Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/XNz1FuKZrZQUuKVClF4eU1P7BHk.roa
File: XNz1FuKZrZQUuKVClF4eU1P7BHk.roa (raw, json)
Hash identifier: tpHmMeF3FnVPxsNAX3V38Zv37fzulvGTBpFP0ZyTf7U=
Subject key identifier: 5C:DC:F5:16:E2:99:AD:94:14:B8:A5:42:94:5E:1E:53:53:FB:04:79
Certificate issuer: /CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Certificate serial: 0192522858FB6CDE4A959D0D87891A0C1258
Authority key identifier: C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/XNz1FuKZrZQUuKVClF4eU1P7BHk.roa
Signing time: Thu 03 Oct 2024 11:33:48 +0000
ROA not before: Thu 03 Oct 2024 11:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211381
IP address blocks: 45.66.10.0/24 maxlen: 24
45.88.76.0/24 maxlen: 24
45.88.105.0/24 maxlen: 24
45.91.200.0/24 maxlen: 24
45.91.201.0/24 maxlen: 24
45.91.202.0/24 maxlen: 24
45.132.107.0/24 maxlen: 24
77.83.175.0/24 maxlen: 24
91.211.248.0/24 maxlen: 24
91.211.249.0/24 maxlen: 24
92.119.114.0/24 maxlen: 24
185.203.241.0/24 maxlen: 24
185.209.20.0/24 maxlen: 24
185.209.21.0/24 maxlen: 24
185.219.81.0/24 maxlen: 24
185.219.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 18:17:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:28:58:fb:6c:de:4a:95:9d:0d:87:89:1a:0c:12:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d369e66cdbe30d7b3aff6081f20c17a98fdc5b
Validity
Not Before: Oct 3 11:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cdcf516e299ad9414b8a542945e1e5353fb0479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a1:1a:af:59:95:1e:38:d9:3d:19:e5:ad:eb:
6e:bf:d8:c3:d1:ee:cc:cf:7d:d7:7c:5c:6a:63:7c:
be:7b:68:c5:31:4b:57:c2:44:62:97:e6:29:4b:54:
44:c0:cb:1f:36:a8:15:87:de:ba:67:92:b7:3a:ed:
0e:3c:f8:a9:20:a2:8a:ae:2e:79:81:b1:e4:76:6d:
68:02:8c:0d:97:92:83:34:70:8e:81:e9:6e:88:ac:
14:ad:37:bb:cf:64:c9:9a:02:1d:e4:08:70:3d:3f:
a0:10:30:20:84:be:7a:c7:69:8b:7a:a2:5b:e4:6f:
de:88:ff:af:62:4b:a5:5e:3d:e9:db:98:48:70:94:
96:76:b2:13:97:b6:f1:0d:c4:15:3c:da:3e:57:e6:
cf:32:87:49:2a:ad:a8:e1:f8:6d:8e:ad:31:42:81:
31:65:f3:c8:09:9b:48:3c:7f:37:80:0d:3f:a6:c8:
3b:ce:9e:2f:22:98:bf:77:5e:ea:e0:e4:a8:d9:5d:
87:70:59:06:ca:34:84:a5:9f:31:55:1b:5d:cb:03:
7d:ee:2c:39:a7:34:14:03:87:57:25:68:1d:d7:56:
00:0a:01:d3:11:5a:f3:2e:46:0e:78:b6:ac:d6:da:
f3:6d:69:5a:4e:30:35:ee:18:d6:a6:35:a1:8a:56:
3b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DC:F5:16:E2:99:AD:94:14:B8:A5:42:94:5E:1E:53:53:FB:04:79
X509v3 Authority Key Identifier:
keyid:C1:D3:69:E6:6C:DB:E3:0D:7B:3A:FF:60:81:F2:0C:17:A9:8F:DC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/XNz1FuKZrZQUuKVClF4eU1P7BHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/224351-3a47-4014-b395-a63479610968/1/wdNp5mzb4w17Ov9ggfIMF6mP3Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.10.0/24
45.88.76.0/24
45.88.105.0/24
45.91.200.0-45.91.202.255
45.132.107.0/24
77.83.175.0/24
91.211.248.0/23
92.119.114.0/24
185.203.241.0/24
185.209.20.0/23
185.219.81.0/24
185.219.83.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:18:66:05:62:d6:6c:54:20:6f:e2:be:c4:4b:b7:1f:39:4b:
57:0c:9d:63:4d:b0:63:ca:6e:10:04:87:20:c6:f6:37:50:3b:
79:de:ae:d3:5f:c9:bd:65:54:2d:55:0b:44:bb:5b:11:63:5f:
c5:cf:95:75:00:b3:0b:b0:4a:a6:ee:1e:84:08:27:aa:f5:05:
2a:3a:9a:8e:36:56:15:3f:57:7e:4d:fd:d6:c9:69:e8:9d:bf:
4f:aa:19:86:cb:53:f9:89:0d:1e:4d:bb:54:02:dd:bb:bc:e4:
56:6f:4b:b8:e6:98:85:14:50:f9:b1:07:72:74:3e:8c:12:63:
06:2c:a2:be:a7:44:a8:84:1e:0e:01:f9:e5:6f:c8:d8:31:fa:
8e:ee:d2:80:10:a4:9c:52:5c:10:73:db:c4:e8:ba:f6:b4:98:
9f:c4:4b:ed:99:35:6f:31:49:9f:24:23:6a:82:4b:30:db:a7:
0b:ca:d9:ae:4f:08:41:2e:62:a0:a1:be:ea:88:ad:1f:59:00:
48:76:91:71:b9:df:8e:1e:f6:3c:03:09:9f:76:f8:35:ed:53:
48:65:76:ee:66:f4:06:76:92:98:e0:fe:83:ec:ea:42:30:87:
0f:7b:a1:78:72:cb:01:b2:3b:70:55:32:e4:7f:f4:72:cf:00:
cc:f7:5f:f3
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZJSKFj7bN5KlZ0Nh4kaDBJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDM2OWU2NmNkYmUzMGQ3YjNhZmY2MDgxZjIwYzE3YTk4
ZmRjNWIwHhcNMjQxMDAzMTEzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RjZjUxNmUyOTlhZDk0MTRiOGE1NDI5NDVlMWU1MzUzZmIwNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKEar1mVHjjZPRnlretuv9jD0e7M
z33XfFxqY3y+e2jFMUtXwkRil+YpS1REwMsfNqgVh966Z5K3Ou0OPPipIKKKri55
gbHkdm1oAowNl5KDNHCOgeluiKwUrTe7z2TJmgId5AhwPT+gEDAghL56x2mLeqJb
5G/eiP+vYkulXj3p25hIcJSWdrITl7bxDcQVPNo+V+bPModJKq2o4fhtjq0xQoEx
ZfPICZtIPH83gA0/psg7zp4vIpi/d17q4OSo2V2HcFkGyjSEpZ8xVRtdywN97iw5
pzQUA4dXJWgd11YACgHTEVrzLkYOeLas1trzbWlaTjA17hjWpjWhilY76QIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFFzc9Rbima2UFLilQpReHlNT+wR5MB8GA1UdIwQY
MBaAFMHTaeZs2+MNezr/YIHyDBepj9xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUt
YTYzNDc5NjEwOTY4LzEvWE56MUZ1S1pyWlFVdUtWQ2xGNGVVMVA3QkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yMjQzNTEtM2E0Ny00MDE0LWIzOTUtYTYzNDc5NjEwOTY4
LzEvd2ROcDVtemI0dzE3T3Y5Z2dmSU1GNm1QM0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALUIKAwQA
LVhMAwQALVhpMAwDBAMtW8gDBAAtW8oDBAAthGsDBABNU68DBAFb0/gDBABcd3ID
BAC5y/EDBAG50RQDBAC521EDBAC521MwDQYJKoZIhvcNAQELBQADggEBACoYZgVi
1mxUIG/ivsRLtx85S1cMnWNNsGPKbhAEhyDG9jdQO3nertNfyb1lVC1VC0S7WxFj
X8XPlXUAswuwSqbuHoQIJ6r1BSo6mo42VhU/V35N/dbJaeidv0+qGYbLU/mJDR5N
u1QC3bu85FZvS7jmmIUUUPmxB3J0PowSYwYsor6nRKiEHg4B+eVvyNgx+o7u0oAQ
pJxSXBBz28Touva0mJ/ES+2ZNW8xSZ8kI2qCSzDbpwvK2a5PCEEuYqChvuqIrR9Z
AEh2kXG5344e9jwDCZ92+DXtU0hldu5m9AZ2kpjg/oPs6kIwhw97oXhyywGyO3BV
MuR/9HLPAMz3X/M=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:44:29 2025 by rpki-client