Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/XMTFjLKNt6-iJEwSRJymjQ38Sjk.roa
File: XMTFjLKNt6-iJEwSRJymjQ38Sjk.roa (raw, json)
Hash identifier: IryYlLMgOMoEjC3876s203Hw3Lqz6fAWckRC2soO6S4=
Subject key identifier: 5C:C4:C5:8C:B2:8D:B7:AF:A2:24:4C:12:44:9C:A6:8D:0D:FC:4A:39
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 018CC6B91F2ACB10EC239F5D06B5482F9809
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/XMTFjLKNt6-iJEwSRJymjQ38Sjk.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30880
IP address blocks: 185.98.192.0/22 maxlen: 22
185.98.195.0/24 maxlen: 24
193.42.215.0/24 maxlen: 24
193.27.201.0/24 maxlen: 24
193.27.200.0/23 maxlen: 23
193.27.200.0/24 maxlen: 24
212.63.192.0/19 maxlen: 19
2a01:298::/32 maxlen: 32
2a01:299::/32 maxlen: 32
2a01:298:fd::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 29 Jun 2024 23:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1f:2a:cb:10:ec:23:9f:5d:06:b5:48:2f:98:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cc4c58cb28db7afa2244c12449ca68d0dfc4a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:05:da:d1:42:9b:dc:21:a5:2d:05:c6:15:
b5:50:41:48:3a:f2:93:52:21:9d:38:5d:43:58:aa:
66:1a:f7:80:44:35:c8:80:4b:5b:a8:c8:f2:47:41:
e6:32:2d:e8:33:3f:96:cb:fc:8a:cc:a7:b2:bc:a9:
82:e4:c1:91:e4:f6:90:a3:4b:67:38:12:75:77:b0:
c3:b7:55:5d:a0:0e:86:bc:8b:07:f2:a3:ae:fd:1b:
b7:8e:0d:8e:a4:d9:c9:d0:9d:62:b2:cb:e3:cd:a5:
42:ea:14:42:75:6e:27:fe:fa:0a:cc:e9:3f:41:2e:
ce:d8:e8:9d:1b:bf:65:56:78:6d:01:d3:32:ac:01:
0d:e4:70:c8:8a:ae:1d:c0:1f:3c:9b:d2:bb:d7:80:
12:3e:37:19:1b:28:85:cf:57:1a:12:ba:0e:bd:d3:
b6:b2:1b:10:b8:9a:ce:c4:77:8a:e5:23:1b:6d:9d:
ef:a6:51:6a:26:d3:0e:5b:5c:62:fb:2f:68:ce:95:
ff:9f:a3:d6:e7:95:10:7c:69:99:e7:ff:92:5f:db:
31:04:70:3b:27:4b:69:0a:02:78:c3:d7:f2:de:02:
79:1e:51:98:b3:99:bb:6e:ba:10:89:42:fd:b4:a0:
ec:ee:17:09:56:43:5f:d5:88:f8:86:0b:c8:5e:93:
f8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C4:C5:8C:B2:8D:B7:AF:A2:24:4C:12:44:9C:A6:8D:0D:FC:4A:39
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/XMTFjLKNt6-iJEwSRJymjQ38Sjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.192.0/22
193.27.200.0/23
193.42.215.0/24
212.63.192.0/19
IPv6:
2a01:298::/31
Signature Algorithm: sha256WithRSAEncryption
41:d9:b4:84:31:f4:9d:6c:8b:6d:45:c9:30:90:46:d7:01:f9:
17:35:5d:e8:81:67:69:16:05:f4:d4:20:24:d0:51:dc:4c:61:
87:4a:24:9a:df:da:94:aa:66:3a:c7:f7:d8:f2:fc:21:77:6a:
62:6c:d5:35:12:cf:ff:2a:ac:f1:07:fe:a3:d6:28:1d:ca:df:
71:03:da:9a:20:63:ad:9a:1f:4d:1b:c6:3a:05:bb:d7:17:52:
2d:89:19:4d:09:ce:1e:d7:a6:40:83:2b:9d:18:c6:ce:6c:9d:
10:f2:18:ee:26:ba:75:21:5e:b1:bd:c7:48:d2:74:10:4c:07:
77:14:18:31:44:0b:48:b3:c1:fe:f8:a6:ad:4a:7f:7d:23:01:
79:14:ca:fa:39:94:7d:29:bb:cf:3b:20:fe:ff:2c:8b:1f:2a:
96:a5:89:47:e2:e3:b2:84:5e:2c:06:8b:4c:e3:08:b0:4c:eb:
50:bc:5e:75:ae:f4:b2:84:6b:68:89:7d:88:42:8c:1f:84:93:
f4:6d:29:52:01:6a:10:c4:cc:9d:f1:1a:86:df:fe:75:f8:85:
64:92:47:1c:32:ba:6b:b0:a1:ea:77:b6:68:01:50:51:d1:38:
61:dd:17:49:ad:d4:31:4a:80:eb:99:b7:eb:d2:c5:9b:7c:20:
3b:02:e3:dd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGuR8qyxDsI59dBrVIL5gJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzY3YmM1ZmJjYmNlZmIxYzFjNzQ3YmIwZWI1MzM3ZGFi
NjkxYzAwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2M0YzU4Y2IyOGRiN2FmYTIyNDRjMTI0NDljYTY4ZDBkZmM0YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUEF2tFCm9whpS0FxhW1UEFIOvKT
UiGdOF1DWKpmGveARDXIgEtbqMjyR0HmMi3oMz+Wy/yKzKeyvKmC5MGR5PaQo0tn
OBJ1d7DDt1VdoA6GvIsH8qOu/Ru3jg2OpNnJ0J1issvjzaVC6hRCdW4n/voKzOk/
QS7O2OidG79lVnhtAdMyrAEN5HDIiq4dwB88m9K714ASPjcZGyiFz1caEroOvdO2
shsQuJrOxHeK5SMbbZ3vplFqJtMOW1xi+y9ozpX/n6PW55UQfGmZ5/+SX9sxBHA7
J0tpCgJ4w9fy3gJ5HlGYs5m7broQiUL9tKDs7hcJVkNf1Yj4hgvIXpP4tQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFzExYyyjbevoiRMEkScpo0N/Eo5MB8GA1UdIwQY
MBaAFKR2e8X7y877HBx0e7DrUzfatpHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQt
MDQxYTQ4ZDIxMjNmLzEvWE1URmpMS050Ni1pSkV3U1JKeW1qUTM4U2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQtMDQxYTQ4ZDIxMjNm
LzEvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuWLAAwQB
wRvIAwQAwSrXAwQF1D/AMA0EAgACMAcDBQEqAQKYMA0GCSqGSIb3DQEBCwUAA4IB
AQBB2bSEMfSdbIttRckwkEbXAfkXNV3ogWdpFgX01CAk0FHcTGGHSiSa39qUqmY6
x/fY8vwhd2pibNU1Es//KqzxB/6j1igdyt9xA9qaIGOtmh9NG8Y6BbvXF1ItiRlN
Cc4e16ZAgyudGMbObJ0Q8hjuJrp1IV6xvcdI0nQQTAd3FBgxRAtIs8H++KatSn99
IwF5FMr6OZR9KbvPOyD+/yyLHyqWpYlH4uOyhF4sBotM4wiwTOtQvF51rvSyhGto
iX2IQowfhJP0bSlSAWoQxMyd8RqG3/51+IVkkkccMrprsKHqd7ZoAVBR0Thh3RdJ
rdQxSoDrmbfr0sWbfCA7AuPd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:16 2025 by rpki-client