Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/xAZv8iE0K6C_KxDKLt60IRj-5Fw.roa
File: xAZv8iE0K6C_KxDKLt60IRj-5Fw.roa (raw, json)
Hash identifier: CXIbiY7QN/+T4m+oL0iPkrDXwN8QGOxxKpSZzN+kzjY=
Subject key identifier: C4:06:6F:F2:21:34:2B:A0:BF:2B:10:CA:2E:DE:B4:21:18:FE:E4:5C
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01921EA6EB7B5360E7629F11996B6B5ACE9F
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/xAZv8iE0K6C_KxDKLt60IRj-5Fw.roa
Signing time: Mon 23 Sep 2024 11:31:48 +0000
ROA not before: Mon 23 Sep 2024 11:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 23
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 22
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0::/32 maxlen: 48
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Sep 2024 12:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:a6:eb:7b:53:60:e7:62:9f:11:99:6b:6b:5a:ce:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Sep 23 11:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4066ff221342ba0bf2b10ca2edeb42118fee45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:10:21:e4:7d:d4:72:1f:a0:b0:2b:5c:f6:99:
5b:8b:06:db:65:a3:56:e2:7e:e1:31:d0:9e:fa:0b:
83:a4:be:b1:e2:a6:ca:c1:3c:6e:bf:a5:aa:f6:54:
16:99:cd:1d:d1:af:f0:a0:02:01:14:d5:49:5e:a9:
5d:93:bb:e6:b5:7d:aa:46:1f:49:dc:50:8a:01:ea:
17:8c:66:08:d3:55:af:e0:23:5a:b6:21:c1:bd:b0:
80:c9:d8:5a:02:e3:99:f3:db:ae:a1:f9:d6:ab:32:
32:da:04:df:68:25:5a:c1:50:ff:9e:ce:6f:ef:98:
7d:d4:e3:24:41:db:50:1d:c7:6c:b8:5e:e6:56:c0:
22:f2:5b:fe:0e:84:62:37:25:e6:28:ae:46:4b:4d:
ad:ec:81:bf:3d:71:e8:a4:6d:52:d6:69:d8:d3:8c:
fc:79:51:f4:0e:94:59:01:02:db:83:bc:31:bb:26:
3c:a0:49:ab:33:cc:ed:32:6a:66:cb:d9:45:d6:61:
74:fa:b6:07:89:37:76:5e:d1:e3:d8:1b:26:3f:06:
48:07:53:04:2b:45:92:ee:5d:16:37:bb:00:c5:12:
fd:26:76:b6:77:cd:73:6f:4d:ca:c6:47:96:07:c7:
11:e2:f1:1d:32:d7:cf:39:fe:d2:7a:fb:77:d2:c8:
f5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:06:6F:F2:21:34:2B:A0:BF:2B:10:CA:2E:DE:B4:21:18:FE:E4:5C
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/xAZv8iE0K6C_KxDKLt60IRj-5Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
70:bc:a5:98:1f:a1:c3:f3:9a:60:08:8e:4d:c9:af:fa:71:e8:
68:0f:76:f7:ef:a1:d2:65:50:c5:ca:59:35:6f:e2:a2:49:05:
2b:41:ed:a6:05:95:b3:dc:af:85:ce:52:03:92:a2:7d:80:e1:
cc:7e:e8:06:97:eb:9b:89:12:33:05:57:db:cb:98:1c:bc:fa:
07:2a:2e:e7:5a:4b:fe:ac:40:7a:de:61:34:0c:8c:67:8c:cb:
2b:6b:2a:96:84:75:4d:8c:ac:5f:cc:a3:e4:b3:33:63:41:86:
a2:ee:39:dc:df:62:e1:78:69:c6:1c:39:d9:e9:b1:43:12:57:
c0:c9:ba:f4:dc:91:70:e8:1c:33:c5:9d:de:8f:c2:91:a2:21:
7b:f5:6a:dc:af:2d:66:24:38:10:f1:35:da:9d:95:0a:9a:04:
e4:6b:78:9b:9a:84:22:d2:bb:67:ce:62:46:6b:91:87:23:34:
e9:f5:88:9c:87:40:92:28:8f:82:fe:f2:ec:38:ce:0e:31:26:
74:48:b7:97:61:6c:06:92:fd:09:1f:43:43:88:98:11:b8:72:
b6:5b:46:08:14:c0:de:cb:3d:a3:f0:59:2c:fa:0c:9c:98:21:
59:85:9f:11:0f:12:5e:15:65:b5:c7:53:2d:3d:63:f7:48:84:
14:dc:49:9b
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZIeput7U2DnYp8RmWtrWs6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQwOTIzMTEzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA2NmZmMjIxMzQyYmEwYmYyYjEwY2EyZWRlYjQyMTE4ZmVlNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxAh5H3Uch+gsCtc9plbiwbbZaNW
4n7hMdCe+guDpL6x4qbKwTxuv6Wq9lQWmc0d0a/woAIBFNVJXqldk7vmtX2qRh9J
3FCKAeoXjGYI01Wv4CNatiHBvbCAydhaAuOZ89uuofnWqzIy2gTfaCVawVD/ns5v
75h91OMkQdtQHcdsuF7mVsAi8lv+DoRiNyXmKK5GS02t7IG/PXHopG1S1mnY04z8
eVH0DpRZAQLbg7wxuyY8oEmrM8ztMmpmy9lF1mF0+rYHiTd2XtHj2BsmPwZIB1ME
K0WS7l0WN7sAxRL9Jna2d81zb03KxkeWB8cR4vEdMtfPOf7Sevt30sj1uQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFMQGb/IhNCugvysQyi7etCEY/uRcMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEveEFadjhpRTBLNkNfS3hES0x0NjBJUmotNUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwQAH9yWMAwD
BASAAJADBACAAJoDBAK5BQgwDAMEAdW5TgMEAdW5VDANBAIAAjAHAwUAKgJFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAcLylmB+hw/OaYAiOTcmv+nHoaA929++h0mVQxcpZ
NW/iokkFK0HtpgWVs9yvhc5SA5KifYDhzH7oBpfrm4kSMwVX28uYHLz6Byou51pL
/qxAet5hNAyMZ4zLK2sqloR1TYysX8yj5LMzY0GGou453N9i4Xhpxhw52emxQxJX
wMm69NyRcOgcM8Wd3o/CkaIhe/Vq3K8tZiQ4EPE12p2VCpoE5Gt4m5qEItK7Z85i
RmuRhyM06fWInIdAkiiPgv7y7DjODjEmdEi3l2FsBpL9CR9DQ4iYEbhytltGCBTA
3ss9o/BZLPoMnJghWYWfEQ8SXhVltcdTLT1j90iEFNxJmw==
-----END CERTIFICATE-----
Generated at Wed Sep 25 16:29:52 2024 by rpki-client on console-ams.rpki-client.org