Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XcESeaaen46ZHcsGpfwqSlNX3Wk.roa
File: XcESeaaen46ZHcsGpfwqSlNX3Wk.roa (raw, json)
Hash identifier: 7XbJQ+2mUKU+NJ153imjws0fDCkUgg13akAjPpvlJto=
Subject key identifier: 5D:C1:12:79:A6:9E:9F:8E:99:1D:CB:06:A5:FC:2A:4A:53:57:DD:69
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFADFE987C15E4EEE55BD0BCE98187
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XcESeaaen46ZHcsGpfwqSlNX3Wk.roa
Signing time: Tue 02 Jan 2024 06:32:31 +0000
ROA not before: Tue 02 Jan 2024 06:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 185.174.138.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
185.109.21.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 09:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:ad:fe:98:7c:15:e4:ee:e5:5b:d0:bc:e9:81:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dc11279a69e9f8e991dcb06a5fc2a4a5357dd69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a5:60:ca:7c:c2:c3:a1:98:77:74:b0:4c:de:
83:c0:28:86:f0:5a:fb:42:49:1e:21:dd:56:4c:fe:
d1:6d:fa:b0:7f:ae:fb:08:79:22:7e:70:4c:c6:23:
db:7f:83:84:9b:04:b2:b2:ca:d4:8e:dc:45:d0:f3:
c8:23:ff:af:18:ba:93:c5:ea:17:42:1f:65:97:5e:
ad:60:e7:d7:9f:b8:45:78:ae:79:21:32:87:15:4e:
0e:05:09:21:31:98:91:f3:82:f9:39:10:77:6c:e6:
e4:b1:28:c1:0d:da:34:b3:1e:30:c5:fd:99:df:1b:
01:c9:b1:01:54:dc:9d:28:04:b6:38:ec:b1:32:e0:
30:50:a9:a9:e3:92:c3:81:a0:da:96:30:10:f0:bc:
78:eb:e6:99:31:03:47:ca:b7:a3:59:6c:98:20:74:
c9:03:cd:f9:d8:58:76:76:fd:ba:5e:de:60:72:4e:
43:e5:61:31:63:17:f8:5d:74:ce:8b:6c:a8:ae:0e:
1d:4c:80:29:d8:74:08:71:27:b3:d0:70:6d:50:a9:
75:c4:2a:0a:40:dc:aa:88:70:8f:d5:c8:80:6f:ed:
87:35:26:21:7b:a5:19:9f:5e:15:1c:29:e3:9b:33:
1e:0e:c8:aa:fd:0b:60:ca:98:81:ed:5a:7b:c6:97:
d5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C1:12:79:A6:9E:9F:8E:99:1D:CB:06:A5:FC:2A:4A:53:57:DD:69
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XcESeaaen46ZHcsGpfwqSlNX3Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.211.0/24
45.133.247.0/24
45.142.120.0/24
185.109.21.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:c2:49:88:a3:ac:be:cc:33:b3:a2:6c:ec:42:05:69:41:e2:
9c:34:6d:2f:e6:11:30:b6:c9:0d:87:de:f4:17:15:89:b6:31:
45:5a:54:d4:a9:7c:59:e9:b3:ad:37:fc:df:40:bc:5c:d8:26:
44:bb:27:76:bc:06:28:49:c7:28:d6:fc:01:25:88:44:28:e4:
97:86:70:80:b1:80:92:ae:a4:1f:45:a5:a4:51:c2:fa:c6:0f:
bc:0e:22:b8:92:9e:04:32:32:2c:24:9d:66:0b:b0:d4:fb:99:
7e:c0:06:8f:43:4f:d2:db:b8:54:58:9b:36:ca:70:f4:98:48:
a7:f6:30:5d:64:53:e2:7f:68:3d:12:6d:90:3b:68:76:df:1e:
6b:26:21:53:37:70:b4:59:22:3a:d0:bf:96:91:0a:1f:28:eb:
73:5c:68:6f:fb:47:83:63:cc:fc:bc:de:1a:4f:23:83:f0:2d:
3d:b6:b8:73:55:de:6e:0e:16:d1:45:a3:db:82:3f:ad:f4:cb:
96:14:90:9a:5b:9f:52:b7:ac:e2:7d:c0:7f:7c:59:bf:70:58:
0d:9a:98:88:7d:77:9e:d0:2e:4f:cc:39:c7:2f:32:81:cf:7b:
a4:36:1a:48:d5:9d:5c:51:7f:68:15:bb:21:5a:fc:52:fb:5c:
5d:01:14:e1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzI363+mHwV5O7lW9C86YGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGMxMTI3OWE2OWU5ZjhlOTkxZGNiMDZhNWZjMmE0YTUzNTdkZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6VgynzCw6GYd3SwTN6DwCiG8Fr7
QkkeId1WTP7Rbfqwf677CHkifnBMxiPbf4OEmwSyssrUjtxF0PPII/+vGLqTxeoX
Qh9ll16tYOfXn7hFeK55ITKHFU4OBQkhMZiR84L5ORB3bObksSjBDdo0sx4wxf2Z
3xsBybEBVNydKAS2OOyxMuAwUKmp45LDgaDaljAQ8Lx46+aZMQNHyrejWWyYIHTJ
A8352Fh2dv26Xt5gck5D5WExYxf4XXTOi2yorg4dTIAp2HQIcSez0HBtUKl1xCoK
QNyqiHCP1ciAb+2HNSYhe6UZn14VHCnjmzMeDsiq/QtgypiB7Vp7xpfVpQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF3BEnmmnp+OmR3LBqX8KkpTV91pMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWGNFU2VhYWVuNDZaSGNzR3Bmd3FTbE5YM1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQjTAwQA
LYX3AwQALY54AwQAuW0VAwQAua6KAwQAud2gAwQAwjU1MA0GCSqGSIb3DQEBCwUA
A4IBAQC2wkmIo6y+zDOzomzsQgVpQeKcNG0v5hEwtskNh970FxWJtjFFWlTUqXxZ
6bOtN/zfQLxc2CZEuyd2vAYoScco1vwBJYhEKOSXhnCAsYCSrqQfRaWkUcL6xg+8
DiK4kp4EMjIsJJ1mC7DU+5l+wAaPQ0/S27hUWJs2ynD0mEin9jBdZFPif2g9Em2Q
O2h23x5rJiFTN3C0WSI60L+WkQofKOtzXGhv+0eDY8z8vN4aTyOD8C09trhzVd5u
DhbRRaPbgj+t9MuWFJCaW59St6zifcB/fFm/cFgNmpiIfXee0C5PzDnHLzKBz3uk
NhpI1Z1cUX9oFbshWvxS+1xdARTh
-----END CERTIFICATE-----
Generated at Wed Nov 20 12:17:26 2024 by rpki-client on console-ams.rpki-client.org