Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xbvG_36ZJCr1qzD0yaXEYGXLgzQ.roa
File: xbvG_36ZJCr1qzD0yaXEYGXLgzQ.roa (raw, json)
Hash identifier: 5qtoNH/KslU60pJ0kFzpxvuZpRCp1p0O0yleEPM1Kg0=
Subject key identifier: C5:BB:C6:FF:7E:99:24:2A:F5:AB:30:F4:C9:A5:C4:60:65:CB:83:34
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018AFFC966F54047C7254F123E4EC489BFDC
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xbvG_36ZJCr1qzD0yaXEYGXLgzQ.roa
Signing time: Thu 05 Oct 2023 12:21:43 +0000
ROA not before: Thu 05 Oct 2023 12:21:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 5.157.192.0/22 maxlen: 22
5.157.196.0/22 maxlen: 22
5.157.200.0/21 maxlen: 21
5.157.208.0/21 maxlen: 21
5.157.216.0/22 maxlen: 24
5.157.220.0/22 maxlen: 24
178.157.120.0/22 maxlen: 22
5.157.132.0/22 maxlen: 22
5.157.152.0/21 maxlen: 21
5.157.168.0/22 maxlen: 24
5.157.172.0/22 maxlen: 24
5.157.232.0/21 maxlen: 21
5.157.228.0/22 maxlen: 22
5.157.248.0/21 maxlen: 21
188.119.168.0/21 maxlen: 21
188.119.184.0/22 maxlen: 22
188.119.188.0/22 maxlen: 24
178.157.68.0/22 maxlen: 22
178.157.94.0/24 maxlen: 24
178.157.100.0/24 maxlen: 24
178.157.101.0/24 maxlen: 24
178.157.112.0/21 maxlen: 21
188.74.248.0/21 maxlen: 21
37.35.48.0/22 maxlen: 22
37.35.52.0/24 maxlen: 24
188.119.128.0/20 maxlen: 24
188.74.192.0/21 maxlen: 21
188.74.200.0/21 maxlen: 21
62.216.72.0/24 maxlen: 24
62.216.73.0/24 maxlen: 24
62.216.74.0/24 maxlen: 24
62.216.75.0/24 maxlen: 24
62.216.72.0/22 maxlen: 22
62.216.80.0/24 maxlen: 24
62.216.81.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.83.0/24 maxlen: 24
188.74.216.0/21 maxlen: 21
62.216.80.0/22 maxlen: 22
188.74.224.0/21 maxlen: 21
188.74.232.0/21 maxlen: 21
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
62.216.94.0/24 maxlen: 24
62.216.95.0/24 maxlen: 24
188.74.144.0/22 maxlen: 22
188.74.148.0/22 maxlen: 22
188.74.160.0/21 maxlen: 21
188.74.184.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:c9:66:f5:40:47:c7:25:4f:12:3e:4e:c4:89:bf:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Oct 5 12:21:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5bbc6ff7e99242af5ab30f4c9a5c46065cb8334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:74:0c:bc:8b:62:13:a0:5c:b7:4b:91:20:ca:
2a:93:9a:78:b0:7f:a4:2d:45:8d:ca:bb:c1:68:2d:
86:53:a4:1c:f3:7a:da:8f:2d:2b:ba:25:f6:90:49:
f3:05:4d:3e:29:b8:dd:b3:7c:d8:32:b0:4e:f2:33:
69:cd:ea:32:13:a5:12:16:25:9a:16:30:b0:e4:31:
8b:a3:35:fa:24:0f:4d:b1:ee:20:cd:95:c1:07:ca:
e1:e3:9b:e6:0d:de:dc:1c:03:a2:93:9a:ea:af:85:
81:e6:b6:26:59:31:8f:0e:06:74:45:af:14:7b:fe:
73:63:fe:c5:bc:f1:d3:e4:76:22:08:73:9f:39:66:
bf:5f:0c:d9:06:b1:68:90:49:a5:9e:51:2f:e9:f0:
c5:a5:ad:26:b0:fe:1b:1f:b3:4a:22:7e:c4:6f:ff:
90:82:cd:73:ed:f9:a2:9d:6d:52:4e:b7:a0:d3:16:
ff:c2:27:a1:c6:c7:2b:36:2e:71:ca:51:a7:01:a9:
38:5b:55:89:b9:b5:38:e7:c8:f9:cf:f4:64:3e:51:
5d:b7:3e:f2:b7:e2:43:75:e0:a4:a8:03:ba:71:f5:
33:93:6c:3b:1d:5a:8f:88:f8:5d:af:f6:56:b9:47:
b9:a9:bd:f5:15:bc:1a:89:06:cd:73:f8:d1:fe:51:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BB:C6:FF:7E:99:24:2A:F5:AB:30:F4:C9:A5:C4:60:65:CB:83:34
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/xbvG_36ZJCr1qzD0yaXEYGXLgzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.132.0/22
5.157.152.0/21
5.157.168.0/21
5.157.192.0/19
5.157.228.0-5.157.239.255
5.157.248.0/21
37.35.48.0-37.35.52.255
62.216.72.0/22
62.216.80.0/22
62.216.92.0/22
178.157.68.0/22
178.157.94.0/24
178.157.100.0/23
178.157.112.0-178.157.123.255
188.74.144.0/21
188.74.160.0/21
188.74.184.0/22
188.74.192.0/20
188.74.216.0-188.74.239.255
188.74.248.0/21
188.119.128.0/20
188.119.168.0/21
188.119.184.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:41:1b:87:70:f5:c1:51:12:07:6b:5c:80:72:f8:da:b6:d0:
9d:2e:35:73:d6:12:5e:54:2b:d6:f0:ed:0f:fc:84:c6:43:ab:
9a:8b:e7:56:b7:14:b7:c6:5d:a9:07:65:16:6d:2d:47:8f:05:
42:05:2a:90:1d:b5:87:88:cf:06:9e:2e:09:a5:9e:56:4c:c1:
ef:36:28:11:6b:4c:6d:69:e2:6a:af:62:3d:c6:cd:c3:53:b8:
9c:af:47:2a:18:54:05:2a:e5:97:52:64:24:66:e2:9e:c8:6e:
87:cb:73:e4:a5:46:7e:41:96:7b:25:0d:87:dc:c8:76:49:b0:
2d:ab:c3:8b:76:1e:ca:f9:2c:06:93:6d:5c:66:62:81:cc:59:
dc:a2:44:75:7d:68:0c:90:5d:de:d5:d9:8c:b9:71:39:87:09:
49:61:12:5a:56:23:c0:6a:b3:e8:39:56:63:26:df:9c:2b:c0:
ed:eb:62:dd:d6:3e:f6:73:27:e5:41:da:a3:73:43:ab:92:4a:
9c:7e:0c:73:71:3f:e4:02:bc:e8:b3:18:82:20:1e:80:a9:22:
25:24:47:99:f2:5e:37:f2:0c:38:f6:ae:b6:07:83:fd:81:60:
60:6b:39:64:52:16:59:3f:5b:45:6e:db:14:0a:05:32:a2:c3:
a6:52:53:49
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYr/yWb1QEfHJU8SPk7Eib/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMxMDA1MTIyMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWJiYzZmZjdlOTkyNDJhZjVhYjMwZjRjOWE1YzQ2MDY1Y2I4MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3QMvItiE6Bct0uRIMoqk5p4sH+k
LUWNyrvBaC2GU6Qc83rajy0ruiX2kEnzBU0+Kbjds3zYMrBO8jNpzeoyE6USFiWa
FjCw5DGLozX6JA9Nse4gzZXBB8rh45vmDd7cHAOik5rqr4WB5rYmWTGPDgZ0Ra8U
e/5zY/7FvPHT5HYiCHOfOWa/XwzZBrFokEmlnlEv6fDFpa0msP4bH7NKIn7Eb/+Q
gs1z7fminW1STreg0xb/wiehxscrNi5xylGnAak4W1WJubU458j5z/RkPlFdtz7y
t+JDdeCkqAO6cfUzk2w7HVqPiPhdr/ZWuUe5qb31FbwaiQbNc/jR/lGRewIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFMW7xv9+mSQq9asw9MmlxGBly4M0MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEveGJ2R18zNlpKQ3IxcXpEMHlhWEVZR1hMZ3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIF
nYQDBAMFnZgDBAMFnagDBAUFncAwDAMEAgWd5AMEBAWd4AMEAwWd+DAMAwQEJSMw
AwQAJSM0AwQCPthIAwQCPthQAwQCPthcAwQCsp1EAwQAsp1eAwQBsp1kMAwDBASy
nXADBAKynXgDBAO8SpADBAO8SqADBAK8SrgDBAS8SsAwDAMEA7xK2AMEBLxK4AME
A7xK+AMEBLx3gAMEA7x3qAMEA7x3uDANBgkqhkiG9w0BAQsFAAOCAQEAikEbh3D1
wVESB2tcgHL42rbQnS41c9YSXlQr1vDtD/yExkOrmovnVrcUt8ZdqQdlFm0tR48F
QgUqkB21h4jPBp4uCaWeVkzB7zYoEWtMbWniaq9iPcbNw1O4nK9HKhhUBSrll1Jk
JGbinshuh8tz5KVGfkGWeyUNh9zIdkmwLavDi3YeyvksBpNtXGZigcxZ3KJEdX1o
DJBd3tXZjLlxOYcJSWESWlYjwGqz6DlWYybfnCvA7eti3dY+9nMn5UHao3NDq5JK
nH4Mc3E/5AK86LMYgiAegKkiJSRHmfJeN/IMOPautgeD/YFgYGs5ZFIWWT9bRW7b
FAoFMqLDplJTSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org