Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/xX2nE_IkP588Qr18UR7YnZXWVgc.roa
File: xX2nE_IkP588Qr18UR7YnZXWVgc.roa (raw, json)
Hash identifier: WeREguVP2oq2x+OM6VphsTgRzCmWloT4B5YBLcRua/Q=
Subject key identifier: C5:7D:A7:13:F2:24:3F:9F:3C:42:BD:7C:51:1E:D8:9D:95:D6:56:07
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 018D615E72CDB93137737E1DD66F94656B50
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/xX2nE_IkP588Qr18UR7YnZXWVgc.roa
Signing time: Wed 31 Jan 2024 21:13:16 +0000
ROA not before: Wed 31 Jan 2024 21:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50131
IP address blocks: 45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
91.246.39.0/24 maxlen: 24
94.154.114.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
212.18.111.0/24 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Sat 10 Feb 2024 20:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:61:5e:72:cd:b9:31:37:73:7e:1d:d6:6f:94:65:6b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Jan 31 21:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c57da713f2243f9f3c42bd7c511ed89d95d65607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:21:cd:54:31:94:6a:c9:33:46:d8:a7:60:
08:bf:85:71:54:dd:8b:9c:4f:2b:4f:ac:a5:b3:bb:
8e:4a:70:1a:d7:d4:df:e6:c0:60:48:ca:68:03:98:
f5:89:cf:c4:8c:4c:03:bc:df:27:d5:fb:21:56:cf:
a5:bd:7c:77:a8:ec:a4:09:15:b4:f0:f5:c2:3e:bf:
a4:ab:e1:8e:04:b6:41:f8:69:2b:32:80:2d:01:f2:
1f:29:35:c2:d9:dc:b0:90:c6:bc:4d:30:57:97:5f:
c6:2f:c1:ef:b0:04:ed:93:5c:38:2d:b2:9f:6d:39:
15:99:e8:24:c9:c8:be:3d:aa:33:a1:bd:0f:cc:62:
b7:50:d7:51:2b:e7:e0:56:a0:d7:6b:68:a1:c9:d8:
0a:89:ef:70:9e:ec:1a:22:23:6a:d3:cc:a6:2b:b9:
d3:f7:17:cf:28:4d:1e:09:e0:13:47:f4:d6:16:dc:
1b:5d:48:48:7f:b7:f3:67:28:46:9d:6b:61:91:19:
fa:93:27:e0:05:57:94:50:d6:f2:41:c3:06:a1:0b:
27:b7:1d:8c:dc:fc:56:34:12:31:a7:95:95:cc:5c:
a5:3d:e4:fb:45:72:08:12:73:ce:e3:79:a2:a0:75:
85:e6:0b:01:21:b2:b2:8e:f2:f2:69:73:d8:a8:10:
64:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7D:A7:13:F2:24:3F:9F:3C:42:BD:7C:51:1E:D8:9D:95:D6:56:07
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/xX2nE_IkP588Qr18UR7YnZXWVgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
91.246.39.0/24
94.154.114.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
212.18.111.0/24
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
a4:ee:ba:67:19:ec:4b:f2:93:ec:41:76:f1:bb:2a:68:73:84:
29:71:6a:24:b1:4f:63:25:d9:ba:94:59:55:dd:24:23:bb:ac:
e2:0f:30:26:3e:59:71:98:c1:48:5f:fe:8d:8a:69:8e:2c:44:
9d:ea:9a:63:fd:db:68:0a:a1:e7:6d:e8:66:1d:df:ee:aa:8b:
ba:81:7a:c9:4b:10:45:01:5d:5b:67:f8:e4:65:65:13:db:be:
80:73:2e:6b:60:73:cf:ea:88:33:7f:bb:7b:76:cd:73:0b:b5:
1c:aa:08:29:b5:a7:89:c8:e4:3d:8b:e3:11:a2:b2:05:8c:98:
52:c2:de:57:de:33:b9:ef:7c:bf:03:e9:c4:4b:75:8b:ba:b3:
04:df:2c:e3:7c:82:d6:de:a1:5b:4f:dc:12:5a:5e:52:34:73:
fe:5f:ca:7b:83:3f:4d:62:5e:31:84:7c:9b:e3:4d:f9:05:0d:
35:25:00:7b:f7:84:79:d5:de:08:76:f9:24:d5:51:bd:da:72:
97:78:ae:33:38:a9:bc:53:77:bd:44:ea:c2:de:8d:e3:0e:82:
78:c5:b6:05:86:c5:a8:b9:d3:e2:13:ba:eb:28:52:b9:3a:50:
f2:9c:7c:69:73:f9:71:0a:ae:5b:9b:f4:42:33:bf:1d:0d:73:
75:1f:e2:3e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY1hXnLNuTE3c34d1m+UZWtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQwMTMxMjExMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTdkYTcxM2YyMjQzZjlmM2M0MmJkN2M1MTFlZDg5ZDk1ZDY1NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjkhzVQxlGrJM0bYp2AIv4VxVN2L
nE8rT6yls7uOSnAa19Tf5sBgSMpoA5j1ic/EjEwDvN8n1fshVs+lvXx3qOykCRW0
8PXCPr+kq+GOBLZB+GkrMoAtAfIfKTXC2dywkMa8TTBXl1/GL8HvsATtk1w4LbKf
bTkVmegkyci+Paozob0PzGK3UNdRK+fgVqDXa2ihydgKie9wnuwaIiNq08ymK7nT
9xfPKE0eCeATR/TWFtwbXUhIf7fzZyhGnWthkRn6kyfgBVeUUNbyQcMGoQsntx2M
3PxWNBIxp5WVzFylPeT7RXIIEnPO43mioHWF5gsBIbKyjvLyaXPYqBBkJQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMV9pxPyJD+fPEK9fFEe2J2V1lYHMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEveFgybkVfSWtQNTg4UXIxOFVSN1luWlhXVmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB0BAIAATBuAwQCLY6c
AwQCLZFIAwQCLZakAwQBLZbiAwQCLZeEAwQCLZrUAwQAW/YnAwQAXppyAwQAshYe
AwQAvF2LAwQBwdrIAwQBwd1eAwQBwnzaAwQBwnzgMAwDBAHCk2IDBAHCk2QDBADU
Em8DBADZci8wDgQCAAIwCAMGBioO2kBAMA0GCSqGSIb3DQEBCwUAA4IBAQCk7rpn
GexL8pPsQXbxuypoc4QpcWoksU9jJdm6lFlV3SQju6ziDzAmPllxmMFIX/6NimmO
LESd6ppj/dtoCqHnbehmHd/uqou6gXrJSxBFAV1bZ/jkZWUT276Acy5rYHPP6ogz
f7t7ds1zC7UcqggptaeJyOQ9i+MRorIFjJhSwt5X3jO573y/A+nES3WLurME3yzj
fILW3qFbT9wSWl5SNHP+X8p7gz9NYl4xhHyb4035BQ01JQB794R51d4Idvkk1VG9
2nKXeK4zOKm8U3e9ROrC3o3jDoJ4xbYFhsWoudPiE7rrKFK5OlDynHxpc/lxCq5b
m/RCM78dDXN1H+I+
-----END CERTIFICATE-----
Generated at Sat Feb 10 20:59:07 2024 by rpki-client on console-fra.rpki-client.org