Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/XzVHwsK0FEuDqeHVjVTFceDXdm8.roa
File: XzVHwsK0FEuDqeHVjVTFceDXdm8.roa (raw, json)
Hash identifier: kf/LwpjPhLnEJ1UUhYHPMFPxSdl8XcacPW8LisrvQiM=
Subject key identifier: 5F:35:47:C2:C2:B4:14:4B:83:A9:E1:D5:8D:54:C5:71:E0:D7:76:6F
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018F90EE41CDAAD1977780C3476D35EB519B
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/XzVHwsK0FEuDqeHVjVTFceDXdm8.roa
Signing time: Sun 19 May 2024 12:58:04 +0000
ROA not before: Sun 19 May 2024 12:58:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/18 maxlen: 18
5.201.128.0/21 maxlen: 21
5.201.128.0/22 maxlen: 22
5.201.138.0/24 maxlen: 24
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.144.0/23 maxlen: 23
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
5.201.162.0/24 maxlen: 24
5.201.168.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
37.156.30.0/23 maxlen: 23
37.156.31.0/24 maxlen: 24
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
89.37.8.0/24 maxlen: 24
89.37.12.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
89.37.15.0/24 maxlen: 24
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.8.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.12.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
92.114.20.0/23 maxlen: 23
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
92.114.25.0/24 maxlen: 24
92.114.28.0/22 maxlen: 22
94.101.128.0/20 maxlen: 24
94.101.128.0/21 maxlen: 21
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.84.0/24 maxlen: 24
185.103.85.0/24 maxlen: 24
185.135.228.0/22 maxlen: 22
185.135.230.0/24 maxlen: 24
185.135.231.0/24 maxlen: 24
185.136.100.0/22 maxlen: 22
185.162.40.0/22 maxlen: 22
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
185.182.220.0/22 maxlen: 22
185.182.220.0/24 maxlen: 24
185.182.221.0/24 maxlen: 24
185.182.222.0/23 maxlen: 23
188.213.64.0/20 maxlen: 21
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
2a00:5ca0::/29 maxlen: 29
2a00:5ca0::/31 maxlen: 31
2a00:5ca0::/32 maxlen: 32
2a00:5ca2::/31 maxlen: 31
2a00:5ca4::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 20 May 2024 08:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:90:ee:41:cd:aa:d1:97:77:80:c3:47:6d:35:eb:51:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: May 19 12:58:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f3547c2c2b4144b83a9e1d58d54c571e0d7766f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f0:dd:0b:db:7c:b3:df:b1:58:11:be:83:3f:
f4:0e:ba:33:c0:0a:e2:06:bd:c0:61:ac:14:9b:6f:
09:5d:07:eb:79:fe:be:44:1f:9b:3d:f8:ea:c3:20:
b3:4c:ec:5a:f0:1d:30:22:bd:28:17:84:46:ad:a1:
fd:74:35:e6:72:1e:33:a3:2c:fd:52:6c:0c:82:79:
8c:37:ee:9a:77:a2:70:3b:b1:f2:b4:ab:80:f9:8e:
80:ee:96:c6:e0:5a:d3:b4:22:91:c7:25:59:0b:06:
71:71:8d:75:8b:3b:48:e0:91:19:4d:5f:d3:c9:93:
77:ca:db:7f:cc:2c:a8:5d:dd:ce:33:e6:ee:15:bd:
c0:17:db:58:43:e0:84:0f:ad:fe:19:b8:e2:a3:e2:
64:0a:84:59:3e:87:36:bd:1a:6d:c2:e7:ce:57:5f:
d9:3b:47:eb:c9:0a:02:b5:79:5a:66:73:92:36:03:
f2:23:12:40:92:8f:8f:25:6e:5d:17:7b:7d:97:6a:
32:b6:95:73:23:68:59:9c:f5:82:c7:73:3b:7a:ef:
5d:8c:b7:62:2d:e0:a3:d3:b9:e3:27:d4:83:3f:be:
1f:22:ba:4d:76:8d:1f:27:16:d6:e2:3f:f3:97:ca:
b3:2e:c3:6b:69:f4:a5:c6:69:69:92:4b:78:cb:33:
31:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:35:47:C2:C2:B4:14:4B:83:A9:E1:D5:8D:54:C5:71:E0:D7:76:6F
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/XzVHwsK0FEuDqeHVjVTFceDXdm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/29
Signature Algorithm: sha256WithRSAEncryption
65:a9:e4:06:e1:1c:6a:d4:d4:ea:2a:fd:e5:9c:2e:52:39:3f:
a0:bf:88:30:1e:52:35:ba:b8:f8:ba:f8:fb:f1:9c:af:4d:8b:
e5:9a:cc:5a:db:fc:cd:8e:0c:9f:29:f6:cf:2d:2a:79:64:fd:
a4:32:e8:dc:38:fa:70:bb:9f:93:29:dd:80:2e:65:97:b5:63:
22:07:49:c0:4d:d5:5e:9c:d8:9e:c8:25:65:f0:8c:f1:22:dd:
e2:dd:0b:ae:20:3d:6d:80:07:93:0c:94:a1:8d:67:58:e4:fc:
e6:79:49:94:64:97:94:e4:7d:be:83:b2:d0:03:50:22:85:58:
cd:b8:a4:35:ac:e6:9f:97:6c:a5:80:a8:64:fe:cc:a2:81:15:
98:44:c0:8d:86:6c:a5:7f:35:f8:a1:89:9e:e3:87:7e:90:44:
1c:e0:4f:2e:82:e4:52:a2:c3:e4:0d:9e:e1:ca:9d:45:c5:01:
89:85:f8:d2:d5:93:fc:5d:c7:a1:42:99:42:e4:0a:13:53:f5:
de:8b:f0:3c:de:fd:cf:d5:13:38:b0:f4:7f:80:fa:01:68:4c:
28:3d:62:56:1a:d4:cf:ba:12:85:3b:99:7b:82:ff:f7:7c:8f:
d5:d7:96:5a:e5:43:b6:57:bd:3d:82:39:e9:8b:79:9a:ce:5a:
e6:34:50:22
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY+Q7kHNqtGXd4DDR20161GbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwNTE5MTI1ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM1NDdjMmMyYjQxNDRiODNhOWUxZDU4ZDU0YzU3MWUwZDc3NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/DdC9t8s9+xWBG+gz/0DrozwAri
Br3AYawUm28JXQfref6+RB+bPfjqwyCzTOxa8B0wIr0oF4RGraH9dDXmch4zoyz9
UmwMgnmMN+6ad6JwO7HytKuA+Y6A7pbG4FrTtCKRxyVZCwZxcY11iztI4JEZTV/T
yZN3ytt/zCyoXd3OM+buFb3AF9tYQ+CED63+Gbjio+JkCoRZPoc2vRptwufOV1/Z
O0fryQoCtXlaZnOSNgPyIxJAko+PJW5dF3t9l2oytpVzI2hZnPWCx3M7eu9djLdi
LeCj07njJ9SDP74fIrpNdo0fJxbW4j/zl8qzLsNrafSlxmlpkkt4yzMxjwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFF81R8LCtBRLg6nh1Y1UxXHg13ZvMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvWHpWSHdzSzBGRXVEcWVIVmpWVEZjZURYZG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQMqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBlqeQG
4Rxq1NTqKv3lnC5SOT+gv4gwHlI1urj4uvj78ZyvTYvlmsxa2/zNjgyfKfbPLSp5
ZP2kMujcOPpwu5+TKd2ALmWXtWMiB0nATdVenNieyCVl8IzxIt3i3QuuID1tgAeT
DJShjWdY5PzmeUmUZJeU5H2+g7LQA1AihVjNuKQ1rOafl2ylgKhk/syigRWYRMCN
hmylfzX4oYme44d+kEQc4E8uguRSosPkDZ7hyp1FxQGJhfjS1ZP8XcehQplC5AoT
U/Xei/A83v3P1RM4sPR/gPoBaEwoPWJWGtTPuhKFO5l7gv/3fI/V15Za5UO2V709
gjnpi3mazlrmNFAi
-----END CERTIFICATE-----
Generated at Wed Apr 23 15:34:58 2025 by rpki-client