Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kXPSb5xW7LG5bYemOzfbAPKSqiY.roa
File: kXPSb5xW7LG5bYemOzfbAPKSqiY.roa (raw, json)
Hash identifier: FE0YaJXNtNorByCEpuTQ9sPFOwX9auw1Mk5pSC9eUSg=
Subject key identifier: 91:73:D2:6F:9C:56:EC:B1:B9:6D:87:A6:3B:37:DB:00:F2:92:AA:26
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0192BDFDC3C18A496854D229A9AED3CAA04A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kXPSb5xW7LG5bYemOzfbAPKSqiY.roa
Signing time: Thu 24 Oct 2024 10:06:17 +0000
ROA not before: Thu 24 Oct 2024 10:06:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58057
IP address blocks: 45.12.68.0/22 maxlen: 24
45.136.136.0/22 maxlen: 24
93.88.200.0/21 maxlen: 24
94.177.122.0/24 maxlen: 24
109.61.104.0/21 maxlen: 24
139.28.96.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
193.33.94.0/23 maxlen: 24
193.163.86.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
2a04:ccc0:ffff::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a04:ccc6::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b80::/32 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c1:200::/40 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a0e:b107:2220::/45 maxlen: 48
2a0e:b107:2228::/45 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 21 Nov 2024 11:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:fd:c3:c1:8a:49:68:54:d2:29:a9:ae:d3:ca:a0:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 24 10:06:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9173d26f9c56ecb1b96d87a63b37db00f292aa26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:04:8d:39:d5:46:1f:77:0f:c6:a6:a1:ad:bb:
cf:2b:bc:d4:82:a7:f0:fc:73:ae:bc:2a:59:47:63:
8d:7e:03:9c:77:10:64:fb:96:57:39:15:3c:af:a0:
cd:8d:27:07:0f:fc:c5:df:19:e6:e5:1d:8f:06:2a:
36:60:98:01:40:a1:aa:5f:88:d6:0a:f5:1c:42:27:
86:a3:a5:e5:07:7d:f6:d6:4e:2b:a5:ab:3d:22:13:
79:95:c1:9a:eb:88:67:92:18:de:15:26:1d:8f:9f:
c2:9f:b5:a6:d1:cd:08:da:ea:61:0a:cf:b2:ab:30:
6b:ec:53:20:17:26:40:08:1c:ac:96:b8:01:92:20:
c4:dd:d6:f7:07:54:3e:33:99:6b:7d:5e:58:b0:df:
de:6a:16:13:5e:9d:54:26:cf:a8:2c:12:48:7b:5f:
03:c8:4e:29:8b:4a:bc:e6:95:5d:e5:8c:21:b1:7e:
b2:4c:23:43:20:bd:c3:90:d6:af:d3:6a:06:39:2c:
8d:c4:fd:5c:4e:45:50:cb:93:b2:66:90:4d:74:bc:
d2:bf:db:bb:23:3f:0f:ef:c5:b6:a9:b0:c9:fb:54:
ee:c0:3b:cb:93:fc:a2:ec:39:f2:45:ff:c9:49:cd:
66:7a:b6:8a:d0:9e:d4:44:a5:00:08:ca:95:9c:8e:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:73:D2:6F:9C:56:EC:B1:B9:6D:87:A6:3B:37:DB:00:F2:92:AA:26
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/kXPSb5xW7LG5bYemOzfbAPKSqiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.68.0/22
45.136.136.0/22
93.88.200.0/21
94.177.122.0/24
109.61.104.0/21
139.28.96.0/22
185.232.117.0/24
193.33.94.0/23
193.163.86.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0e:b107:2220::/44
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
8a:44:e6:c2:dc:23:00:91:53:4f:c6:38:02:65:ea:7a:ae:eb:
89:d6:cf:f9:b8:a4:9c:5c:30:88:90:ea:d3:21:df:2b:11:68:
b1:85:01:8c:22:00:03:ff:37:24:85:8b:50:44:7d:de:24:cd:
bf:ce:7f:47:f7:40:a2:80:96:e1:cc:02:05:5b:04:f6:64:35:
55:85:f6:ea:fb:3b:cc:8c:ce:1d:46:d9:c6:8f:12:75:57:56:
20:b9:d4:4f:2a:0e:18:c9:24:70:fe:57:71:d9:17:f1:09:08:
f6:1d:19:d5:96:b7:08:6f:b5:ff:03:e7:ea:a7:51:06:d1:c2:
3f:d5:fb:06:19:1b:c8:4d:e3:d3:36:31:d8:bf:27:01:34:36:
7e:26:04:3b:93:3e:8d:3c:64:de:59:ba:59:d5:49:d0:ae:0a:
5a:e5:b4:ac:39:d8:51:17:fe:28:62:fe:1e:7b:b8:05:38:8c:
a4:d2:d6:aa:70:ad:f6:3b:41:9c:d3:f9:17:6a:96:db:b2:76:
54:a1:26:4f:d5:0d:ff:1b:1f:bf:9e:3c:61:a5:e6:50:b2:52:
56:5c:4c:d7:4c:52:aa:78:ac:fd:5c:18:ec:4e:be:d7:d7:83:
46:90:66:00:cb:3f:2c:3e:5e:9b:df:57:7a:50:d0:01:80:c7:
c3:cf:de:a0
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZK9/cPBikloVNIpqa7TyqBKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMDI0MTAwNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTczZDI2ZjljNTZlY2IxYjk2ZDg3YTYzYjM3ZGIwMGYyOTJhYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyASNOdVGH3cPxqahrbvPK7zUgqfw
/HOuvCpZR2ONfgOcdxBk+5ZXORU8r6DNjScHD/zF3xnm5R2PBio2YJgBQKGqX4jW
CvUcQieGo6XlB3321k4rpas9IhN5lcGa64hnkhjeFSYdj5/Cn7Wm0c0I2uphCs+y
qzBr7FMgFyZACByslrgBkiDE3db3B1Q+M5lrfV5YsN/eahYTXp1UJs+oLBJIe18D
yE4pi0q85pVd5YwhsX6yTCNDIL3DkNav02oGOSyNxP1cTkVQy5OyZpBNdLzSv9u7
Iz8P78W2qbDJ+1TuwDvLk/yi7DnyRf/JSc1meraK0J7URKUACMqVnI7xkwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFJFz0m+cVuyxuW2Hpjs32wDykqomMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEva1hQU2I1eFc3TEc1YlllbU96ZmJBUEtTcWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDBIBAIAATBCAwQC
LQxEAwQCLYiIAwQDXVjIAwQAXrF6AwQDbT1oAwQCixxgAwQAueh1AwQBwSFeAwQA
waNWAwQAwjJcAwQAwjJeMIHPBAIAAjCByDAQAwcAKgTMwP//AwUBKgTMwDAOAwUA
KgTMwwMFAyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHBCoOl8AB0AMHBCoO
l8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFl
AwcAKg6xBxeGAwcDKg6xByHAAwcEKg6xByIgAwcAKg/kBAECAwcAKhAvAAGNAwcA
KhAvAAGPAwcAKhAvAAGTAwcEKhDMQAJQAwcEKhDMRQEwMA0GCSqGSIb3DQEBCwUA
A4IBAQCKRObC3CMAkVNPxjgCZep6ruuJ1s/5uKScXDCIkOrTId8rEWixhQGMIgAD
/zckhYtQRH3eJM2/zn9H90CigJbhzAIFWwT2ZDVVhfbq+zvMjM4dRtnGjxJ1V1Yg
udRPKg4YySRw/ldx2RfxCQj2HRnVlrcIb7X/A+fqp1EG0cI/1fsGGRvITePTNjHY
vycBNDZ+JgQ7kz6NPGTeWbpZ1UnQrgpa5bSsOdhRF/4oYv4ee7gFOIyk0taqcK32
O0Gc0/kXapbbsnZUoSZP1Q3/Gx+/njxhpeZQslJWXEzXTFKqeKz9XBjsTr7X14NG
kGYAyz8sPl6b31d6UNABgMfDz96g
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:52 2024 by rpki-client on console-ams.rpki-client.org