Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XGZ7FVowDaTW0pqYoY9rfWxtLzk.roa
File: XGZ7FVowDaTW0pqYoY9rfWxtLzk.roa (raw, json)
Hash identifier: Kpk42KP0XCAcSLMK45ahr4zWmbIKzlOk66NdNvb/Gag=
Subject key identifier: 5C:66:7B:15:5A:30:0D:A4:D6:D2:9A:98:A1:8F:6B:7D:6C:6D:2F:39
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018BC7EB7030077CE79AC0543836265C859A
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XGZ7FVowDaTW0pqYoY9rfWxtLzk.roa
Signing time: Mon 13 Nov 2023 09:02:57 +0000
ROA not before: Mon 13 Nov 2023 09:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 45.92.229.0/24 maxlen: 24
45.86.202.0/24 maxlen: 24
45.86.200.0/24 maxlen: 24
136.144.17.0/24 maxlen: 24
193.37.33.0/24 maxlen: 24
193.37.32.0/24 maxlen: 24
136.144.19.0/24 maxlen: 24
194.5.48.0/24 maxlen: 24
136.144.33.0/24 maxlen: 24
194.5.53.0/24 maxlen: 24
136.144.42.0/24 maxlen: 24
194.34.173.0/24 maxlen: 24
45.84.216.0/24 maxlen: 24
193.36.224.0/24 maxlen: 24
193.36.225.0/24 maxlen: 24
45.95.243.0/24 maxlen: 24
193.176.211.0/24 maxlen: 24
45.154.138.0/24 maxlen: 24
45.146.54.0/24 maxlen: 24
2a0f:e387::/32 maxlen: 48
2a0f:e386::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Nov 2023 07:46:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:eb:70:30:07:7c:e7:9a:c0:54:38:36:26:5c:85:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 13 09:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c667b155a300da4d6d29a98a18f6b7d6c6d2f39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:22:32:0f:eb:d7:4d:fc:d8:6d:68:ce:e7:c9:
80:80:36:c9:a0:9e:6c:04:10:5c:1f:8e:52:9c:dd:
71:ae:db:00:7d:f2:64:f9:40:d7:df:a6:db:12:9c:
46:60:20:71:85:d8:fa:34:d6:54:23:b1:e2:cf:cc:
c8:8c:fb:e9:69:b8:8d:fc:86:9f:89:97:7f:78:94:
ca:1e:e5:d6:b9:31:e3:a5:97:d2:89:1a:a1:ed:c8:
a5:66:3c:8c:88:25:68:ac:39:02:bd:8a:4e:71:40:
73:08:67:03:ea:57:a0:ef:87:5b:c7:e4:5e:0e:0a:
58:1d:51:29:72:ca:9d:35:cc:56:47:50:f2:91:31:
ab:1d:5f:f4:8a:cb:b5:04:5e:89:70:9e:d6:e0:f5:
b8:1f:e3:1d:d4:e8:9a:fe:e9:99:62:76:55:2d:07:
18:b3:06:9d:6b:0a:55:17:46:41:9a:50:2e:e1:b8:
76:e0:c3:f7:7a:9d:e7:7f:e6:39:27:f1:3c:c0:25:
ad:c8:7e:a6:4c:2a:45:de:e8:99:28:d6:9e:46:47:
0f:07:c2:6f:0d:7d:52:eb:7e:4b:bb:88:1f:74:2a:
f6:d6:dc:d2:8b:c4:81:b1:13:bc:67:ab:ca:ae:df:
48:8c:27:28:9d:da:5e:d8:a3:d1:43:ac:5b:7f:a6:
76:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:66:7B:15:5A:30:0D:A4:D6:D2:9A:98:A1:8F:6B:7D:6C:6D:2F:39
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/XGZ7FVowDaTW0pqYoY9rfWxtLzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.216.0/24
45.86.200.0/24
45.86.202.0/24
45.92.229.0/24
45.95.243.0/24
45.146.54.0/24
45.154.138.0/24
136.144.17.0/24
136.144.19.0/24
136.144.33.0/24
136.144.42.0/24
193.36.224.0/23
193.37.32.0/23
193.176.211.0/24
194.5.48.0/24
194.5.53.0/24
194.34.173.0/24
IPv6:
2a0f:e386::/31
Signature Algorithm: sha256WithRSAEncryption
7b:37:24:3f:a5:a0:bf:10:d8:a5:fe:6e:dc:4d:b6:ef:48:a5:
50:53:59:f1:8c:54:f7:53:98:47:48:a8:ed:61:6c:85:50:e8:
dd:67:d5:36:80:56:8c:78:dc:77:fa:00:32:96:1d:f9:26:c7:
04:b9:fa:69:ee:a9:14:83:ce:e1:d3:07:1b:e9:9c:17:af:58:
7e:72:53:13:0f:7a:6b:90:89:19:18:40:90:0a:ab:58:89:2f:
cb:12:8a:5a:e0:38:34:51:40:29:be:3a:84:8a:f7:a7:e5:12:
0f:78:a4:08:c7:e6:46:2e:ed:85:15:a0:b3:ae:52:40:91:16:
92:d7:ca:61:9c:11:55:89:58:88:6a:de:98:b1:19:e9:a4:f0:
82:95:64:7c:29:72:20:35:e6:e9:e8:7f:58:74:4b:f0:ea:8c:
8c:de:2a:0a:1b:1e:15:0e:d7:b0:a3:44:4d:f0:c3:84:c5:aa:
50:26:14:f4:6c:42:61:54:b1:29:0b:82:22:44:33:9a:82:07:
9d:b5:e6:38:10:d9:38:1b:0e:a8:1a:c4:48:89:58:84:d8:fc:
5f:ee:94:b9:22:9c:24:b0:36:5f:43:cf:ae:b5:74:41:9c:5c:
96:6d:6b:7c:68:4f:3b:0c:4b:93:df:d0:5f:bd:1c:73:bd:20:
b2:0d:d4:a1
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYvH63AwB3znmsBUODYmXIWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTEzMDkwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY2N2IxNTVhMzAwZGE0ZDZkMjlhOThhMThmNmI3ZDZjNmQyZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCIyD+vXTfzYbWjO58mAgDbJoJ5s
BBBcH45SnN1xrtsAffJk+UDX36bbEpxGYCBxhdj6NNZUI7Hiz8zIjPvpabiN/Iaf
iZd/eJTKHuXWuTHjpZfSiRqh7cilZjyMiCVorDkCvYpOcUBzCGcD6leg74dbx+Re
DgpYHVEpcsqdNcxWR1DykTGrHV/0isu1BF6JcJ7W4PW4H+Md1Oia/umZYnZVLQcY
swadawpVF0ZBmlAu4bh24MP3ep3nf+Y5J/E8wCWtyH6mTCpF3uiZKNaeRkcPB8Jv
DX1S635Lu4gfdCr21tzSi8SBsRO8Z6vKrt9IjCcondpe2KPRQ6xbf6Z2MwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFFxmexVaMA2k1tKamKGPa31sbS85MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWEdaN0ZWb3dEYVRXMHBxWW9ZOXJmV3h0THprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAC1U2AME
AC1WyAMEAC1WygMEAC1c5QMEAC1f8wMEAC2SNgMEAC2aigMEAIiQEQMEAIiQEwME
AIiQIQMEAIiQKgMEAcEk4AMEAcElIAMEAMGw0wMEAMIFMAMEAMIFNQMEAMIirTAN
BAIAAjAHAwUBKg/jhjANBgkqhkiG9w0BAQsFAAOCAQEAezckP6WgvxDYpf5u3E22
70ilUFNZ8YxU91OYR0io7WFshVDo3WfVNoBWjHjcd/oAMpYd+SbHBLn6ae6pFIPO
4dMHG+mcF69YfnJTEw96a5CJGRhAkAqrWIkvyxKKWuA4NFFAKb46hIr3p+USD3ik
CMfmRi7thRWgs65SQJEWktfKYZwRVYlYiGremLEZ6aTwgpVkfClyIDXm6eh/WHRL
8OqMjN4qChseFQ7XsKNETfDDhMWqUCYU9GxCYVSxKQuCIkQzmoIHnbXmOBDZOBsO
qBrESIlYhNj8X+6UuSKcJLA2X0PPrrV0QZxclm1rfGhPOwxLk9/QX70cc70gsg3U
oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org