Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/xoDf5_xEvzS7b66wps8_NUpR3P0.roa
File: xoDf5_xEvzS7b66wps8_NUpR3P0.roa (raw, json)
Hash identifier: lcGbentR/aMpG5jvhAihGwDnjh6q8Nfm+YRadQQiihg=
Subject key identifier: C6:80:DF:E7:FC:44:BF:34:BB:6F:AE:B0:A6:CF:3F:35:4A:51:DC:FD
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 018CC3488FA88C91FBF633C09AF50FB60397
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/xoDf5_xEvzS7b66wps8_NUpR3P0.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13000
IP address blocks: 91.195.158.0/23 maxlen: 23
193.150.36.0/23 maxlen: 23
91.195.190.0/23 maxlen: 23
195.88.128.0/23 maxlen: 23
62.182.224.0/21 maxlen: 21
91.195.134.0/23 maxlen: 23
91.214.24.0/22 maxlen: 22
87.101.64.0/20 maxlen: 24
193.34.112.0/22 maxlen: 22
193.93.92.0/22 maxlen: 24
195.3.200.0/22 maxlen: 22
195.3.203.0/24 maxlen: 24
89.200.224.0/21 maxlen: 24
91.200.24.0/22 maxlen: 22
87.239.192.0/21 maxlen: 21
188.137.0.0/17 maxlen: 24
195.66.73.0/24 maxlen: 24
95.131.32.0/21 maxlen: 24
2a02:c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Mar 2024 10:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8f:a8:8c:91:fb:f6:33:c0:9a:f5:0f:b6:03:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c680dfe7fc44bf34bb6faeb0a6cf3f354a51dcfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3f:ae:f5:8f:69:fb:24:52:b2:0e:b2:c2:94:
a0:37:e7:73:c7:49:81:1a:01:bf:6a:50:24:5e:4c:
77:f4:f3:31:04:03:e6:e6:0b:58:71:d2:42:19:53:
e9:5b:b9:7f:77:ae:60:52:be:69:e3:f0:94:7a:cb:
31:26:c7:80:56:8a:8e:09:bb:25:a9:e6:0b:6d:ae:
66:3b:d6:de:0d:9c:bf:51:c2:5b:ee:1e:ca:41:2b:
5b:53:df:81:12:0e:0e:db:5c:ea:84:42:b7:57:de:
fe:88:89:0a:63:ce:f8:8a:21:43:b7:53:cc:03:be:
bd:9a:ce:d3:3c:5e:4e:2d:6f:b0:c3:f3:5a:c8:c4:
82:52:a1:a8:77:d5:fb:5f:5d:61:e7:bf:56:e5:36:
8e:b8:fe:c1:47:d8:98:40:48:bf:3a:4a:95:a2:50:
31:50:ce:76:e7:33:74:df:a5:f4:50:fd:56:16:b0:
bd:f2:53:61:6c:b0:7b:4d:7b:fb:3f:8b:44:e9:5e:
38:1a:3c:af:2f:16:0c:02:0e:2a:42:58:29:3e:3b:
e5:31:21:14:f2:67:5e:b8:33:16:5d:e0:ca:98:c3:
f3:4b:02:39:39:22:e1:34:bd:19:06:9d:78:96:59:
36:ba:78:3b:16:27:ef:cb:ff:f8:93:cc:2b:0f:54:
b9:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:80:DF:E7:FC:44:BF:34:BB:6F:AE:B0:A6:CF:3F:35:4A:51:DC:FD
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/xoDf5_xEvzS7b66wps8_NUpR3P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.224.0/21
87.101.64.0/20
87.239.192.0/21
89.200.224.0/21
91.195.134.0/23
91.195.158.0/23
91.195.190.0/23
91.200.24.0/22
91.214.24.0/22
95.131.32.0/21
188.137.0.0/17
193.34.112.0/22
193.93.92.0/22
193.150.36.0/23
195.3.200.0/22
195.66.73.0/24
195.88.128.0/23
IPv6:
2a02:c40::/32
Signature Algorithm: sha256WithRSAEncryption
6b:5e:d8:f4:a5:fc:9f:8b:06:a3:70:9d:f8:b8:d5:7e:03:53:
40:2f:9f:f2:63:09:38:88:eb:a5:c1:fe:98:64:26:ac:57:e1:
8b:39:d8:17:82:0f:2a:ac:e5:16:0b:fd:13:b1:3d:65:39:d1:
83:fe:e5:e1:da:a8:ba:9c:41:79:4c:73:91:3f:39:e1:82:63:
86:36:39:5e:05:be:45:a8:a6:95:b4:58:33:2a:64:20:9c:e7:
2b:69:d3:33:15:3b:0c:73:35:f4:0d:c7:c2:b3:56:12:72:2d:
65:20:1d:98:36:49:91:c0:91:f4:64:da:54:c6:6f:7e:9a:a9:
37:b7:fb:a0:f1:07:22:42:1b:83:eb:22:2b:2e:8f:6e:fe:e7:
d2:fa:b3:1e:81:f1:d8:3c:9d:70:53:8e:98:cc:83:6e:6a:ee:
79:06:f7:e0:e4:cb:18:fc:85:6e:85:23:91:8a:5b:84:c1:25:
e4:44:50:18:86:2d:04:ed:d1:ed:5c:d8:0b:96:1f:3b:6c:ff:
54:2e:6b:f3:95:f3:48:ff:a8:6a:ec:aa:39:4c:cd:fd:49:76:
88:dc:6a:21:9f:a3:20:0e:8d:f5:1e:5b:6f:b9:5c:6d:5a:ee:
4f:60:73:4b:24:b9:5c:52:1e:aa:df:a0:2b:61:fe:ea:1d:81:
46:70:19:9e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzDSI+ojJH79jPAmvUPtgOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjgwZGZlN2ZjNDRiZjM0YmI2ZmFlYjBhNmNmM2YzNTRhNTFkY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz+u9Y9p+yRSsg6ywpSgN+dzx0mB
GgG/alAkXkx39PMxBAPm5gtYcdJCGVPpW7l/d65gUr5p4/CUessxJseAVoqOCbsl
qeYLba5mO9beDZy/UcJb7h7KQStbU9+BEg4O21zqhEK3V97+iIkKY874iiFDt1PM
A769ms7TPF5OLW+ww/NayMSCUqGod9X7X11h579W5TaOuP7BR9iYQEi/OkqVolAx
UM525zN036X0UP1WFrC98lNhbLB7TXv7P4tE6V44GjyvLxYMAg4qQlgpPjvlMSEU
8mdeuDMWXeDKmMPzSwI5OSLhNL0ZBp14llk2ung7Fifvy//4k8wrD1S5LQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFMaA3+f8RL80u2+usKbPPzVKUdz9MB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEveG9EZjVfeEV2elM3YjY2d3BzOF9OVXBSM1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAz624AME
BFdlQAMEA1fvwAMEA1nI4AMEAVvDhgMEAVvDngMEAVvDvgMEAlvIGAMEAlvWGAME
A1+DIAMEB7yJAAMEAsEicAMEAsFdXAMEAcGWJAMEAsMDyAMEAMNCSQMEAcNYgDAN
BAIAAjAHAwUAKgIMQDANBgkqhkiG9w0BAQsFAAOCAQEAa17Y9KX8n4sGo3Cd+LjV
fgNTQC+f8mMJOIjrpcH+mGQmrFfhiznYF4IPKqzlFgv9E7E9ZTnRg/7l4dqoupxB
eUxzkT854YJjhjY5XgW+RaimlbRYMypkIJznK2nTMxU7DHM19A3HwrNWEnItZSAd
mDZJkcCR9GTaVMZvfpqpN7f7oPEHIkIbg+siKy6Pbv7n0vqzHoHx2DydcFOOmMyD
bmrueQb34OTLGPyFboUjkYpbhMEl5ERQGIYtBO3R7VzYC5YfO2z/VC5r85XzSP+o
auyqOUzN/Ul2iNxqIZ+jIA6N9R5bb7lcbVruT2BzSyS5XFIeqt+gK2H+6h2BRnAZ
ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org