Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/xhuKH62nVt4b1G-E_yHv1GAtv3k.roa
File: xhuKH62nVt4b1G-E_yHv1GAtv3k.roa (raw, json)
Hash identifier: 1DuDHuUY2b0Fijo206jPtodpK/ex4BlQsNvdgDv76gc=
Subject key identifier: C6:1B:8A:1F:AD:A7:56:DE:1B:D4:6F:84:FF:21:EF:D4:60:2D:BF:79
Certificate issuer: /CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Certificate serial: 018D6904C319C4799C06A2801428623EB28E
Authority key identifier: 76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/xhuKH62nVt4b1G-E_yHv1GAtv3k.roa
Signing time: Fri 02 Feb 2024 08:52:16 +0000
ROA not before: Fri 02 Feb 2024 08:52:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44702
IP address blocks: 5.199.184.0/22 maxlen: 22
5.199.184.0/24 maxlen: 24
5.199.185.0/24 maxlen: 24
5.199.186.0/24 maxlen: 24
5.199.187.0/24 maxlen: 24
45.142.196.0/24 maxlen: 24
45.142.198.0/24 maxlen: 24
79.134.128.0/22 maxlen: 22
79.134.128.0/24 maxlen: 24
79.134.129.0/24 maxlen: 24
79.134.130.0/24 maxlen: 24
79.134.131.0/24 maxlen: 24
79.134.132.0/22 maxlen: 22
79.134.132.0/24 maxlen: 24
79.134.133.0/24 maxlen: 24
79.134.134.0/24 maxlen: 24
79.134.135.0/24 maxlen: 24
79.134.136.0/22 maxlen: 22
79.134.136.0/24 maxlen: 24
79.134.137.0/24 maxlen: 24
79.134.138.0/24 maxlen: 24
79.134.139.0/24 maxlen: 24
79.134.140.0/22 maxlen: 22
79.134.140.0/24 maxlen: 24
79.134.141.0/24 maxlen: 24
79.134.142.0/24 maxlen: 24
79.134.143.0/24 maxlen: 24
79.134.144.0/22 maxlen: 22
79.134.144.0/24 maxlen: 24
79.134.145.0/24 maxlen: 24
79.134.146.0/24 maxlen: 24
79.134.147.0/24 maxlen: 24
79.134.148.0/22 maxlen: 22
79.134.148.0/24 maxlen: 24
79.134.149.0/24 maxlen: 24
79.134.150.0/24 maxlen: 24
79.134.151.0/24 maxlen: 24
79.134.152.0/22 maxlen: 22
79.134.152.0/24 maxlen: 24
79.134.153.0/24 maxlen: 24
79.134.154.0/24 maxlen: 24
79.134.155.0/24 maxlen: 24
79.134.156.0/22 maxlen: 22
79.134.156.0/24 maxlen: 24
79.134.157.0/24 maxlen: 24
79.134.158.0/24 maxlen: 24
79.134.159.0/24 maxlen: 24
185.139.220.0/22 maxlen: 22
185.139.220.0/24 maxlen: 24
185.139.221.0/24 maxlen: 24
185.139.222.0/24 maxlen: 24
185.139.223.0/24 maxlen: 24
2a07:140::/29 maxlen: 29
2a07:140::/32 maxlen: 32
2a07:141::/32 maxlen: 32
2a07:142::/32 maxlen: 32
2a07:143::/32 maxlen: 32
2a07:144::/32 maxlen: 32
2a07:145::/32 maxlen: 32
2a07:146::/32 maxlen: 32
2a07:147::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Feb 2024 05:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:04:c3:19:c4:79:9c:06:a2:80:14:28:62:3e:b2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Validity
Not Before: Feb 2 08:52:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c61b8a1fada756de1bd46f84ff21efd4602dbf79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:33:45:ea:08:07:a3:46:55:b3:38:97:af:99:
f4:e6:8a:c0:3f:62:46:5b:b0:6e:59:3c:5c:31:58:
7e:31:2e:81:62:a1:d3:3a:51:d1:e1:3a:c9:6e:e2:
83:60:4f:9f:3a:23:51:fe:d5:f2:c2:b1:ad:8f:55:
96:4a:c8:70:83:2d:df:c1:b5:eb:c5:90:e4:35:ef:
d1:db:d2:62:f2:c6:a7:f8:83:47:0b:a2:1e:5b:85:
f0:43:9b:0d:ec:ca:cd:fa:cc:92:25:70:79:2e:39:
0c:dc:f5:ee:c5:9e:cd:9d:33:cd:68:0a:6f:94:20:
72:d5:12:36:cf:9f:8a:df:58:67:a7:89:e7:39:18:
96:9d:31:07:df:51:e0:78:f0:26:0d:38:d1:23:41:
33:a1:48:ed:bc:7e:21:4d:4d:43:58:86:9a:5e:23:
56:e5:2a:3f:84:d1:78:3d:cd:02:0b:93:6c:94:ae:
d2:6d:63:c6:60:b5:47:7b:b5:a0:c2:af:ed:75:d1:
4c:98:c3:f2:13:cd:09:c8:28:ce:81:48:0e:ff:b7:
80:ef:4b:c4:f0:3e:f1:31:d9:3e:c4:29:6e:32:a4:
ec:11:83:41:c7:27:ce:43:fd:79:f4:16:a3:ad:f5:
b3:8b:9b:40:91:f0:05:63:90:6f:fc:a7:37:2f:ad:
32:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1B:8A:1F:AD:A7:56:DE:1B:D4:6F:84:FF:21:EF:D4:60:2D:BF:79
X509v3 Authority Key Identifier:
keyid:76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/xhuKH62nVt4b1G-E_yHv1GAtv3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.184.0/22
45.142.196.0/24
45.142.198.0/24
79.134.128.0/19
185.139.220.0/22
IPv6:
2a07:140::/29
Signature Algorithm: sha256WithRSAEncryption
17:2a:8a:7d:d9:05:f5:3c:a1:35:6d:a0:6a:9b:c7:d0:93:ec:
1d:c9:e3:14:07:df:75:10:49:f5:b4:e6:c6:eb:14:e5:82:87:
f0:bd:f1:da:ba:1a:1f:ff:de:56:c2:1a:b7:bf:0c:05:79:2a:
4a:3b:a3:7d:97:92:df:d2:71:b1:c8:7a:ae:2c:ee:73:35:40:
9a:5d:4a:e3:05:80:c6:8a:9e:20:99:95:77:0e:85:e9:cb:4e:
0e:9e:8a:62:05:73:83:5b:26:ae:18:5d:06:b8:6c:35:c2:89:
86:81:64:92:0e:e3:e1:1e:08:d2:78:57:64:45:c3:48:ad:70:
0d:a9:a8:ca:28:9d:ba:f8:d7:30:1e:a8:0c:07:44:4a:d9:f8:
8b:e0:61:74:ce:b6:63:62:16:12:f2:cc:ff:4a:4b:e2:f1:73:
9b:3b:3c:a6:75:c4:fd:a3:b6:4c:99:06:35:63:47:51:02:08:
a7:1e:a5:e0:33:3a:49:f1:df:79:03:a4:11:67:db:f1:79:37:
e4:1f:ac:e4:67:af:d3:81:5c:fb:8b:c6:64:19:05:3e:5e:cb:
bf:b2:8f:8a:7e:c7:f5:12:2c:f0:cf:32:a3:e4:01:c2:ba:ed:
5d:72:19:c9:fe:8c:c2:fb:b3:b0:cf:55:3c:bd:13:19:31:fe:
11:db:82:73
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY1pBMMZxHmcBqKAFChiPrKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2JjMDJhNTg1OTYyM2Y1NjNlYTg0YTZiYjBhMjkyMGQ1
YjNlOTEwHhcNMjQwMjAyMDg1MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFiOGExZmFkYTc1NmRlMWJkNDZmODRmZjIxZWZkNDYwMmRiZjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTNF6ggHo0ZVsziXr5n05orAP2JG
W7BuWTxcMVh+MS6BYqHTOlHR4TrJbuKDYE+fOiNR/tXywrGtj1WWSshwgy3fwbXr
xZDkNe/R29Ji8san+INHC6IeW4XwQ5sN7MrN+sySJXB5LjkM3PXuxZ7NnTPNaApv
lCBy1RI2z5+K31hnp4nnORiWnTEH31HgePAmDTjRI0EzoUjtvH4hTU1DWIaaXiNW
5So/hNF4Pc0CC5NslK7SbWPGYLVHe7Wgwq/tddFMmMPyE80JyCjOgUgO/7eA70vE
8D7xMdk+xCluMqTsEYNBxyfOQ/159BajrfWzi5tAkfAFY5Bv/Kc3L60ydQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMYbih+tp1beG9RvhP8h79RgLb95MB8GA1UdIwQY
MBaAFHZ7wCpYWWI/Vj6oSmuwopINWz6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTct
NjgxNTU0OGJmMzNmLzEveGh1S0g2Mm5WdDRiMUctRV95SHYxR0F0djNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTctNjgxNTU0OGJmMzNm
LzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBce4AwQA
LY7EAwQALY7GAwQFT4aAAwQCuYvcMA0EAgACMAcDBQMqBwFAMA0GCSqGSIb3DQEB
CwUAA4IBAQAXKop92QX1PKE1baBqm8fQk+wdyeMUB991EEn1tObG6xTlgofwvfHa
uhof/95Wwhq3vwwFeSpKO6N9l5Lf0nGxyHquLO5zNUCaXUrjBYDGip4gmZV3DoXp
y04OnopiBXODWyauGF0GuGw1womGgWSSDuPhHgjSeFdkRcNIrXANqajKKJ26+Ncw
HqgMB0RK2fiL4GF0zrZjYhYS8sz/Skvi8XObOzymdcT9o7ZMmQY1Y0dRAginHqXg
MzpJ8d95A6QRZ9vxeTfkH6zkZ6/TgVz7i8ZkGQU+Xsu/so+Kfsf1EizwzzKj5AHC
uu1dchnJ/ozC+7Owz1U8vRMZMf4R24Jz
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:25:23 2025 by rpki-client