Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/XpRFoZq2yllPgXF5lr8yZ17Ul98.roa
File: XpRFoZq2yllPgXF5lr8yZ17Ul98.roa (raw, json)
Hash identifier: jtrqUdYqxdXPdKFRsoIv8aoW84YIJFTroMxOF4cQ3Us=
Subject key identifier: 5E:94:45:A1:9A:B6:CA:59:4F:81:71:79:96:BF:32:67:5E:D4:97:DF
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 018A73E30C70FABE9024A048775730365386
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/XpRFoZq2yllPgXF5lr8yZ17Ul98.roa
Signing time: Fri 08 Sep 2023 08:22:54 +0000
ROA not before: Fri 08 Sep 2023 08:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 146.60.0.0/16 maxlen: 24
213.23.0.0/16 maxlen: 24
82.82.0.0/20 maxlen: 20
82.82.0.0/15 maxlen: 24
212.144.0.0/16 maxlen: 24
92.208.0.0/14 maxlen: 24
92.72.0.0/13 maxlen: 24
92.212.0.0/15 maxlen: 24
195.50.128.0/18 maxlen: 18
176.94.0.0/17 maxlen: 24
85.238.224.0/19 maxlen: 19
145.254.0.0/16 maxlen: 24
213.128.96.0/19 maxlen: 19
145.253.0.0/20 maxlen: 20
145.253.0.0/16 maxlen: 16
92.214.0.0/15 maxlen: 24
195.158.128.0/19 maxlen: 19
176.94.128.0/17 maxlen: 24
94.216.0.0/13 maxlen: 24
84.56.0.0/13 maxlen: 24
193.25.240.0/22 maxlen: 22
193.25.244.0/23 maxlen: 23
176.95.0.0/16 maxlen: 24
193.25.247.0/24 maxlen: 24
185.2.132.0/22 maxlen: 22
88.64.0.0/12 maxlen: 24
188.96.0.0/12 maxlen: 24
178.0.0.0/12 maxlen: 22
92.216.0.0/14 maxlen: 24
2a00:20::/32 maxlen: 42
2a00::/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:73:e3:0c:70:fa:be:90:24:a0:48:77:57:30:36:53:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Sep 8 08:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e9445a19ab6ca594f81717996bf32675ed497df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:67:0d:a2:77:16:ca:81:e9:6f:77:a3:96:f3:
e4:87:1f:4f:19:43:11:cd:c0:8b:67:af:dc:10:cf:
b4:fe:7e:1b:cd:20:ae:11:c4:7e:ce:f1:5f:84:41:
6d:2a:2d:25:54:01:fd:b9:93:49:c4:db:a2:88:14:
1a:00:df:48:90:66:cf:8c:19:f8:4c:fe:94:28:ce:
46:38:2a:67:cb:3b:2c:66:cb:44:5a:00:e1:50:59:
9a:20:ec:e5:25:c8:3d:d8:63:cb:97:3f:36:78:8b:
ab:b8:f1:36:d6:f1:09:44:5d:23:fd:1d:95:f1:14:
eb:85:8a:2f:8e:f5:43:a1:a6:14:23:b6:78:02:db:
56:43:76:32:b7:c0:83:0b:3e:f1:70:8a:27:68:b3:
c5:d2:6b:35:86:98:8a:21:e0:97:7b:8d:40:49:9d:
26:f1:2e:b1:6a:c8:dc:45:6a:ab:38:b7:3a:ac:a3:
09:ba:64:d6:a9:4a:52:00:f4:af:0a:de:62:9c:b3:
52:d3:0b:13:be:8c:9f:96:1d:4b:55:85:fd:fe:02:
b8:eb:e5:bf:99:3c:ee:0c:76:3d:3b:4b:0f:8a:65:
08:7b:34:55:ff:df:3f:0d:82:0f:af:85:a2:b1:ce:
60:40:21:b5:92:06:1d:ae:3b:89:66:04:b7:25:70:
81:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:94:45:A1:9A:B6:CA:59:4F:81:71:79:96:BF:32:67:5E:D4:97:DF
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/XpRFoZq2yllPgXF5lr8yZ17Ul98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.82.0.0/15
84.56.0.0/13
85.238.224.0/19
88.64.0.0/12
92.72.0.0/13
92.208.0.0-92.219.255.255
94.216.0.0/13
145.253.0.0-145.254.255.255
146.60.0.0/16
176.94.0.0/15
178.0.0.0/12
185.2.132.0/22
188.96.0.0/12
193.25.240.0-193.25.245.255
193.25.247.0/24
195.50.128.0/18
195.158.128.0/19
212.144.0.0/16
213.23.0.0/16
213.128.96.0/19
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
0b:cf:b9:cc:90:0f:5f:c4:f1:09:14:cb:eb:53:1c:26:3b:e6:
f7:8f:da:52:9f:ec:59:48:2d:77:fe:46:c7:4e:fc:98:3c:e6:
fa:96:44:41:84:19:ad:01:40:a6:dc:ec:c4:ac:7e:16:7f:08:
83:82:98:0f:f5:e5:55:c9:8a:f0:31:7d:a9:e3:6f:fb:5e:12:
ea:ac:5c:da:18:8e:9a:30:40:3d:a4:d0:a8:f7:99:c0:e4:c7:
38:f7:1a:04:04:b0:79:02:9e:cd:67:fe:4a:be:aa:82:eb:df:
01:a3:9c:f2:82:ca:a7:eb:a2:43:e2:19:10:d4:5b:c1:50:0a:
85:93:10:7c:50:de:81:07:fc:cb:b6:12:a4:d6:fc:ff:80:03:
97:09:69:80:65:23:a9:7c:42:c0:f7:93:0f:a8:fc:85:a8:5a:
15:c0:da:f9:1d:af:1f:bf:f4:f7:5a:be:32:99:b5:c3:69:05:
07:10:37:1e:a2:2e:3b:8c:9a:65:88:38:23:1e:d3:99:e7:c9:
ad:4a:2b:dd:f8:16:d8:62:ff:c1:45:91:62:08:a7:ad:5d:bf:
c4:22:e5:29:90:87:49:b4:0c:9d:93:eb:b9:33:64:a9:c5:80:
7a:5d:1c:35:86:3f:6d:29:ba:cb:dd:db:a6:12:8d:39:18:bb:
26:67:cd:43
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYpz4wxw+r6QJKBId1cwNlOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjMwOTA4MDgyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTk0NDVhMTlhYjZjYTU5NGY4MTcxNzk5NmJmMzI2NzVlZDQ5N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7mcNoncWyoHpb3ejlvPkhx9PGUMR
zcCLZ6/cEM+0/n4bzSCuEcR+zvFfhEFtKi0lVAH9uZNJxNuiiBQaAN9IkGbPjBn4
TP6UKM5GOCpnyzssZstEWgDhUFmaIOzlJcg92GPLlz82eIuruPE21vEJRF0j/R2V
8RTrhYovjvVDoaYUI7Z4AttWQ3Yyt8CDCz7xcIonaLPF0ms1hpiKIeCXe41ASZ0m
8S6xasjcRWqrOLc6rKMJumTWqUpSAPSvCt5inLNS0wsTvoyflh1LVYX9/gK46+W/
mTzuDHY9O0sPimUIezRV/98/DYIPr4Wisc5gQCG1kgYdrjuJZgS3JXCBpwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFF6URaGatspZT4FxeZa/Mmde1JffMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvWHBSRm9acTJ5bGxQZ1hGNWxyOHlaMTdVbDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBiAQCAAEwgYEDAwFS
UgMDA1Q4AwQFVe7gAwMEWEADAwNcSDAKAwMEXNADAwJc2AMDA17YMAoDAwCR/QMD
AJH+AwMAkjwDAwGwXgMDBLIAAwQCuQKEAwMEvGAwDAMEBMEZ8AMEAcEZ9AMEAMEZ
9wMEBsMygAMEBcOegAMDANSQAwMA1RcDBAXVgGAwDAQCAAIwBgMEAioAADANBgkq
hkiG9w0BAQsFAAOCAQEAC8+5zJAPX8TxCRTL61McJjvm94/aUp/sWUgtd/5Gx078
mDzm+pZEQYQZrQFAptzsxKx+Fn8Ig4KYD/XlVcmK8DF9qeNv+14S6qxc2hiOmjBA
PaTQqPeZwOTHOPcaBASweQKezWf+Sr6qguvfAaOc8oLKp+uiQ+IZENRbwVAKhZMQ
fFDegQf8y7YSpNb8/4ADlwlpgGUjqXxCwPeTD6j8hahaFcDa+R2vH7/091q+Mpm1
w2kFBxA3HqIuO4yaZYg4Ix7TmefJrUor3fgW2GL/wUWRYginrV2/xCLlKZCHSbQM
nZPruTNkqcWAel0cNYY/bSm6y93bphKNORi7JmfNQw==
-----END CERTIFICATE-----
Generated at Tue Nov 14 22:49:59 2023 by rpki-client on console-fra.rpki-client.org