Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/xSXhSVmFVvD17Gb3jkF6p6vOQ18.roa
File: xSXhSVmFVvD17Gb3jkF6p6vOQ18.roa (raw, json)
Hash identifier: lHg7+wki3GxQaa7ZskWyTXRgjjDcF4oasMMiCQE0KwM=
Subject key identifier: C5:25:E1:49:59:85:56:F0:F5:EC:66:F7:8E:41:7A:A7:AB:CE:43:5F
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018CC649E0D4BDB493FC45E8A64C6273B445
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/xSXhSVmFVvD17Gb3jkF6p6vOQ18.roa
Signing time: Mon 01 Jan 2024 18:29:39 +0000
ROA not before: Mon 01 Jan 2024 18:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8966
IP address blocks: 195.229.3.0/24 maxlen: 24
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.2.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.177.128/25 maxlen: 25
31.219.180.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 08 Feb 2024 08:35:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e0:d4:bd:b4:93:fc:45:e8:a6:4c:62:73:b4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 18:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c525e149598556f0f5ec66f78e417aa7abce435f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:59:46:74:c2:eb:39:78:89:58:5d:2e:26:d7:
73:83:2c:ae:ac:e1:79:3e:6b:6e:66:9b:6e:e2:59:
c1:b2:0f:25:1e:a9:00:dc:ad:27:c8:3f:3a:8f:c6:
3b:9a:ff:92:a5:81:a1:8d:95:30:c3:ce:7f:7d:8c:
aa:e2:fb:ec:ed:ba:52:14:d5:60:a2:c0:f0:aa:3a:
66:b2:1c:01:d5:b1:11:c0:b0:2a:0e:9d:a7:70:13:
af:6c:72:39:f7:6b:18:0e:35:b0:15:72:43:2b:cb:
66:ba:65:41:6f:19:79:55:ae:83:97:ad:f2:0c:00:
58:0d:77:48:f1:d5:81:2a:f9:29:30:ec:62:6e:c0:
b7:c6:03:c8:42:23:0b:45:06:cc:de:b1:fd:0a:90:
0d:6c:db:d1:6e:f3:d1:84:da:bb:a7:e8:3a:45:4d:
74:7f:35:97:db:ad:dc:b9:b5:93:1d:b8:51:1a:bd:
b8:2e:2d:68:47:90:d9:0f:93:1d:7b:9c:6c:38:cf:
35:1c:0b:47:e6:fb:b8:89:53:e6:19:81:2e:b8:2e:
ca:6b:1e:ee:74:44:e6:ed:22:d0:a3:b2:63:e1:e6:
cd:6a:9d:0c:ce:f2:d3:e7:fb:24:5b:99:8d:2a:73:
d5:09:4f:00:bb:22:4e:c1:80:9c:8d:b9:47:ca:ad:
11:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:25:E1:49:59:85:56:F0:F5:EC:66:F7:8E:41:7A:A7:AB:CE:43:5F
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/xSXhSVmFVvD17Gb3jkF6p6vOQ18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
2f:5c:28:e6:7a:3c:29:9b:8a:44:72:cc:e4:54:ab:25:c0:30:
57:e7:19:28:00:f7:5f:55:72:43:75:1a:50:bc:32:21:26:d2:
df:00:84:fc:72:a8:21:02:a4:60:94:96:ea:7b:8f:2d:8d:83:
40:d4:57:52:01:a9:b0:08:4c:f9:03:fa:a3:25:aa:83:aa:e4:
e2:41:1c:93:ee:80:48:d1:d8:ee:43:f9:a6:af:33:40:04:67:
00:24:38:43:f4:f7:e4:56:84:a3:06:7d:0a:ff:61:44:7c:a9:
0a:e1:7e:b7:9d:fd:71:25:e1:a1:86:e8:12:d2:64:47:f4:7a:
68:4c:0b:ec:c0:39:9b:fe:21:e0:22:cc:c1:14:04:b2:71:a3:
c8:e0:5f:db:f5:ac:7d:c2:12:ba:39:c5:e3:1f:3d:f7:0d:ca:
cf:9b:18:65:23:63:a9:91:1c:33:59:35:24:be:ba:0c:3f:65:
da:05:ed:ab:9b:b2:d0:8e:9b:b3:32:47:b0:49:75:87:24:69:
32:05:b8:49:80:89:21:bf:06:7e:98:d2:7f:07:2d:f4:85:0e:
cb:dd:1a:4b:35:a4:f8:fc:ac:55:e2:69:31:ef:59:26:e9:0b:
80:d1:64:5d:1a:a5:4e:7e:7f:d1:3b:44:8d:a2:07:91:82:f3:
45:32:06:6f
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzGSeDUvbST/EXopkxic7RFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjQwMTAxMTgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTI1ZTE0OTU5ODU1NmYwZjVlYzY2Zjc4ZTQxN2FhN2FiY2U0MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsllGdMLrOXiJWF0uJtdzgyyurOF5
PmtuZptu4lnBsg8lHqkA3K0nyD86j8Y7mv+SpYGhjZUww85/fYyq4vvs7bpSFNVg
osDwqjpmshwB1bERwLAqDp2ncBOvbHI592sYDjWwFXJDK8tmumVBbxl5Va6Dl63y
DABYDXdI8dWBKvkpMOxibsC3xgPIQiMLRQbM3rH9CpANbNvRbvPRhNq7p+g6RU10
fzWX263cubWTHbhRGr24Li1oR5DZD5Mde5xsOM81HAtH5vu4iVPmGYEuuC7Kax7u
dETm7SLQo7Jj4ebNap0MzvLT5/skW5mNKnPVCU8AuyJOwYCcjblHyq0RQwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMUl4UlZhVbw9exm945BeqerzkNfMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEveFNYaFNWbUZWdkQxN0diM2prRjZwNnZPUTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQBBcOmAwQC
BcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqroDBAXD5QAD
BADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQADggEBAC9cKOZ6PCmb
ikRyzORUqyXAMFfnGSgA919VckN1GlC8MiEm0t8AhPxyqCECpGCUlup7jy2Ng0DU
V1IBqbAITPkD+qMlqoOq5OJBHJPugEjR2O5D+aavM0AEZwAkOEP09+RWhKMGfQr/
YUR8qQrhfred/XEl4aGG6BLSZEf0emhMC+zAOZv+IeAizMEUBLJxo8jgX9v1rH3C
Ero5xeMfPfcNys+bGGUjY6mRHDNZNSS+ugw/ZdoF7aubstCOm7MyR7BJdYckaTIF
uEmAiSG/Bn6Y0n8HLfSFDsvdGks1pPj8rFXiaTHvWSbpC4DRZF0apU5+f9E7RI2i
B5GC80UyBm8=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:33:26 2025 by rpki-client