Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/X8pDxZtYk5NWbMGVrxoN3H_QcJg.roa
File: X8pDxZtYk5NWbMGVrxoN3H_QcJg.roa (raw, json)
Hash identifier: 2MaNmKdeCE9uYjT7g7YNQhzLPUthJCFNYnBz4xdQ8Lg=
Subject key identifier: 5F:CA:43:C5:9B:58:93:93:56:6C:C1:95:AF:1A:0D:DC:7F:D0:70:98
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018CC6B9327FAE8E466ABBBDBFB1E9C9FBAA
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/X8pDxZtYk5NWbMGVrxoN3H_QcJg.roa
Signing time: Mon 01 Jan 2024 20:31:14 +0000
ROA not before: Mon 01 Jan 2024 20:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50131
IP address blocks: 178.22.30.0/24 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.142.156.0/24 maxlen: 32
94.154.114.0/24 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
188.93.139.0/24 maxlen: 32
45.150.226.0/23 maxlen: 32
193.218.200.0/23 maxlen: 32
45.154.212.0/22 maxlen: 32
193.221.94.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.151.132.0/22 maxlen: 32
45.145.74.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Fri 26 Jan 2024 06:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:32:7f:ae:8e:46:6a:bb:bd:bf:b1:e9:c9:fb:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 1 20:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fca43c59b589393566cc195af1a0ddc7fd07098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:68:6d:19:1d:83:2a:5f:f4:98:f0:ba:c7:8b:
a4:48:8d:3f:21:45:df:20:45:62:9e:b5:11:5e:c8:
4f:1f:58:4c:12:7c:9f:46:e9:4e:6b:d6:7e:38:e8:
e8:ba:c0:95:f5:7b:a0:f4:e0:ff:14:66:c9:f4:e7:
03:9b:d4:55:ee:76:c5:ab:c3:9d:c3:21:17:93:8d:
64:00:07:38:63:9e:43:95:0b:05:5e:69:36:21:52:
f3:0f:10:90:42:13:99:35:1d:3e:ad:3d:29:e1:91:
0e:0c:dd:0a:c1:a1:2f:9b:4f:fa:a8:9c:cf:bf:aa:
09:5d:ab:c9:e1:19:7c:76:ef:be:96:84:37:c7:f2:
c0:07:fc:87:51:4a:a4:9d:bf:f6:c4:11:2a:e7:f9:
bb:01:e6:fa:93:70:19:d8:5e:a6:41:86:c1:53:7a:
3b:a0:50:0f:1f:1a:29:37:0e:a7:91:f0:59:f0:4c:
ef:0d:72:38:3d:57:f2:5f:03:1a:a5:18:f9:87:db:
a8:0d:ac:ab:db:b3:0a:a7:fe:88:bd:7c:97:96:39:
79:7e:f7:4f:52:f3:d0:e6:8b:f4:68:72:10:e7:b6:
a8:48:6e:26:23:a6:78:10:86:9c:b9:59:70:94:50:
1d:dd:06:ee:1b:6e:1a:07:4d:3b:57:de:67:65:7f:
e6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CA:43:C5:9B:58:93:93:56:6C:C1:95:AF:1A:0D:DC:7F:D0:70:98
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/X8pDxZtYk5NWbMGVrxoN3H_QcJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
94.154.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
5d:e7:17:9d:00:1f:aa:40:17:5f:ff:77:9f:9f:d2:1f:a7:d9:
3d:59:72:3a:21:b7:e1:a0:66:21:fa:c0:4a:2d:cc:a4:cc:92:
5c:97:89:01:cc:a4:98:22:66:8f:27:ff:cc:67:91:93:6f:2b:
b8:66:21:e9:f1:3a:a4:3a:b5:c1:10:96:e0:8c:68:3a:fe:af:
ef:dc:c2:69:d0:a6:b6:3d:f4:ce:de:cb:57:9a:ab:9f:53:30:
17:7d:2b:6b:3f:9d:95:d8:12:43:b2:da:73:9a:69:95:bd:e8:
bb:65:ea:01:ba:fc:af:cc:6c:1b:67:83:3f:0e:cc:dc:15:12:
ba:f7:ab:07:7a:b1:ee:f5:bc:22:6b:7a:8a:1a:23:a1:02:90:
15:84:12:47:6e:5d:d5:4a:70:8d:fd:b8:58:6a:08:59:68:ad:
62:f0:48:97:b1:78:b1:ae:6e:62:61:ca:5f:8c:33:ce:1c:78:
03:04:a4:ac:37:9d:50:cd:38:81:86:2f:93:7b:75:84:cc:d7:
75:29:0f:c6:64:c7:d6:dd:f8:46:eb:9f:61:8a:47:7f:13:10:
e3:65:58:f5:18:5f:08:a3:be:53:1e:07:c7:36:b6:81:c3:39:
f0:7a:a5:48:dd:6f:7a:12:b7:eb:83:a6:1a:4b:a1:85:4a:48:
65:43:f4:24
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzGuTJ/ro5Garu9v7HpyfuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTAxMjAzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNhNDNjNTliNTg5MzkzNTY2Y2MxOTVhZjFhMGRkYzdmZDA3MDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWhtGR2DKl/0mPC6x4ukSI0/IUXf
IEVinrURXshPH1hMEnyfRulOa9Z+OOjousCV9Xug9OD/FGbJ9OcDm9RV7nbFq8Od
wyEXk41kAAc4Y55DlQsFXmk2IVLzDxCQQhOZNR0+rT0p4ZEODN0KwaEvm0/6qJzP
v6oJXavJ4Rl8du++loQ3x/LAB/yHUUqknb/2xBEq5/m7Aeb6k3AZ2F6mQYbBU3o7
oFAPHxopNw6nkfBZ8EzvDXI4PVfyXwMapRj5h9uoDayr27MKp/6IvXyXljl5fvdP
UvPQ5ov0aHIQ57aoSG4mI6Z4EIacuVlwlFAd3QbuG24aB007V95nZX/mzwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFF/KQ8WbWJOTVmzBla8aDdx/0HCYMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvWDhwRHhadFlrNU5XYk1HVnJ4b04zSF9RY0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwYgQCAAEwXAMEAi2OnAME
Ai2RSAMEAi2WpAMEAS2W4gMEAi2XhAMEAi2a1AMEAF6acgMEALIWHgMEALxdiwME
AcHayAMEAcHdXgMEAcJ82gMEAcJ84DAMAwQBwpNiAwQBwpNkMA4EAgACMAgDBgYq
DtpAQDANBgkqhkiG9w0BAQsFAAOCAQEAXecXnQAfqkAXX/93n5/SH6fZPVlyOiG3
4aBmIfrASi3MpMySXJeJAcykmCJmjyf/zGeRk28ruGYh6fE6pDq1wRCW4IxoOv6v
79zCadCmtj30zt7LV5qrn1MwF30raz+dldgSQ7Lac5pplb3ou2XqAbr8r8xsG2eD
Pw7M3BUSuverB3qx7vW8Imt6ihojoQKQFYQSR25d1Upwjf24WGoIWWitYvBIl7F4
sa5uYmHKX4wzzhx4AwSkrDedUM04gYYvk3t1hMzXdSkPxmTH1t34RuufYYpHfxMQ
42VY9RhfCKO+Ux4Hxza2gcM58HqlSN1vehK364OmGkuhhUpIZUP0JA==
-----END CERTIFICATE-----
Generated at Fri Jan 26 10:21:21 2024 by rpki-client on console-ams.rpki-client.org