Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/XeI4dOT2KokvM2zjr88UtJL0p1Y.roa
File: XeI4dOT2KokvM2zjr88UtJL0p1Y.roa (raw, json)
Hash identifier: VcYz6idShelVnOpgtHQzVXoldv6sw8B8dJ3zQOWUPyM=
Subject key identifier: 5D:E2:38:74:E4:F6:2A:89:2F:33:6C:E3:AF:CF:14:B4:92:F4:A7:56
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018FF2BB894A3096F0D92B7CBDAA9CB01375
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/XeI4dOT2KokvM2zjr88UtJL0p1Y.roa
Signing time: Fri 07 Jun 2024 12:45:27 +0000
ROA not before: Fri 07 Jun 2024 12:45:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15626
IP address blocks: 5.34.182.0/23 maxlen: 23
5.34.182.0/24 maxlen: 24
5.34.183.0/24 maxlen: 24
46.28.64.0/21 maxlen: 21
46.28.67.0/24 maxlen: 24
82.118.16.0/22 maxlen: 22
82.118.17.0/24 maxlen: 24
82.118.18.0/24 maxlen: 24
193.238.152.0/23 maxlen: 23
193.238.153.0/24 maxlen: 24
217.12.192.0/21 maxlen: 21
217.12.199.0/24 maxlen: 24
217.12.204.0/23 maxlen: 23
217.12.210.0/23 maxlen: 23
217.12.210.0/24 maxlen: 24
217.12.212.0/22 maxlen: 22
217.12.215.0/24 maxlen: 24
217.12.216.0/23 maxlen: 23
217.12.219.0/24 maxlen: 24
217.12.220.0/22 maxlen: 22
217.12.221.0/24 maxlen: 24
217.12.223.0/24 maxlen: 24
2a02:27a8::/32 maxlen: 32
2a02:27a8:feed::/48 maxlen: 48
2a02:27ad::/32 maxlen: 32
2a05:9407::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Aug 2024 14:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:bb:89:4a:30:96:f0:d9:2b:7c:bd:aa:9c:b0:13:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jun 7 12:45:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de23874e4f62a892f336ce3afcf14b492f4a756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:24:20:3c:b8:90:9f:9c:57:ec:58:b1:45:
e1:35:a0:7d:0c:f9:38:6d:28:46:10:3e:e1:3e:7d:
ae:99:90:1e:ee:2c:79:e6:ed:12:97:f2:6a:fe:4a:
e3:a7:73:07:6c:24:b1:fb:6a:e7:32:99:7b:eb:d3:
58:59:93:6f:36:ff:f9:81:eb:81:d1:d7:a1:9f:91:
00:0c:e7:cd:ed:9e:d8:61:3c:f2:54:a1:34:51:8c:
40:2c:bf:49:56:df:44:d6:c8:a0:dc:68:e2:2d:7c:
5d:89:f3:d4:5b:3b:d8:f2:c9:b5:c9:81:07:dd:58:
a6:2c:70:0f:62:7e:2e:f3:ab:8a:4c:f2:90:f6:b4:
02:bb:9b:be:af:89:57:98:61:5b:32:c2:b6:d0:14:
2c:91:98:be:d3:16:56:82:84:1d:11:5c:3b:27:8a:
4e:dc:0d:1d:a2:07:fd:5a:60:13:55:eb:72:26:4c:
0e:a6:36:73:8f:45:b0:a4:f4:4a:7d:0e:a8:e8:6b:
e9:c9:3c:b1:14:3e:ba:28:16:aa:e5:14:6b:03:ee:
1f:86:3e:4e:9c:e3:61:e4:2b:af:bf:f8:18:27:b8:
37:f0:98:1c:53:33:54:1f:2f:8d:97:5b:6d:37:a8:
74:68:8e:cd:62:38:02:b4:8c:b8:de:bd:79:e0:5c:
15:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E2:38:74:E4:F6:2A:89:2F:33:6C:E3:AF:CF:14:B4:92:F4:A7:56
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/XeI4dOT2KokvM2zjr88UtJL0p1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.182.0/23
46.28.64.0/21
82.118.16.0/22
193.238.152.0/23
217.12.192.0/21
217.12.204.0/23
217.12.210.0-217.12.217.255
217.12.219.0-217.12.223.255
IPv6:
2a02:27a8::/32
2a02:27ad::/32
2a05:9407::/32
Signature Algorithm: sha256WithRSAEncryption
3c:ed:7b:1d:c2:0d:9d:d3:fa:36:d2:ad:7b:f9:85:cf:0b:7a:
e1:35:cf:b7:62:6b:8a:8d:a5:52:bf:32:03:bc:3f:b5:e1:8b:
a9:ab:71:5e:d5:8e:90:0d:06:7c:8a:25:24:62:82:93:de:af:
e2:7a:9a:26:9b:ad:e3:fb:60:7c:24:0d:52:de:ac:56:25:5d:
66:0d:e5:8f:30:f5:b4:19:fd:fb:b7:ac:da:5f:69:44:11:42:
8e:a0:d5:73:7a:3c:71:6d:9a:49:df:81:19:c1:ae:4b:b7:29:
ba:f3:2e:47:c3:8a:cd:1a:2b:97:78:28:d8:06:fd:a2:28:ef:
2d:0c:53:01:05:68:56:b2:62:51:cb:cb:cd:f3:73:83:86:46:
6a:5b:f1:cd:29:b8:4b:48:09:53:e1:2b:b7:b5:5e:fe:13:8d:
3f:c6:9a:24:17:ed:fa:ce:eb:84:a8:59:e0:48:ae:b8:29:a5:
8e:5d:3a:45:0f:9c:e6:60:0d:c8:67:1b:46:5b:6d:fd:2b:83:
d0:d8:71:89:bc:5e:54:8f:c8:fa:eb:69:be:81:ff:3b:26:1c:
bf:40:6b:a8:8b:9c:49:ea:a3:ce:d4:7d:e1:af:88:0c:6a:8d:
fb:00:88:8d:ba:53:6c:ef:d4:12:81:d4:fa:64:00:29:9e:da:
91:50:53:a6
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAY/yu4lKMJbw2St8vaqcsBN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwNjA3MTI0NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUyMzg3NGU0ZjYyYTg5MmYzMzZjZTNhZmNmMTRiNDkyZjRhNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0ckIDy4kJ+cV+xYsUXhNaB9DPk4
bShGED7hPn2umZAe7ix55u0Sl/Jq/krjp3MHbCSx+2rnMpl769NYWZNvNv/5geuB
0dehn5EADOfN7Z7YYTzyVKE0UYxALL9JVt9E1sig3GjiLXxdifPUWzvY8sm1yYEH
3VimLHAPYn4u86uKTPKQ9rQCu5u+r4lXmGFbMsK20BQskZi+0xZWgoQdEVw7J4pO
3A0dogf9WmATVetyJkwOpjZzj0WwpPRKfQ6o6GvpyTyxFD66KBaq5RRrA+4fhj5O
nONh5Cuvv/gYJ7g38JgcUzNUHy+Nl1ttN6h0aI7NYjgCtIy43r154FwV0wIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFF3iOHTk9iqJLzNs46/PFLSS9KdWMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvWGVJNGRPVDJLb2t2TTJ6anI4OFV0SkwwcDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBGBAIAATBAAwQBBSK2AwQD
LhxAAwQCUnYQAwQBwe6YAwQD2QzAAwQB2QzMMAwDBAHZDNIDBAHZDNgwDAMEANkM
2wMEBdkMwDAbBAIAAjAVAwUAKgInqAMFACoCJ60DBQAqBZQHMA0GCSqGSIb3DQEB
CwUAA4IBAQA87Xsdwg2d0/o20q17+YXPC3rhNc+3YmuKjaVSvzIDvD+14Yupq3Fe
1Y6QDQZ8iiUkYoKT3q/iepomm63j+2B8JA1S3qxWJV1mDeWPMPW0Gf37t6zaX2lE
EUKOoNVzejxxbZpJ34EZwa5Ltym68y5Hw4rNGiuXeCjYBv2iKO8tDFMBBWhWsmJR
y8vN83ODhkZqW/HNKbhLSAlT4Su3tV7+E40/xpokF+36zuuEqFngSK64KaWOXTpF
D5zmYA3IZxtGW239K4PQ2HGJvF5Uj8j662m+gf87Jhy/QGuoi5xJ6qPO1H3hr4gM
ao37AIiNulNs79QSgdT6ZAApntqRUFOm
-----END CERTIFICATE-----
Generated at Fri Aug 9 18:23:57 2024 by rpki-client on console-ams.rpki-client.org