Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/XPTKZeOR8mczf78aQkG8pTqaU7Q.roa
File: XPTKZeOR8mczf78aQkG8pTqaU7Q.roa (raw, json)
Hash identifier: MvQo6MEyDNfCAp03ZK0P6WQSV2tnZ/d3kPuoFWBh0WA=
Subject key identifier: 5C:F4:CA:65:E3:91:F2:67:33:7F:BF:1A:42:41:BC:A5:3A:9A:53:B4
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018BD2C8CF4367912D8F0CB13C7082679F66
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/XPTKZeOR8mczf78aQkG8pTqaU7Q.roa
Signing time: Wed 15 Nov 2023 11:40:57 +0000
ROA not before: Wed 15 Nov 2023 11:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 151.238.143.0/24 maxlen: 24
151.238.144.0/23 maxlen: 23
151.238.140.0/23 maxlen: 23
151.247.232.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
151.247.236.0/22 maxlen: 22
151.247.237.0/24 maxlen: 24
151.247.238.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
151.247.240.0/24 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.242.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.241.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.243.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.248.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.59.3.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.0.0/23 maxlen: 23
31.58.254.0/24 maxlen: 24
31.59.4.0/24 maxlen: 24
31.59.8.0/24 maxlen: 24
31.59.9.0/24 maxlen: 24
31.59.15.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.58.238.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
31.58.240.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
94.182.57.0/24 maxlen: 24
94.182.56.0/22 maxlen: 22
94.182.58.0/24 maxlen: 24
94.182.56.0/24 maxlen: 24
94.182.61.0/24 maxlen: 24
94.182.60.0/22 maxlen: 22
94.182.60.0/24 maxlen: 24
94.182.62.0/24 maxlen: 24
94.182.59.0/24 maxlen: 24
94.182.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:c8:cf:43:67:91:2d:8f:0c:b1:3c:70:82:67:9f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Nov 15 11:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cf4ca65e391f267337fbf1a4241bca53a9a53b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d7:7a:ea:2c:b2:42:36:eb:a4:fa:30:0a:dc:
42:e8:b4:af:75:5b:d4:02:e2:ef:80:a6:68:85:12:
2e:2b:e4:69:70:1e:22:d0:f8:8f:8e:f5:9d:fe:91:
ab:1a:df:3c:79:b0:c1:a3:7a:0f:74:cc:0a:4e:12:
c5:33:8b:da:d8:88:f2:26:c6:11:8d:80:a9:0b:67:
37:11:f4:72:0c:16:3f:c1:f2:f3:38:e3:96:5c:bf:
ec:31:21:a0:fc:f5:ef:08:e9:81:8e:d4:6d:ca:fa:
45:38:63:bf:30:f4:d5:26:7a:88:fc:6a:12:29:b5:
74:2f:e0:4b:7c:9d:5b:73:8a:f5:8d:1c:41:65:2a:
c0:a0:a7:ed:5d:13:9f:0d:9c:d0:cf:b9:c5:4b:cf:
c6:84:9e:f9:e9:53:b4:18:a8:36:f5:9a:87:79:96:
77:fc:e1:61:30:88:d6:18:65:a4:85:b1:57:01:78:
80:1c:cf:27:5b:c9:ea:e8:4e:ad:f3:71:07:7a:7c:
45:a7:2a:49:22:b0:02:13:9f:bf:53:8f:31:c7:aa:
77:93:f3:91:bd:68:c9:87:03:e9:e4:70:6c:81:9e:
6c:fc:e2:f8:89:82:ce:03:29:73:2f:5a:af:5a:36:
3e:80:e3:3a:2e:bf:e8:22:dd:9b:da:4c:6b:05:98:
ac:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F4:CA:65:E3:91:F2:67:33:7F:BF:1A:42:41:BC:A5:3A:9A:53:B4
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/XPTKZeOR8mczf78aQkG8pTqaU7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.236.0-31.59.1.255
31.59.3.0-31.59.4.255
31.59.8.0/23
31.59.12.0/22
94.182.56.0/21
151.238.140.0/23
151.238.143.0-151.238.145.255
151.247.228.0-151.247.241.255
Signature Algorithm: sha256WithRSAEncryption
8c:fb:7e:4e:50:6a:73:28:ec:eb:40:73:f3:a6:4a:65:aa:ca:
24:61:67:d5:fc:40:1d:cc:50:34:34:77:c7:04:c4:e5:eb:10:
49:c9:05:bd:8e:c4:be:02:84:dc:e6:b2:ef:70:cb:0c:61:c1:
97:41:a2:8a:a3:91:29:ec:b7:a6:c0:ed:67:8b:59:ef:64:3b:
84:a4:d8:61:42:b6:55:af:e5:f8:60:b7:2d:a0:c4:9f:e8:1c:
6c:b6:15:a1:d5:dd:a8:6a:4a:eb:a6:7b:ca:e6:3c:de:41:df:
00:40:26:2a:3f:1a:0c:be:8d:8f:c1:62:67:a9:0d:ee:af:63:
49:ce:aa:08:1f:e3:73:b4:ad:bf:4f:f1:ae:5c:7d:51:cd:9c:
9d:31:e2:72:c5:1e:54:e5:a6:45:e1:80:90:42:08:53:7f:27:
05:2f:44:5d:db:c2:e8:3e:c7:27:6c:e9:7f:ba:56:d7:be:f1:
6d:d8:98:3a:85:63:e5:ac:84:f2:1a:1b:08:b6:4f:7c:e8:cd:
1a:82:f9:d6:dd:af:15:90:e9:0a:e2:85:7d:9d:4e:45:7f:0b:
d5:d0:69:1b:13:6e:26:ad:6c:c6:dd:72:47:1d:b2:9a:5a:25:
e2:78:db:e5:c2:02:7f:9e:38:03:56:4f:c3:47:11:26:d9:48:
67:92:57:3c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYvSyM9DZ5EtjwyxPHCCZ59mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMTE1MTE0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y0Y2E2NWUzOTFmMjY3MzM3ZmJmMWE0MjQxYmNhNTNhOWE1M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNd66iyyQjbrpPowCtxC6LSvdVvU
AuLvgKZohRIuK+RpcB4i0PiPjvWd/pGrGt88ebDBo3oPdMwKThLFM4va2IjyJsYR
jYCpC2c3EfRyDBY/wfLzOOOWXL/sMSGg/PXvCOmBjtRtyvpFOGO/MPTVJnqI/GoS
KbV0L+BLfJ1bc4r1jRxBZSrAoKftXROfDZzQz7nFS8/GhJ756VO0GKg29ZqHeZZ3
/OFhMIjWGGWkhbFXAXiAHM8nW8nq6E6t83EHenxFpypJIrACE5+/U48xx6p3k/OR
vWjJhwPp5HBsgZ5s/OL4iYLOAylzL1qvWjY+gOM6Lr/oIt2b2kxrBZisMQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFFz0ymXjkfJnM3+/GkJBvKU6mlO0MB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvWFBUS1plT1I4bWN6Zjc4YVFrRzhwVHFhVTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAIfOuwD
BAEfOwAwDAMEAB87AwMEAB87BAMEAR87CAMEAh87DAMEA162OAMEAZfujDAMAwQA
l+6PAwQBl+6QMAwDBAKX9+QDBAGX9/AwDQYJKoZIhvcNAQELBQADggEBAIz7fk5Q
anMo7OtAc/OmSmWqyiRhZ9X8QB3MUDQ0d8cExOXrEEnJBb2OxL4ChNzmsu9wywxh
wZdBooqjkSnst6bA7WeLWe9kO4Sk2GFCtlWv5fhgty2gxJ/oHGy2FaHV3ahqSuum
e8rmPN5B3wBAJio/Ggy+jY/BYmepDe6vY0nOqggf43O0rb9P8a5cfVHNnJ0x4nLF
HlTlpkXhgJBCCFN/JwUvRF3bwug+xyds6X+6Vte+8W3YmDqFY+WshPIaGwi2T3zo
zRqC+dbdrxWQ6QrihX2dTkV/C9XQaRsTbiatbMbdckcdsppaJeJ42+XCAn+eOANW
T8NHESbZSGeSVzw=
-----END CERTIFICATE-----
Generated at Sat Nov 18 12:47:49 2023 by rpki-client on console-fra.rpki-client.org