Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/xUSyCNY3JVb5E933RtHN7kmr4oQ.roa
File: xUSyCNY3JVb5E933RtHN7kmr4oQ.roa (raw, json)
Hash identifier: OuYR/0LUkj4xRvuAILSNxrb10qMlKIo10k14l473nM0=
Subject key identifier: C5:44:B2:08:D6:37:25:56:F9:13:DD:F7:46:D1:CD:EE:49:AB:E2:84
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 0193915ECEF1E612938C0AFA53328BF1D43E
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/xUSyCNY3JVb5E933RtHN7kmr4oQ.roa
Signing time: Wed 04 Dec 2024 11:12:09 +0000
ROA not before: Wed 04 Dec 2024 11:12:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
89.208.56.0/21 maxlen: 21
89.208.128.0/21 maxlen: 21
89.208.134.0/23 maxlen: 24
141.226.120.0/22 maxlen: 24
147.234.23.0/24 maxlen: 24
147.236.104.0/21 maxlen: 23
147.236.116.0/23 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.125.0/24 maxlen: 24
147.236.144.0/20 maxlen: 24
147.236.176.0/20 maxlen: 20
147.236.183.0/24 maxlen: 24
185.108.80.0/22 maxlen: 24
185.149.252.0/22 maxlen: 24
185.167.108.0/22 maxlen: 24
185.175.32.0/22 maxlen: 23
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.182.76.0/22 maxlen: 24
185.184.244.0/22 maxlen: 23
188.191.224.0/21 maxlen: 21
188.191.224.0/22 maxlen: 22
188.191.224.0/24 maxlen: 24
188.191.228.0/22 maxlen: 22
217.175.80.0/20 maxlen: 20
217.175.84.0/22 maxlen: 22
217.175.88.0/21 maxlen: 23
2a00:7c40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 31 Dec 2024 10:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:5e:ce:f1:e6:12:93:8c:0a:fa:53:32:8b:f1:d4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Dec 4 11:12:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c544b208d6372556f913ddf746d1cdee49abe284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ec:07:63:03:09:e1:55:42:85:89:2f:76:3e:
12:6a:d6:55:e5:1a:4c:38:b7:0d:00:42:b6:1e:fc:
f3:d7:84:a7:62:60:8f:30:1d:16:3c:f1:aa:17:3d:
a8:14:7f:15:ee:bd:e8:19:f1:a0:c1:61:1e:f8:18:
f9:8c:04:d5:c5:3a:51:c5:e7:c4:14:e9:34:4a:c8:
5f:3a:bf:b2:88:14:71:cc:f1:a3:12:2d:bf:8c:94:
72:86:cf:bf:4e:ed:92:8b:51:89:3a:ab:09:cc:f3:
1f:ff:b6:b7:89:98:8e:6d:f6:4d:03:53:8b:d3:25:
06:95:99:b7:83:5c:0a:9e:5c:73:33:f7:5c:a5:c5:
d1:bd:64:b4:6e:a7:a9:86:c1:7e:e2:d1:fa:e9:5a:
fe:a8:39:30:91:a3:96:0a:17:39:32:b7:02:62:bd:
86:c7:c9:06:f2:1e:d3:47:33:a5:2d:0c:20:2c:99:
3e:e6:2b:e5:eb:6b:dd:6c:b2:d9:65:fe:71:42:2a:
83:24:97:a6:61:fb:37:11:20:7f:ab:26:24:3a:93:
2b:8a:91:95:a2:bc:24:a1:b4:6e:21:4e:15:a6:d3:
77:e5:01:1f:35:fa:6f:21:db:32:47:dc:53:43:d1:
d2:53:5a:73:ea:aa:f3:68:b6:ca:4b:75:f2:fc:ea:
1f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:44:B2:08:D6:37:25:56:F9:13:DD:F7:46:D1:CD:EE:49:AB:E2:84
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/xUSyCNY3JVb5E933RtHN7kmr4oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0/23
147.236.120.0/21
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
95:0d:9b:2b:b1:19:56:34:6e:da:26:cc:2c:37:59:be:27:c6:
43:80:99:8f:e6:3b:c9:ec:ac:9f:04:a7:db:7a:48:7f:3b:22:
a5:c4:47:3e:0c:f2:6f:1d:e3:cd:06:fc:17:f1:93:fd:0f:6d:
3d:7a:1e:b7:53:7f:87:5b:be:8d:6a:87:33:23:39:1d:97:43:
90:c8:82:93:f6:76:20:e5:0f:73:87:11:f0:52:a8:a9:d6:46:
5f:c2:e1:c6:c6:9d:a2:6a:27:6e:6e:91:e9:a2:4e:eb:09:0d:
6e:6e:5c:30:91:78:da:01:f9:43:96:f2:68:2f:80:4f:a2:70:
80:2f:b4:b4:cc:68:3b:6f:2a:6a:52:2d:7a:dc:20:4d:8b:de:
10:4f:e6:06:c9:3e:eb:c4:43:6e:18:b9:cd:df:61:fc:38:db:
73:8d:ad:0c:ce:4b:eb:8b:45:56:79:41:f9:c1:aa:c8:bb:c9:
17:db:1f:fc:e2:95:0d:4d:04:89:24:08:04:ad:cc:8b:9c:7e:
0a:2f:1a:4b:46:59:f5:08:68:2e:cd:71:73:b7:2f:6a:49:ad:
0f:4d:f7:43:cf:dd:ab:40:bc:7b:37:d7:9c:a1:75:19:f2:26:
d4:5e:7c:9c:d4:1d:fd:7c:f9:42:87:38:14:32:cd:cf:56:e4:
8b:e8:99:32
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZORXs7x5hKTjAr6UzKL8dQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjQxMjA0MTExMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTQ0YjIwOGQ2MzcyNTU2ZjkxM2RkZjc0NmQxY2RlZTQ5YWJlMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOwHYwMJ4VVChYkvdj4SatZV5RpM
OLcNAEK2Hvzz14SnYmCPMB0WPPGqFz2oFH8V7r3oGfGgwWEe+Bj5jATVxTpRxefE
FOk0SshfOr+yiBRxzPGjEi2/jJRyhs+/Tu2Si1GJOqsJzPMf/7a3iZiObfZNA1OL
0yUGlZm3g1wKnlxzM/dcpcXRvWS0bqephsF+4tH66Vr+qDkwkaOWChc5MrcCYr2G
x8kG8h7TRzOlLQwgLJk+5ivl62vdbLLZZf5xQiqDJJemYfs3ESB/qyYkOpMripGV
orwkobRuIU4VptN35QEfNfpvIdsyR9xTQ9HSU1pz6qrzaLbKS3Xy/OoftQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFMVEsgjWNyVW+RPd90bRze5Jq+KEMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEveFVTeUNOWTNKVmI1RTkzM1J0SE43a21yNG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoAwQBk+x0AwQDk+x4AwQEk+yQ
AwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQCubZMAwQCubj0
AwQDvL/gAwQE2a9QMA0EAgACMAcDBQMqAHxAMA0GCSqGSIb3DQEBCwUAA4IBAQCV
DZsrsRlWNG7aJswsN1m+J8ZDgJmP5jvJ7KyfBKfbekh/OyKlxEc+DPJvHePNBvwX
8ZP9D209eh63U3+HW76NaoczIzkdl0OQyIKT9nYg5Q9zhxHwUqip1kZfwuHGxp2i
aidubpHpok7rCQ1ublwwkXjaAflDlvJoL4BPonCAL7S0zGg7bypqUi163CBNi94Q
T+YGyT7rxENuGLnN32H8ONtzja0Mzkvri0VWeUH5warIu8kX2x/84pUNTQSJJAgE
rcyLnH4KLxpLRln1CGguzXFzty9qSa0PTfdDz92rQLx7N9ecoXUZ8ibUXnyc1B39
fPlChzgUMs3PVuSL6Jky
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:26:22 2025 by rpki-client