUYUAwQBubDCMA0EAgACMAcDBQAqAgxQMA0GCSqGSIb3DQEB
CwUAA4IBAQBnHFuzgml4aTYTYaBAVJ0hL7EQCXBoNWYNQzr+e0aiZEW4cSbPsNiQ
08NPCpUfmH9E0KfRhIKiJrHsfNg0fxLsKAPiYthlr38lt9gpQ2sSCl9IzOE6ekLS
Jf1zm+GKqW/DrosVilUkSlJtpUSEVvDiJtYaPa4WRpiOwXBpDVM/nmOYa08/xwPy
ZsZUFAvvc6Z862HbxGtwPV4QhFPE3sgRD2hSUtgdII0u1vvCuyVX6t3+2t76rmF9
IsAhq5qjNVS41oMG4DpE091gaYpSc3IcJeehmhA2tUQnZtL9gTeGu+CXQ2wC1X0Q
4rc7zCKVGeg7ug7PrDKzvfFeclGV4ITT
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:30:40 2025 by rpki-client