Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/IGXbocYcnM07-urJolor_46c28U.roa
File: IGXbocYcnM07-urJolor_46c28U.roa (raw, json)
Hash identifier: xh7Yl/pdpgbw8gv2+neFdzLaAETiE6D/KcpWnjCN6pM=
Subject key identifier: 20:65:DB:A1:C6:1C:9C:CD:3B:FA:EA:C9:A2:5A:2B:FF:8E:9C:DB:C5
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018D36AFC10495EB3B874BAEA83E02DCFBB2
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/IGXbocYcnM07-urJolor_46c28U.roa
Signing time: Tue 23 Jan 2024 14:18:24 +0000
ROA not before: Tue 23 Jan 2024 14:18:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13037
IP address blocks: 51.148.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
51.170.0.0/16 maxlen: 18
62.3.64.0/18 maxlen: 18
77.104.128.0/18 maxlen: 18
82.68.0.0/14 maxlen: 14
82.71.240.0/20 maxlen: 20
88.96.0.0/16 maxlen: 16
88.97.0.0/18 maxlen: 18
88.97.64.0/19 maxlen: 19
88.97.96.0/20 maxlen: 20
88.97.160.0/23 maxlen: 23
88.97.162.0/23 maxlen: 23
88.97.164.0/23 maxlen: 23
88.97.166.0/23 maxlen: 23
88.97.168.0/24 maxlen: 24
88.97.169.0/24 maxlen: 24
88.97.170.0/24 maxlen: 24
88.97.171.0/24 maxlen: 24
88.97.172.0/24 maxlen: 24
88.97.173.0/24 maxlen: 24
88.97.174.0/24 maxlen: 24
88.97.175.0/24 maxlen: 24
88.97.176.0/20 maxlen: 20
88.97.192.0/18 maxlen: 18
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.18.0/24 maxlen: 24
88.98.21.0/24 maxlen: 24
88.98.22.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
88.98.128.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.170.0/23 maxlen: 23
88.98.172.0/22 maxlen: 22
88.98.176.0/20 maxlen: 20
146.66.64.0/18 maxlen: 18
212.23.0.0/19 maxlen: 19
217.155.0.0/16 maxlen: 16
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Apr 2024 16:57:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:af:c1:04:95:eb:3b:87:4b:ae:a8:3e:02:dc:fb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jan 23 14:18:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2065dba1c61c9ccd3bfaeac9a25a2bff8e9cdbc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b1:1c:e9:90:e0:b6:95:af:04:62:78:3e:f9:
da:66:06:3e:ac:ce:85:42:9c:f5:52:76:77:88:cb:
58:3e:0a:37:69:c9:49:2b:04:50:4c:bd:65:b3:ca:
db:2b:ee:97:b5:2e:8a:19:18:30:b3:22:7f:bc:93:
62:0e:a1:a1:f3:34:2c:67:19:28:34:81:c4:47:2c:
01:fc:84:b1:50:7e:73:92:b2:45:c2:37:c0:41:b1:
f4:08:7f:bb:d5:c0:9c:4f:73:41:b1:43:42:b9:f8:
86:41:fa:c9:4d:70:53:ea:26:01:13:a1:ef:61:ae:
b5:1e:8b:3d:08:ac:c0:db:3e:ce:8c:63:96:40:76:
56:0e:1f:0c:69:98:76:90:1a:37:d7:25:78:4f:68:
d8:e1:38:3f:5a:15:b3:dc:e6:47:13:34:9b:6b:29:
23:0d:be:a1:18:20:2f:dc:66:bf:17:70:e7:74:2f:
65:92:35:be:93:42:ed:aa:c9:e5:ff:37:1c:70:1a:
1a:01:9f:10:f1:d5:a2:87:20:5d:6f:e6:1f:7b:9c:
d6:ec:24:7d:87:e6:2e:c2:4c:51:bf:67:05:c9:52:
28:84:2b:0f:d3:5f:f8:41:36:29:04:b9:2f:14:3d:
6b:8c:39:5a:af:b8:4b:84:18:e5:7e:67:68:b0:e6:
ff:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:65:DB:A1:C6:1C:9C:CD:3B:FA:EA:C9:A2:5A:2B:FF:8E:9C:DB:C5
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/IGXbocYcnM07-urJolor_46c28U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
51.170.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/14
88.96.0.0-88.97.111.255
88.97.160.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
77:bd:b5:cd:5c:fa:20:13:f5:38:7c:5b:a5:de:4c:b9:0b:79:
a2:62:54:65:8f:93:7c:9a:82:ba:23:01:29:68:81:26:1a:f5:
4b:7f:e1:ff:ac:e4:2d:ed:3f:84:7d:77:e7:bc:c8:6d:9a:50:
6e:86:fa:e4:37:43:04:ea:58:a6:91:b1:7a:b5:de:e2:f4:61:
a9:90:38:d3:58:5c:97:88:e6:c2:2a:8a:b7:41:39:e1:d8:21:
37:8a:a7:de:ad:48:44:c8:0e:6a:28:5d:bb:71:b6:6a:f1:13:
05:9b:e6:50:da:cc:68:d7:c2:b1:b6:a0:4e:b8:16:03:14:2c:
de:da:50:14:07:b0:88:47:bf:a9:61:42:e8:51:04:5f:de:0e:
4a:cf:fa:44:4b:49:8f:a1:24:60:d5:25:20:6f:c5:60:3d:ff:
85:e3:da:c2:35:17:0a:55:0b:10:c5:61:3c:8e:df:00:77:40:
f1:19:18:79:d7:01:35:8b:d4:ca:c1:95:d5:54:f2:06:87:e0:
55:c8:2d:16:7a:06:23:44:6e:8b:a1:b6:1d:77:7a:a8:1d:5b:
e9:4c:a1:68:60:89:13:48:89:a2:67:8b:34:c0:2a:c4:1e:d4:
26:b6:38:52:17:e3:8b:d0:36:2e:0a:58:80:45:24:73:78:1d:
9a:fd:02:32
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY02r8EEles7h0uuqD4C3PuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwMTIzMTQxODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY1ZGJhMWM2MWM5Y2NkM2JmYWVhYzlhMjVhMmJmZjhlOWNkYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurEc6ZDgtpWvBGJ4PvnaZgY+rM6F
Qpz1UnZ3iMtYPgo3aclJKwRQTL1ls8rbK+6XtS6KGRgwsyJ/vJNiDqGh8zQsZxko
NIHERywB/ISxUH5zkrJFwjfAQbH0CH+71cCcT3NBsUNCufiGQfrJTXBT6iYBE6Hv
Ya61Hos9CKzA2z7OjGOWQHZWDh8MaZh2kBo31yV4T2jY4Tg/WhWz3OZHEzSbaykj
Db6hGCAv3Ga/F3DndC9lkjW+k0Ltqsnl/zcccBoaAZ8Q8dWihyBdb+Yfe5zW7CR9
h+YuwkxRv2cFyVIohCsP01/4QTYpBLkvFD1rjDlar7hLhBjlfmdosOb/iwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFCBl26HGHJzNO/rqyaJaK/+OnNvFMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvSUdYYm9jWWNuTTA3LXVySm9sb3JfNDZjMjhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwMAM5QD
AwAzmwMDADOqAwQGPgNAAwQGTWiAAwMCUkQwCwMDBVhgAwQEWGFgMAwDBAVYYaAD
BABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoDBAZYYoAD
BAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0BAQsFAAOC
AQEAd721zVz6IBP1OHxbpd5MuQt5omJUZY+TfJqCuiMBKWiBJhr1S3/h/6zkLe0/
hH1357zIbZpQbob65DdDBOpYppGxerXe4vRhqZA401hcl4jmwiqKt0E54dghN4qn
3q1IRMgOaihdu3G2avETBZvmUNrMaNfCsbagTrgWAxQs3tpQFAewiEe/qWFC6FEE
X94OSs/6REtJj6EkYNUlIG/FYD3/hePawjUXClULEMVhPI7fAHdA8RkYedcBNYvU
ysGV1VTyBofgVcgtFnoGI0Rui6G2HXd6qB1b6UyhaGCJE0iJomeLNMAqxB7UJrY4
Uhfji9A2LgpYgEUkc3gdmv0CMg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:15 2024 by rpki-client on console-fra.rpki-client.org