Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/Xwc3Zg2eCfyJzPQ9qPAK-BVgCDI.roa
File: Xwc3Zg2eCfyJzPQ9qPAK-BVgCDI.roa (raw, json)
Hash identifier: RcAU+jsKDAl/2TyVJt8V81o1J4f9ixf2tLVq2J+d/Tc=
Subject key identifier: 5F:07:37:66:0D:9E:09:FC:89:CC:F4:3D:A8:F0:0A:F8:15:60:08:32
Certificate issuer: /CN=9b7d24416aa8a478b3ed36e2e65855d42259d9ee
Certificate serial: 01927B092D936E191391923DA9FA88A795DB
Authority key identifier: 9B:7D:24:41:6A:A8:A4:78:B3:ED:36:E2:E6:58:55:D4:22:59:D9:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/Xwc3Zg2eCfyJzPQ9qPAK-BVgCDI.roa
Signing time: Fri 11 Oct 2024 10:04:11 +0000
ROA not before: Fri 11 Oct 2024 10:04:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12843
IP address blocks: 37.16.64.0/21 maxlen: 21
37.228.160.0/20 maxlen: 20
46.167.16.0/21 maxlen: 21
46.232.224.0/21 maxlen: 21
81.26.160.0/20 maxlen: 20
81.26.174.0/24 maxlen: 24
85.115.0.0/19 maxlen: 19
88.214.60.0/22 maxlen: 22
93.189.152.0/21 maxlen: 21
109.109.200.0/21 maxlen: 21
109.109.201.200/30 maxlen: 30
185.9.176.0/22 maxlen: 22
185.106.0.0/21 maxlen: 21
213.144.0.0/19 maxlen: 19
2a02:788::/29 maxlen: 29
2a02:788:1::18/128 maxlen: 128
Validation: Failed, certificate revoked on Fri 11 Oct 2024 10:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:09:2d:93:6e:19:13:91:92:3d:a9:fa:88:a7:95:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b7d24416aa8a478b3ed36e2e65855d42259d9ee
Validity
Not Before: Oct 11 10:04:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f0737660d9e09fc89ccf43da8f00af815600832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:44:74:94:d9:f9:f7:76:85:8a:3b:ab:1b:
5c:47:6d:7e:5a:3e:36:8b:d2:e1:b7:20:34:29:09:
e9:4b:e6:bb:95:a5:ec:76:b6:b5:3c:c1:5f:44:14:
ca:ea:b2:99:63:ea:46:22:cf:91:fc:da:b4:ff:08:
a8:3b:a4:dd:5a:a3:03:6b:7c:16:bd:6e:b5:3f:25:
d9:56:04:2c:3a:e9:ea:93:c5:9c:8f:c0:6a:a8:c2:
6d:3d:f2:55:c1:45:c8:02:cc:5b:12:34:70:18:8b:
88:55:47:73:3d:0c:74:84:b9:fe:53:ea:98:2d:83:
c8:f4:b6:27:00:ab:b7:49:b7:d7:8e:23:23:ae:10:
7d:a7:e9:f1:a2:2a:02:0d:37:b8:eb:4b:62:0c:38:
c0:05:79:44:f5:52:f4:ed:55:fc:bb:53:39:62:5c:
c0:d1:a0:b7:9a:ee:6e:70:68:75:c6:fc:b6:51:d8:
76:f0:5e:43:05:c3:28:63:37:71:4d:46:50:af:59:
f6:1c:4f:44:da:9b:f2:b2:19:10:61:05:6f:51:6e:
c5:8c:c5:76:d0:5c:bd:6b:e5:99:84:2d:0e:51:5c:
19:c9:52:3b:6e:fb:4c:f5:95:92:b2:2b:c0:a0:c9:
63:a4:32:b5:0c:3e:40:12:fc:dc:a4:a0:97:7a:b6:
44:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:07:37:66:0D:9E:09:FC:89:CC:F4:3D:A8:F0:0A:F8:15:60:08:32
X509v3 Authority Key Identifier:
keyid:9B:7D:24:41:6A:A8:A4:78:B3:ED:36:E2:E6:58:55:D4:22:59:D9:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/Xwc3Zg2eCfyJzPQ9qPAK-BVgCDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/m30kQWqopHiz7Tbi5lhV1CJZ2e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.64.0/21
37.228.160.0/20
46.167.16.0/21
46.232.224.0/21
81.26.160.0/20
85.115.0.0/19
88.214.60.0/22
93.189.152.0/21
109.109.200.0/21
185.9.176.0/22
185.106.0.0/21
213.144.0.0/19
IPv6:
2a02:788::/29
Signature Algorithm: sha256WithRSAEncryption
0e:8e:fb:59:dd:bc:7b:4e:28:63:05:54:9a:80:8b:69:4d:50:
fa:81:61:79:09:f1:71:db:0a:cc:cd:21:b9:5f:51:3c:eb:d9:
e3:61:10:6c:ba:55:17:00:a7:87:a5:e6:1d:29:4b:59:80:1c:
0b:21:74:46:05:7a:b6:26:d9:81:cd:b4:a0:95:81:56:e0:d9:
9b:9c:51:23:09:f8:ec:7e:af:6f:1a:1a:c7:06:03:4d:4a:25:
1f:61:15:62:c3:79:24:36:6f:45:f5:f1:99:25:bc:73:f8:7e:
3e:e6:b4:32:14:bf:f4:44:1e:5a:98:24:47:a6:cd:db:ad:b6:
f7:e0:b0:ff:58:8d:87:f9:f2:b2:b5:1f:49:07:33:6e:93:13:
12:b5:20:07:87:15:bc:bd:e7:4a:94:07:e3:7f:6a:45:50:03:
ee:18:1d:e0:cb:31:b4:81:fb:be:e9:16:18:17:aa:d1:bc:c3:
23:2b:f6:ef:03:cc:40:f0:07:c6:8a:bc:c6:f0:87:2f:99:5d:
fc:8d:2e:9d:dc:87:b1:99:a7:d2:4a:b3:8d:ab:27:ed:7e:d0:
a6:cc:70:17:db:50:54:58:1a:44:7a:64:ab:ae:08:ba:24:5d:
22:1e:ee:c9:ed:58:f2:46:32:cc:f7:97:b3:ad:0c:6c:66:f9:
76:74:0b:b7
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZJ7CS2TbhkTkZI9qfqIp5XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliN2QyNDQxNmFhOGE0NzhiM2VkMzZlMmU2NTg1NWQ0MjI1
OWQ5ZWUwHhcNMjQxMDExMTAwNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA3Mzc2NjBkOWUwOWZjODljY2Y0M2RhOGYwMGFmODE1NjAwODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu1EdJTZ+fd2hYo7qxtcR21+Wj42
i9LhtyA0KQnpS+a7laXsdra1PMFfRBTK6rKZY+pGIs+R/Nq0/wioO6TdWqMDa3wW
vW61PyXZVgQsOunqk8Wcj8BqqMJtPfJVwUXIAsxbEjRwGIuIVUdzPQx0hLn+U+qY
LYPI9LYnAKu3SbfXjiMjrhB9p+nxoioCDTe460tiDDjABXlE9VL07VX8u1M5YlzA
0aC3mu5ucGh1xvy2Udh28F5DBcMoYzdxTUZQr1n2HE9E2pvyshkQYQVvUW7FjMV2
0Fy9a+WZhC0OUVwZyVI7bvtM9ZWSsivAoMljpDK1DD5AEvzcpKCXerZEywIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFF8HN2YNngn8icz0PajwCvgVYAgyMB8GA1UdIwQY
MBaAFJt9JEFqqKR4s+024uZYVdQiWdnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTMwa1FXcW9wSGl6N1RiaTVsaFYxQ0paMmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xYjhmMmEtMGFiZC00ZmZiLTgyZjYt
ZWYzYmJiMDU2NTVlLzEvWHdjM1pnMmVDZnlKelBROXFQQUstQlZnQ0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xYjhmMmEtMGFiZC00ZmZiLTgyZjYtZWYzYmJiMDU2NTVl
LzEvbTMwa1FXcW9wSGl6N1RiaTVsaFYxQ0paMmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJRBAAwQE
JeSgAwQDLqcQAwQDLujgAwQEURqgAwQFVXMAAwQCWNY8AwQDXb2YAwQDbW3IAwQC
uQmwAwQDuWoAAwQF1ZAAMA0EAgACMAcDBQMqAgeIMA0GCSqGSIb3DQEBCwUAA4IB
AQAOjvtZ3bx7TihjBVSagItpTVD6gWF5CfFx2wrMzSG5X1E869njYRBsulUXAKeH
peYdKUtZgBwLIXRGBXq2JtmBzbSglYFW4NmbnFEjCfjsfq9vGhrHBgNNSiUfYRVi
w3kkNm9F9fGZJbxz+H4+5rQyFL/0RB5amCRHps3brbb34LD/WI2H+fKytR9JBzNu
kxMStSAHhxW8vedKlAfjf2pFUAPuGB3gyzG0gfu+6RYYF6rRvMMjK/bvA8xA8AfG
irzG8IcvmV38jS6d3IexmafSSrONqyftftCmzHAX21BUWBpEemSrrgi6JF0iHu7J
7VjyRjLM95ezrQxsZvl2dAu3
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:42:55 2024 by rpki-client on console-ams.rpki-client.org