Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XW0-0R1rOf-zRawiOKs8_7BIs20.roa
File: XW0-0R1rOf-zRawiOKs8_7BIs20.roa (raw, json)
Hash identifier: dF2wqBDkNtKVhxoCcY3N9SvbzWY31yGxcpBSXHB5mE0=
Subject key identifier: 5D:6D:3E:D1:1D:6B:39:FF:B3:45:AC:22:38:AB:3C:FF:B0:48:B3:6D
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019118CB5624E90432377A69485B38A1399A
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XW0-0R1rOf-zRawiOKs8_7BIs20.roa
Signing time: Sat 03 Aug 2024 15:11:04 +0000
ROA not before: Sat 03 Aug 2024 15:11:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49556
IP address blocks: 5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.47.0/24 maxlen: 24
89.44.240.0/24 maxlen: 24
89.44.241.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 02:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:18:cb:56:24:e9:04:32:37:7a:69:48:5b:38:a1:39:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Aug 3 15:11:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d6d3ed11d6b39ffb345ac2238ab3cffb048b36d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f5:e6:2b:c8:59:97:73:1e:fb:16:23:d9:f8:
0f:13:c7:78:1a:c3:4f:7a:24:d7:5f:00:92:40:8b:
dc:9c:8d:54:d4:f2:04:93:a4:c1:86:9c:91:b6:b8:
de:f9:48:cb:16:3d:30:3c:23:07:e2:9d:ed:42:4b:
77:61:e7:fc:0a:de:aa:95:29:62:ef:ee:88:e7:34:
3d:75:a4:62:d7:fc:a8:34:a1:72:8d:d5:e1:46:17:
6f:19:93:0e:12:dc:65:2f:de:1e:51:ca:cd:4d:32:
c7:77:f5:42:60:a0:d8:81:8d:6f:b0:ca:5d:8f:3c:
d6:a5:7c:84:3a:ec:ab:65:10:25:f4:27:6d:fc:55:
1d:79:32:bc:ea:67:32:9a:57:d4:48:f1:bd:1c:fb:
56:0d:8f:7a:34:d9:0f:a5:e8:20:b9:c8:7f:71:99:
99:f2:3a:76:35:90:71:59:22:38:e0:1f:a2:fc:82:
3e:34:26:f9:fd:28:2e:8c:24:e5:0b:56:92:c7:ef:
bf:d1:6b:4b:2d:6f:b3:3d:80:fd:2c:8d:2b:81:0f:
a5:db:e4:1f:33:4b:be:88:fa:b5:da:cc:b3:01:0d:
b3:e5:d5:77:1c:ff:55:02:c8:10:70:46:cc:46:ec:
4f:10:c2:67:fe:f5:9f:b3:b7:2c:4d:2e:ad:d3:7e:
92:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6D:3E:D1:1D:6B:39:FF:B3:45:AC:22:38:AB:3C:FF:B0:48:B3:6D
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/XW0-0R1rOf-zRawiOKs8_7BIs20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0-45.94.215.255
89.42.47.0/24
89.44.240.0/23
185.239.0.0/24
185.239.2.0/24
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:e9:6d:ca:60:9f:f5:05:9c:a6:59:41:eb:17:cf:ec:5a:d2:
27:14:c3:1d:ef:da:0b:93:03:b4:8b:9b:a7:dd:d7:02:7c:3b:
24:75:d5:c1:2a:10:4c:09:e2:d5:c7:c2:21:f3:01:32:aa:5a:
4c:be:2f:0c:17:d1:75:b0:6d:12:0a:63:22:59:d7:55:c1:74:
d2:6e:cc:b5:a1:42:6f:24:da:ad:14:6f:1f:c5:c2:b8:12:32:
07:a5:53:25:9f:9b:d9:cc:e4:ab:8a:ab:06:7a:94:b2:0e:97:
02:e3:f5:c9:5d:2b:2e:4c:4e:d6:98:bc:eb:ce:c3:d6:b1:a9:
d5:99:61:30:2e:fd:f7:0e:95:61:a7:ff:dc:b0:dc:74:97:2e:
4e:91:ee:e2:bd:a9:a1:92:10:82:35:8a:9f:75:4c:c2:92:68:
5b:8a:ee:09:51:81:98:da:c9:2b:e7:54:13:68:b3:3d:b9:2d:
65:fb:27:83:07:a7:18:ad:1c:8d:45:98:45:7b:b9:a6:9f:07:
8b:70:90:59:27:3b:86:61:2a:62:62:ce:17:75:e2:6e:cf:e9:
f3:7d:e5:3b:8b:ac:31:c9:56:f2:35:cd:7e:84:fb:09:d8:38:
2a:e1:8a:e1:10:2c:1a:1f:62:f3:53:e5:d0:e3:7d:34:aa:f4:
5b:80:65:4c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZEYy1Yk6QQyN3ppSFs4oTmaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwODAzMTUxMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZkM2VkMTFkNmIzOWZmYjM0NWFjMjIzOGFiM2NmZmIwNDhiMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPXmK8hZl3Me+xYj2fgPE8d4GsNP
eiTXXwCSQIvcnI1U1PIEk6TBhpyRtrje+UjLFj0wPCMH4p3tQkt3Yef8Ct6qlSli
7+6I5zQ9daRi1/yoNKFyjdXhRhdvGZMOEtxlL94eUcrNTTLHd/VCYKDYgY1vsMpd
jzzWpXyEOuyrZRAl9Cdt/FUdeTK86mcymlfUSPG9HPtWDY96NNkPpegguch/cZmZ
8jp2NZBxWSI44B+i/II+NCb5/SgujCTlC1aSx++/0WtLLW+zPYD9LI0rgQ+l2+Qf
M0u+iPq12syzAQ2z5dV3HP9VAsgQcEbMRuxPEMJn/vWfs7csTS6t036SUwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFF1tPtEdazn/s0WsIjirPP+wSLNtMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWFcwLTBSMXJPZi16UmF3aU9LczhfN0JJczIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABZ8xAwQA
BZ82MAwDBAAtXtUDBAMtXtADBABZKi8DBAFZLPADBAC57wADBAC57wIDBAC81GMw
DQYJKoZIhvcNAQELBQADggEBAKfpbcpgn/UFnKZZQesXz+xa0icUwx3v2guTA7SL
m6fd1wJ8OyR11cEqEEwJ4tXHwiHzATKqWky+LwwX0XWwbRIKYyJZ11XBdNJuzLWh
Qm8k2q0Ubx/FwrgSMgelUyWfm9nM5KuKqwZ6lLIOlwLj9cldKy5MTtaYvOvOw9ax
qdWZYTAu/fcOlWGn/9yw3HSXLk6R7uK9qaGSEII1ip91TMKSaFuK7glRgZjaySvn
VBNosz25LWX7J4MHpxitHI1FmEV7uaafB4twkFknO4ZhKmJizhd14m7P6fN95TuL
rDHJVvI1zX6E+wnYOCrhiuEQLBofYvNT5dDjfTSq9FuAZUw=
-----END CERTIFICATE-----
Generated at Tue Aug 20 06:00:10 2024 by rpki-client on console-ams.rpki-client.org