Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/XNydHLnaayQpN3Iny8QuYJPwgSQ.roa
File: XNydHLnaayQpN3Iny8QuYJPwgSQ.roa (raw, json)
Hash identifier: Y3MUWQStDVIuUFmX8EkPgUIEr7o0O9hwnCqMtyfKE0g=
Subject key identifier: 5C:DC:9D:1C:B9:DA:6B:24:29:37:72:27:CB:C4:2E:60:93:F0:81:24
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 019344B4A62870198A97AA56C4BEA3A3242E
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/XNydHLnaayQpN3Iny8QuYJPwgSQ.roa
Signing time: Tue 19 Nov 2024 13:55:09 +0000
ROA not before: Tue 19 Nov 2024 13:55:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48551
IP address blocks: 31.193.186.0/24 maxlen: 24
45.94.252.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.150.150.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
91.217.177.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
185.63.114.0/24 maxlen: 24
185.74.221.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.128.40.0/24 maxlen: 24
185.149.192.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
185.238.143.0/24 maxlen: 24
195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 20 Nov 2024 16:35:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:b4:a6:28:70:19:8a:97:aa:56:c4:be:a3:a3:24:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Nov 19 13:55:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cdc9d1cb9da6b2429377227cbc42e6093f08124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e0:ec:bb:d7:b5:0d:f2:b4:e7:ec:3e:5e:1f:
df:d7:a3:cd:6f:0e:69:82:99:f9:ab:46:1e:65:84:
99:8d:62:25:01:ca:24:b8:87:8b:13:52:69:2a:f0:
a8:b1:50:49:4d:b8:15:3a:92:08:01:ec:7c:67:20:
0e:cd:fd:9a:31:0e:9a:c5:a0:4b:be:28:f3:c1:68:
88:36:31:f2:91:30:62:a7:47:b2:5a:96:4c:e6:2d:
9f:57:e5:6c:d1:92:f7:2e:f4:7f:6f:d2:52:c9:85:
e6:8d:05:ab:39:82:72:3a:32:7a:77:a9:f7:dc:e9:
f4:f6:b6:66:41:55:ca:bb:8c:01:fc:2f:f7:ad:60:
0c:bc:1d:4f:c3:fd:ef:9e:b2:89:d9:e7:a5:52:dd:
49:06:81:d7:59:b1:69:12:d8:7d:65:4c:26:f6:eb:
fe:28:3b:f3:52:05:dc:15:cf:7d:8f:79:ff:27:0a:
fe:01:22:24:0a:fc:15:01:33:f5:76:bb:1b:02:53:
8b:fb:f3:0d:50:3c:95:25:00:a2:e8:24:a9:1c:cc:
3e:be:ff:b8:16:8f:c4:b5:57:3e:98:a8:81:54:49:
38:9e:61:bf:f3:91:9c:35:34:d8:75:52:d4:b4:ec:
63:4e:cc:2c:b5:17:0e:8b:4a:f0:31:fe:a6:96:46:
c7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DC:9D:1C:B9:DA:6B:24:29:37:72:27:CB:C4:2E:60:93:F0:81:24
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/XNydHLnaayQpN3Iny8QuYJPwgSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.186.0/24
45.94.252.0/24
45.94.254.0/23
45.150.150.0/24
45.159.196.0/22
91.217.177.0/24
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.63.114.0/24
185.74.221.0/24
185.86.180.0/23
185.128.40.0/24
185.149.192.0/24
185.236.36.0/22
185.238.143.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
9c:38:c9:cc:78:96:90:ff:db:ab:b5:b9:6f:80:78:d8:6e:41:
80:76:af:c9:81:9b:78:40:b6:ab:4b:27:39:b2:06:50:1c:2f:
ab:9a:a2:2c:51:c7:00:6d:6e:a3:0e:35:b9:fc:e1:73:14:85:
1e:d3:4f:a5:fe:56:a7:7d:3a:32:c1:12:56:5c:79:a0:17:d7:
e8:27:c9:3e:9d:0b:78:fc:b0:8c:86:35:d3:7d:bb:21:09:05:
e6:cf:f1:da:5a:c6:a5:33:6f:c8:cb:33:c0:fd:b5:52:c2:49:
b1:cf:9c:80:8c:fe:c8:2e:6c:c7:c5:30:27:5d:9e:ad:45:a8:
8b:f5:a6:89:89:8a:44:34:d4:62:a6:5c:12:fd:43:d0:d8:c2:
80:2c:d4:3b:63:68:65:86:e0:7b:8a:df:78:b9:89:df:7e:7e:
c0:09:c1:5a:18:40:a2:72:89:fa:13:6f:13:14:c0:bf:00:68:
a8:a7:b7:07:3e:7b:d7:cd:17:26:6f:9a:66:fa:fb:d1:40:2d:
fe:ea:50:95:ae:ab:1b:d3:a2:a5:ec:dc:ef:3e:66:4d:27:72:
94:18:be:53:63:4e:5f:59:78:d8:30:ac:25:c4:3d:ae:92:a8:
13:bd:95:4c:bb:24:d8:96:4f:23:27:13:a0:4e:c9:13:09:b0:
b1:72:6b:b1
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZNEtKYocBmKl6pWxL6joyQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjQxMTE5MTM1NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RjOWQxY2I5ZGE2YjI0MjkzNzcyMjdjYmM0MmU2MDkzZjA4MTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ODsu9e1DfK05+w+Xh/f16PNbw5p
gpn5q0YeZYSZjWIlAcokuIeLE1JpKvCosVBJTbgVOpIIAex8ZyAOzf2aMQ6axaBL
vijzwWiINjHykTBip0eyWpZM5i2fV+Vs0ZL3LvR/b9JSyYXmjQWrOYJyOjJ6d6n3
3On09rZmQVXKu4wB/C/3rWAMvB1Pw/3vnrKJ2eelUt1JBoHXWbFpEth9ZUwm9uv+
KDvzUgXcFc99j3n/Jwr+ASIkCvwVATP1drsbAlOL+/MNUDyVJQCi6CSpHMw+vv+4
Fo/EtVc+mKiBVEk4nmG/85GcNTTYdVLUtOxjTswstRcOi0rwMf6mlkbHWwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFFzcnRy52mskKTdyJ8vELmCT8IEkMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvWE55ZEhMbmFheVFwTjNJbnk4UXVZSlB3Z1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQAH8G6
AwQALV78AwQBLV7+AwQALZaWAwQCLZ/EAwQAW9mxAwQCZ9g8AwQAnXe8AwQBnXe+
AwQAuT9yAwQAuUrdAwQBuVa0AwQAuYAoAwQAuZXAAwQCuewkAwQAue6PAwQBw3IE
AwQBw3IIMA0EAgACMAcDBQMqDZUAMA0GCSqGSIb3DQEBCwUAA4IBAQCcOMnMeJaQ
/9urtblvgHjYbkGAdq/JgZt4QLarSyc5sgZQHC+rmqIsUccAbW6jDjW5/OFzFIUe
00+l/lanfToywRJWXHmgF9foJ8k+nQt4/LCMhjXTfbshCQXmz/HaWsalM2/IyzPA
/bVSwkmxz5yAjP7ILmzHxTAnXZ6tRaiL9aaJiYpENNRiplwS/UPQ2MKALNQ7Y2hl
huB7it94uYnffn7ACcFaGECicon6E28TFMC/AGiop7cHPnvXzRcmb5pm+vvRQC3+
6lCVrqsb06Kl7NzvPmZNJ3KUGL5TY05fWXjYMKwlxD2ukqgTvZVMuyTYlk8jJxOg
TskTCbCxcmux
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:08 2025 by rpki-client