Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/XWUFU9Krfbz1sTpxoaS63PoibYo.roa
File: XWUFU9Krfbz1sTpxoaS63PoibYo.roa (raw, json)
Hash identifier: 84rCbO8XVuJs/Ek63Oh0deUho7Ru8a3qdyEs/vBAD9s=
Subject key identifier: 5D:65:05:53:D2:AB:7D:BC:F5:B1:3A:71:A1:A4:BA:DC:FA:22:6D:8A
Certificate issuer: /CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Certificate serial: 0191EB7611767345A58BAF0AEE0D4A4C371F
Authority key identifier: D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/XWUFU9Krfbz1sTpxoaS63PoibYo.roa
Signing time: Fri 13 Sep 2024 12:57:49 +0000
ROA not before: Fri 13 Sep 2024 12:57:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 138.43.11.0/24 maxlen: 24
217.147.180.0/23 maxlen: 24
217.147.180.0/24 maxlen: 24
217.147.181.0/24 maxlen: 24
2a0b:2900:1100::/40 maxlen: 48
2a0b:2900:1f00::/40 maxlen: 40
2a0b:2900:1f00::/48 maxlen: 48
2a0b:2900:ff00::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:eb:76:11:76:73:45:a5:8b:af:0a:ee:0d:4a:4c:37:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d87821a7c8761e08121e70c9ff42ff9b6ad34e51
Validity
Not Before: Sep 13 12:57:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d650553d2ab7dbcf5b13a71a1a4badcfa226d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c4:78:80:3a:ab:13:8e:5e:bf:c9:02:a0:75:
b9:ae:10:f3:76:de:3e:36:dc:13:81:51:18:00:db:
b6:e7:c0:46:02:7a:d4:71:3c:09:c5:f5:d5:ab:73:
2d:a5:16:c7:98:46:98:18:a1:22:ea:25:08:99:1d:
34:59:34:1f:9b:6d:bb:2e:ff:e6:2c:d8:9d:1a:64:
e9:96:c5:39:23:ad:c5:02:e0:e6:3f:1e:38:a8:07:
cd:f9:17:36:a1:cd:8e:cd:7b:5d:e2:12:1b:cf:aa:
5d:58:19:07:2e:0e:4d:bb:1d:b8:d7:bd:18:62:1a:
c4:53:d6:9d:57:e9:c2:ec:52:fe:67:3f:d0:d3:d8:
eb:1a:c8:cb:06:c7:e9:1b:ac:cc:73:2e:bc:a2:f7:
d3:33:4c:81:c6:ad:b7:c3:d1:84:9b:aa:99:4b:69:
7a:97:3a:1b:5d:74:3e:bc:5b:27:0c:00:0a:38:db:
78:ad:c5:71:02:9c:43:fe:4c:c5:b9:18:eb:d9:e4:
3c:7e:1f:ae:1c:02:b5:e6:eb:ac:67:8f:74:26:0d:
75:02:28:55:dd:2c:fd:52:0c:ad:dd:44:c3:e2:0a:
a1:51:23:0e:8e:7c:b8:b2:f3:bd:47:af:d6:72:59:
69:a0:31:17:16:1a:fa:c4:fb:8d:4b:9d:11:f2:d7:
a5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:65:05:53:D2:AB:7D:BC:F5:B1:3A:71:A1:A4:BA:DC:FA:22:6D:8A
X509v3 Authority Key Identifier:
keyid:D8:78:21:A7:C8:76:1E:08:12:1E:70:C9:FF:42:FF:9B:6A:D3:4E:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hghp8h2HggSHnDJ_0L_m2rTTlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/XWUFU9Krfbz1sTpxoaS63PoibYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/e5725b-3128-44b3-9f83-5aa620a81149/1/2Hghp8h2HggSHnDJ_0L_m2rTTlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.43.11.0/24
217.147.180.0/23
IPv6:
2a0b:2900:1100::/40
2a0b:2900:1f00::/40
2a0b:2900:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
4b:18:87:81:09:d6:0e:41:88:25:ee:72:31:10:54:10:ea:47:
bc:39:34:16:26:5b:d6:d0:84:70:b5:e8:f2:bf:f1:2b:be:eb:
86:63:b0:d9:e3:45:b2:73:a7:2c:c3:93:eb:8c:42:b9:08:02:
64:f4:7c:6f:76:36:00:53:1b:89:a2:71:2c:f8:50:4d:d4:56:
2a:67:7e:17:df:be:c6:0e:2d:99:fe:2f:fe:af:70:c2:05:da:
fa:04:93:55:df:84:ed:ab:24:42:d2:a2:52:9f:18:36:36:ac:
35:8d:e5:10:1d:c7:41:5c:e3:2b:60:80:ab:2b:48:c0:54:5f:
8c:73:62:48:79:43:4d:c4:f1:ea:0b:b3:cb:6d:74:b1:aa:32:
4e:9d:05:c9:a1:2b:20:e9:ce:8d:45:4b:43:c8:bb:a7:2e:8b:
ce:08:f3:ae:5b:f9:7b:c0:1b:3c:96:a3:2a:c5:bd:38:c9:92:
25:2b:4f:8d:3f:bf:56:0d:e7:1e:79:0b:ac:40:44:f4:a0:fa:
18:d0:7f:ee:c0:c6:33:93:e2:f2:c3:01:e1:a7:18:e1:22:1e:
d8:24:4e:20:53:4a:0a:fd:9a:c0:49:c7:37:9f:49:94:45:b5:
25:cc:e4:d7:f5:7d:cf:42:4d:bd:7f:23:f8:82:bc:7d:da:41:
9e:6e:61:42
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZHrdhF2c0Wli68K7g1KTDcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzgyMWE3Yzg3NjFlMDgxMjFlNzBjOWZmNDJmZjliNmFk
MzRlNTEwHhcNMjQwOTEzMTI1NzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY1MDU1M2QyYWI3ZGJjZjViMTNhNzFhMWE0YmFkY2ZhMjI2ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcR4gDqrE45ev8kCoHW5rhDzdt4+
NtwTgVEYANu258BGAnrUcTwJxfXVq3MtpRbHmEaYGKEi6iUImR00WTQfm227Lv/m
LNidGmTplsU5I63FAuDmPx44qAfN+Rc2oc2OzXtd4hIbz6pdWBkHLg5Nux24170Y
YhrEU9adV+nC7FL+Zz/Q09jrGsjLBsfpG6zMcy68ovfTM0yBxq23w9GEm6qZS2l6
lzobXXQ+vFsnDAAKONt4rcVxApxD/kzFuRjr2eQ8fh+uHAK15uusZ490Jg11AihV
3Sz9Ugyt3UTD4gqhUSMOjny4svO9R6/WcllpoDEXFhr6xPuNS50R8telPQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFF1lBVPSq3289bE6caGkutz6Im2KMB8GA1UdIwQY
MBaAFNh4IafIdh4IEh5wyf9C/5tq005RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMt
NWFhNjIwYTgxMTQ5LzEvWFdVRlU5S3JmYnoxc1RweG9hUzYzUG9pYllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lNTcyNWItMzEyOC00NGIzLTlmODMtNWFhNjIwYTgxMTQ5
LzEvMkhnaHA4aDJIZ2dTSG5ESl8wTF9tMnJUVGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDASBAIAATAMAwQAiisLAwQB
2ZO0MB4EAgACMBgDBgAqCykAEQMGACoLKQAfAwYAKgspAP8wDQYJKoZIhvcNAQEL
BQADggEBAEsYh4EJ1g5BiCXucjEQVBDqR7w5NBYmW9bQhHC16PK/8Su+64ZjsNnj
RbJzpyzDk+uMQrkIAmT0fG92NgBTG4micSz4UE3UVipnfhffvsYOLZn+L/6vcMIF
2voEk1XfhO2rJELSolKfGDY2rDWN5RAdx0Fc4ytggKsrSMBUX4xzYkh5Q03E8eoL
s8ttdLGqMk6dBcmhKyDpzo1FS0PIu6cui84I865b+XvAGzyWoyrFvTjJkiUrT40/
v1YN5x55C6xARPSg+hjQf+7AxjOT4vLDAeGnGOEiHtgkTiBTSgr9msBJxzefSZRF
tSXM5Nf1fc9CTb1/I/iCvH3aQZ5uYUI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:07 2025 by rpki-client