Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/XLnYDFLIENO9zhN2wIm9i-cwddQ.roa
File: XLnYDFLIENO9zhN2wIm9i-cwddQ.roa (raw, json)
Hash identifier: zOC+NzcdddHYpxta9bUxb6Yxqp0Hb8dYVq9TItFxrNA=
Subject key identifier: 5C:B9:D8:0C:52:C8:10:D3:BD:CE:13:76:C0:89:BD:8B:E7:30:75:D4
Certificate issuer: /CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Certificate serial: 018CC5010BF2CCEBF87CCC5C1256BC8B2627
Authority key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/XLnYDFLIENO9zhN2wIm9i-cwddQ.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57293
IP address blocks: 149.255.144.0/21 maxlen: 21
149.255.144.0/20 maxlen: 20
5.197.240.0/20 maxlen: 20
185.146.112.0/22 maxlen: 22
5.197.208.0/20 maxlen: 20
5.197.0.0/17 maxlen: 17
5.197.224.0/20 maxlen: 20
5.197.0.0/16 maxlen: 21
149.255.152.0/21 maxlen: 21
5.197.128.0/17 maxlen: 17
5.197.128.0/21 maxlen: 21
5.197.128.0/20 maxlen: 20
5.197.136.0/21 maxlen: 21
5.197.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 01 Feb 2024 09:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0b:f2:cc:eb:f8:7c:cc:5c:12:56:bc:8b:26:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cb9d80c52c810d3bdce1376c089bd8be73075d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f7:48:aa:16:62:4f:bf:0d:6b:5c:16:d1:66:
36:59:5c:bc:23:4d:15:7b:db:92:66:db:bf:af:5d:
ff:5f:db:f2:a0:51:c3:35:40:58:4c:68:0f:fc:7b:
73:71:e2:00:9d:39:cd:fe:d1:f8:c1:dd:19:42:c5:
29:21:d2:f9:a7:89:42:25:2d:8d:77:8f:bd:00:32:
4e:7a:8a:89:bf:b2:04:fa:ba:17:f1:cc:e1:93:84:
ee:a9:10:df:8f:29:15:db:01:89:5f:1a:fd:f5:6f:
ac:12:44:17:e5:6a:5f:91:2f:ab:9b:f2:09:2f:c8:
f2:2b:6b:6e:e7:5b:9c:e1:ae:b3:86:13:8c:71:e0:
c0:e0:39:13:fc:3f:98:62:c5:6f:ba:7d:bc:c9:9a:
e6:81:8f:cc:f2:ca:9e:d2:c2:93:57:c0:58:a2:e8:
de:1c:ed:55:79:7f:15:d0:30:0c:ed:36:1f:5f:9c:
3f:50:51:ec:af:8a:5b:73:de:53:54:89:3c:52:c1:
84:a9:9b:dc:d5:96:44:77:b2:7f:d0:51:c3:f0:58:
9d:68:8f:90:7c:dd:07:3e:ee:4c:c0:8e:dc:9c:54:
bc:65:d4:ae:ae:fd:8b:cf:ee:2c:d4:79:af:77:99:
90:c7:5a:82:c3:f8:db:c3:46:2a:6f:e0:05:d5:f0:
01:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B9:D8:0C:52:C8:10:D3:BD:CE:13:76:C0:89:BD:8B:E7:30:75:D4
X509v3 Authority Key Identifier:
keyid:6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/XLnYDFLIENO9zhN2wIm9i-cwddQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.197.0.0/16
149.255.144.0/20
185.146.112.0/22
Signature Algorithm: sha256WithRSAEncryption
10:85:c1:04:84:c6:19:8c:4d:4c:a9:31:b8:0f:ac:06:e1:8e:
e4:59:9d:a1:5b:74:4d:41:f6:ea:20:d7:fd:e8:c7:06:c3:23:
cc:d6:fd:19:36:b1:88:66:09:59:24:53:e3:45:ec:12:3f:9f:
f8:a4:4e:8e:7d:35:4a:11:53:69:7a:6e:f5:e4:26:9a:44:56:
60:51:ee:f5:66:c5:29:21:00:a3:e6:57:e9:bf:7f:1f:07:fd:
af:74:46:9e:50:39:40:1f:aa:74:7d:5c:f9:9e:ae:a4:eb:30:
ee:07:9d:da:a8:33:f4:b4:78:1b:98:9e:0e:bb:3d:67:91:08:
19:11:5c:7a:48:43:c9:4d:f2:77:f1:0f:43:12:a3:95:f5:43:
a2:11:fa:d0:64:11:91:f1:16:77:02:35:65:85:43:2d:54:dc:
2e:30:10:a3:89:cc:26:32:3e:0f:d2:18:3e:36:f4:09:a9:dc:
76:1a:56:d1:75:64:63:74:f2:d1:d5:6f:04:78:03:3f:91:d8:
07:19:88:c2:24:34:b3:8e:d9:7c:94:09:e4:d5:f9:a9:44:c0:
89:80:fc:ed:3f:26:3d:3b:87:a0:62:67:46:e3:0f:de:55:ee:
e1:98:e4:fb:48:aa:fb:d8:d1:5f:b7:54:75:ef:6f:6a:29:80:
5d:21:fc:78
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzFAQvyzOv4fMxcEla8iyYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjA4MThiMTg2YjBiOWNiMDlhZjU0MjBkMWU1YWUzMzRm
ZTM5NzQwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I5ZDgwYzUyYzgxMGQzYmRjZTEzNzZjMDg5YmQ4YmU3MzA3NWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfdIqhZiT78Na1wW0WY2WVy8I00V
e9uSZtu/r13/X9vyoFHDNUBYTGgP/HtzceIAnTnN/tH4wd0ZQsUpIdL5p4lCJS2N
d4+9ADJOeoqJv7IE+roX8czhk4TuqRDfjykV2wGJXxr99W+sEkQX5WpfkS+rm/IJ
L8jyK2tu51uc4a6zhhOMceDA4DkT/D+YYsVvun28yZrmgY/M8sqe0sKTV8BYouje
HO1VeX8V0DAM7TYfX5w/UFHsr4pbc95TVIk8UsGEqZvc1ZZEd7J/0FHD8FidaI+Q
fN0HPu5MwI7cnFS8ZdSurv2Lz+4s1Hmvd5mQx1qCw/jbw0Yqb+AF1fAB6QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFFy52AxSyBDTvc4TdsCJvYvnMHXUMB8GA1UdIwQY
MBaAFGsggYsYawucsJr1Qg0eWuM0/jl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDct
ZTVjOWMyZThlOWJmLzEvWExuWURGTElFTk85emhOMndJbTlpLWN3ZGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDctZTVjOWMyZThlOWJm
LzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMABcUDBASV
/5ADBAK5knAwDQYJKoZIhvcNAQELBQADggEBABCFwQSExhmMTUypMbgPrAbhjuRZ
naFbdE1B9uog1/3oxwbDI8zW/Rk2sYhmCVkkU+NF7BI/n/ikTo59NUoRU2l6bvXk
JppEVmBR7vVmxSkhAKPmV+m/fx8H/a90Rp5QOUAfqnR9XPmerqTrMO4HndqoM/S0
eBuYng67PWeRCBkRXHpIQ8lN8nfxD0MSo5X1Q6IR+tBkEZHxFncCNWWFQy1U3C4w
EKOJzCYyPg/SGD429Amp3HYaVtF1ZGN08tHVbwR4Az+R2AcZiMIkNLOO2XyUCeTV
+alEwImA/O0/Jj07h6BiZ0bjD95V7uGY5PtIqvvY0V+3VHXvb2opgF0h/Hg=
-----END CERTIFICATE-----
Generated at Thu Feb 1 13:29:06 2024 by rpki-client on console-fra.rpki-client.org