Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/Xn2H9sZmruGHhz9rKxmAYXHwvF0.roa
File: Xn2H9sZmruGHhz9rKxmAYXHwvF0.roa (raw, json)
Hash identifier: T1nLqAb374TSbgJRxeDUWUgeK7b4uqL+ZpLfl/kwvZM=
Subject key identifier: 5E:7D:87:F6:C6:66:AE:E1:87:87:3F:6B:2B:19:80:61:71:F0:BC:5D
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 01856E01B60ED60E66179AFBFF5E3476C362
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/Xn2H9sZmruGHhz9rKxmAYXHwvF0.roa
Signing time: Sun 01 Jan 2023 15:44:44 +0000
ROA not before: Sun 01 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12693
IP address blocks: 156.67.152.0/21 maxlen: 21
82.193.255.0/24 maxlen: 24
212.204.32.0/19 maxlen: 24
156.67.144.0/21 maxlen: 21
82.193.224.0/19 maxlen: 24
85.199.96.0/20 maxlen: 24
149.249.48.0/21 maxlen: 21
92.42.224.0/21 maxlen: 21
153.92.72.0/21 maxlen: 24
185.90.156.0/22 maxlen: 24
156.67.224.0/21 maxlen: 21
85.199.64.0/18 maxlen: 24
85.199.74.0/24 maxlen: 24
2a01:a380::/48 maxlen: 48
2a01:a380::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 02 Oct 2023 10:10:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:b6:0e:d6:0e:66:17:9a:fb:ff:5e:34:76:c3:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Jan 1 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7d87f6c666aee187873f6b2b19806171f0bc5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:61:3c:bf:af:00:33:f1:1b:93:69:9e:72:b7:
e8:10:48:ba:3c:5b:0a:06:39:10:76:07:56:8a:37:
8a:87:90:50:ee:02:23:7f:bd:7e:98:47:a3:70:25:
ae:a0:a4:3d:54:86:b4:99:50:c0:4e:b9:15:3b:e1:
39:92:65:4f:56:34:c1:b9:b8:4f:53:2e:5e:98:35:
86:32:be:1a:ba:07:57:12:bd:91:93:4a:c9:f6:b0:
2f:a0:de:62:67:7a:fa:7c:5c:1e:4a:83:09:65:fc:
ec:e6:88:8a:a1:44:1a:36:e9:97:9f:1b:ac:02:c7:
8d:a0:06:73:b5:8c:ac:e9:de:14:a3:20:70:89:47:
ec:3d:8e:7a:08:6c:98:08:69:2b:9d:9c:8c:2d:98:
11:c9:ff:86:f4:74:c1:54:9e:67:f3:4c:a7:3f:82:
29:81:23:a2:31:9d:35:09:c0:7d:a4:89:c4:9e:cd:
af:36:be:11:b7:ae:24:e6:d6:e5:51:85:1c:65:74:
08:2b:76:84:c4:66:97:48:1f:c7:c9:61:0b:ac:eb:
de:ee:e3:e4:5d:b2:25:be:1e:c9:b1:19:cf:34:15:
f3:61:32:77:37:f1:27:d6:46:c4:b4:c5:a1:5c:b8:
db:4b:c1:e5:72:be:04:bf:84:3f:5c:77:9c:69:12:
dd:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7D:87:F6:C6:66:AE:E1:87:87:3F:6B:2B:19:80:61:71:F0:BC:5D
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/Xn2H9sZmruGHhz9rKxmAYXHwvF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.224.0/19
85.199.64.0/18
92.42.224.0/21
149.249.48.0/21
153.92.72.0/21
156.67.144.0/20
156.67.224.0/21
185.90.156.0/22
212.204.32.0/19
IPv6:
2a01:a380::/32
Signature Algorithm: sha256WithRSAEncryption
6e:bc:95:80:a3:de:cb:67:0b:12:ef:cf:a6:4e:14:cf:d0:fe:
5a:ee:ef:d5:30:da:b8:12:a4:90:4a:d9:23:33:95:50:24:2b:
5a:a2:e6:6a:46:c1:f4:48:01:5b:1f:f6:37:ae:3f:1b:6a:b6:
ac:3e:84:7b:e1:64:f1:c5:4f:1b:26:f4:f8:c1:95:c7:fe:d9:
fe:22:af:ec:ff:e0:f2:ba:bc:da:3e:97:b7:e7:c1:4a:04:d6:
37:d9:cb:1c:cf:9f:5a:5b:5f:de:37:c8:c2:43:47:bc:70:9c:
7e:d5:80:f4:c1:ee:3d:c7:1c:79:ec:84:23:8a:20:68:f4:a8:
81:91:2d:71:e9:2b:a9:4f:ee:61:e1:10:48:f9:85:04:20:e6:
fa:b2:5b:25:25:b8:2e:0f:c7:7e:ed:43:b0:28:cb:5b:7a:a8:
7c:4d:60:a1:8b:c9:1f:e5:d1:18:2d:9c:57:e3:07:c9:5c:cd:
0b:9d:96:9f:92:98:0e:78:ce:b4:ee:e4:99:d0:8d:22:d1:0c:
ab:8b:20:78:e2:af:5e:05:2b:c9:34:5a:6c:6c:b2:85:23:a2:
1c:92:3b:48:6d:f0:f8:74:51:8b:1e:3a:1b:cd:ba:c6:53:4e:
a2:d6:f7:7a:c7:f2:dc:d2:d8:0c:0b:6d:d1:81:0a:8c:9b:5f:
8c:6a:6a:36
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVuAbYO1g5mF5r7/140dsNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjMzY5Yzk0NTY5MTRhMTJlMDJkZmZjOGRkNzk5NzRl
YjFlZjgwHhcNMjMwMTAxMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdkODdmNmM2NjZhZWUxODc4NzNmNmIyYjE5ODA2MTcxZjBiYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGE8v68AM/Ebk2mecrfoEEi6PFsK
BjkQdgdWijeKh5BQ7gIjf71+mEejcCWuoKQ9VIa0mVDATrkVO+E5kmVPVjTBubhP
Uy5emDWGMr4augdXEr2Rk0rJ9rAvoN5iZ3r6fFweSoMJZfzs5oiKoUQaNumXnxus
AseNoAZztYys6d4UoyBwiUfsPY56CGyYCGkrnZyMLZgRyf+G9HTBVJ5n80ynP4Ip
gSOiMZ01CcB9pInEns2vNr4Rt64k5tblUYUcZXQIK3aExGaXSB/HyWELrOve7uPk
XbIlvh7JsRnPNBXzYTJ3N/En1kbEtMWhXLjbS8Hlcr4Ev4Q/XHecaRLdHQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFF59h/bGZq7hh4c/aysZgGFx8LxdMB8GA1UdIwQY
MBaAFJ4aw2nJRWkUoS4C3/yN15l06x74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTct
ZDY4YzU3ZGI0Y2FlLzEvWG4ySDlzWm1ydUdIaHo5ckt4bUFZWEh3dkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTctZDY4YzU3ZGI0Y2Fl
LzEvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFUsHgAwQG
VcdAAwQDXCrgAwQDlfkwAwQDmVxIAwQEnEOQAwQDnEPgAwQCuVqcAwQF1MwgMA0E
AgACMAcDBQAqAaOAMA0GCSqGSIb3DQEBCwUAA4IBAQBuvJWAo97LZwsS78+mThTP
0P5a7u/VMNq4EqSQStkjM5VQJCtaouZqRsH0SAFbH/Y3rj8barasPoR74WTxxU8b
JvT4wZXH/tn+Iq/s/+DyurzaPpe358FKBNY32cscz59aW1/eN8jCQ0e8cJx+1YD0
we49xxx57IQjiiBo9KiBkS1x6SupT+5h4RBI+YUEIOb6slslJbguD8d+7UOwKMtb
eqh8TWChi8kf5dEYLZxX4wfJXM0LnZafkpgOeM607uSZ0I0i0QyriyB44q9eBSvJ
NFpsbLKFI6IckjtIbfD4dFGLHjobzbrGU06i1vd6x/Lc0tgMC23RgQqMm1+Mamo2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:30 2024 by rpki-client on console-fra.rpki-client.org