Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/XQVpacoRnQ34jP1GfwnlhztrWu0.roa
File: XQVpacoRnQ34jP1GfwnlhztrWu0.roa (raw, json)
Hash identifier: rSqAgmiAMWYvjEpJvUYWlM6b8JjN7zYGperg7lgXp+I=
Subject key identifier: 5D:05:69:69:CA:11:9D:0D:F8:8C:FD:46:7F:09:E5:87:3B:6B:5A:ED
Certificate issuer: /CN=292d120970515846360ea223e9a0e6a3c3896934
Certificate serial: 018571D7B0E5F422E4718B4DE84B2A3D7730
Authority key identifier: 29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/XQVpacoRnQ34jP1GfwnlhztrWu0.roa
Signing time: Mon 02 Jan 2023 09:37:18 +0000
ROA not before: Mon 02 Jan 2023 09:37:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56550
IP address blocks: 89.34.161.0/24 maxlen: 24
89.33.133.0/24 maxlen: 24
89.36.228.0/24 maxlen: 24
86.105.177.0/24 maxlen: 24
95.142.208.0/21 maxlen: 21
185.8.24.0/22 maxlen: 22
93.117.152.0/23 maxlen: 23
93.117.172.0/23 maxlen: 23
185.163.172.0/22 maxlen: 22
31.177.40.0/21 maxlen: 21
89.42.25.0/24 maxlen: 24
46.102.188.0/23 maxlen: 23
109.230.212.0/24 maxlen: 24
31.14.28.0/24 maxlen: 24
89.32.168.0/23 maxlen: 23
94.177.127.0/24 maxlen: 24
85.204.119.0/24 maxlen: 24
89.32.186.0/23 maxlen: 23
93.115.62.0/23 maxlen: 23
31.214.153.0/24 maxlen: 24
188.241.154.0/24 maxlen: 24
85.204.147.0/24 maxlen: 24
128.0.123.0/24 maxlen: 24
128.0.122.0/23 maxlen: 23
128.0.124.0/22 maxlen: 22
185.157.52.0/22 maxlen: 22
2a03:1140::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b0:e5:f4:22:e4:71:8b:4d:e8:4b:2a:3d:77:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292d120970515846360ea223e9a0e6a3c3896934
Validity
Not Before: Jan 2 09:37:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d056969ca119d0df88cfd467f09e5873b6b5aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6c:76:2f:8c:01:6f:d2:56:ba:a4:d2:88:38:
7a:47:e4:5f:6c:97:9c:f2:53:3e:d9:8c:b5:d6:14:
5f:86:2b:3d:5c:58:87:e2:85:a7:cf:0a:1c:7b:64:
6d:b3:8b:4a:26:8b:f0:ab:41:52:ad:32:43:7f:55:
d2:b0:96:01:65:75:5b:6f:8f:6c:9c:9c:6e:15:3e:
22:84:86:f3:c6:02:f3:40:27:c9:03:6a:cc:aa:5a:
7f:f1:9d:41:06:a5:a9:ac:81:89:37:14:fd:8f:3f:
49:02:2c:8e:d6:84:c0:a3:51:c7:8d:51:ab:e9:36:
14:10:e3:89:c9:c1:12:62:25:df:7d:c8:cb:57:7a:
01:ec:b2:78:57:cc:ad:cc:ec:c2:f5:f8:aa:fd:30:
5f:c0:de:8e:7c:98:d9:94:95:83:af:6d:d5:9e:fb:
be:48:a3:12:3b:12:34:f9:b8:f3:66:9a:81:ef:2a:
fa:aa:19:36:bf:0f:79:c6:67:b9:f7:41:7f:57:9a:
1d:ea:18:d7:1d:5d:b6:d0:25:2f:32:b3:95:ef:75:
20:49:77:04:1a:05:90:16:d6:fd:25:91:3a:d0:e3:
51:8c:5a:f3:5b:66:44:bb:dc:66:e4:59:6c:6e:99:
cc:5b:5c:e7:0b:0b:17:3c:19:07:ab:75:6e:c3:0c:
46:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:05:69:69:CA:11:9D:0D:F8:8C:FD:46:7F:09:E5:87:3B:6B:5A:ED
X509v3 Authority Key Identifier:
keyid:29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/XQVpacoRnQ34jP1GfwnlhztrWu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.28.0/24
31.177.40.0/21
31.214.153.0/24
46.102.188.0/23
85.204.119.0/24
85.204.147.0/24
86.105.177.0/24
89.32.168.0/23
89.32.186.0/23
89.33.133.0/24
89.34.161.0/24
89.36.228.0/24
89.42.25.0/24
93.115.62.0/23
93.117.152.0/23
93.117.172.0/23
94.177.127.0/24
95.142.208.0/21
109.230.212.0/24
128.0.122.0-128.0.127.255
185.8.24.0/22
185.157.52.0/22
185.163.172.0/22
188.241.154.0/24
IPv6:
2a03:1140::/32
Signature Algorithm: sha256WithRSAEncryption
45:7b:05:d1:0b:5d:58:ac:1a:aa:d7:b3:c3:80:b9:fe:10:6e:
b4:01:47:e3:79:4d:76:89:cc:1f:37:92:45:83:39:2e:60:91:
6b:a5:33:b5:15:0a:7d:8c:a4:2b:6d:88:4a:b2:89:07:bb:17:
1a:23:20:c3:20:25:ef:1b:6c:b8:f9:12:c5:32:a9:56:77:bf:
62:22:3a:d6:10:d3:b1:cd:db:22:a9:ba:63:15:8a:f7:8a:7d:
cd:80:2b:ab:6c:85:20:04:68:8d:4d:be:f4:41:7f:9d:c6:72:
03:a1:83:b1:c4:f6:64:10:83:a1:ff:a9:a5:05:eb:01:27:04:
f3:07:d8:c9:67:72:61:8c:52:16:63:3f:40:cd:e5:99:7c:d2:
8d:d9:96:39:0a:28:6e:91:54:07:69:59:c6:60:7b:28:e1:7e:
7a:9c:d8:dc:d9:4e:f0:bc:cb:02:56:cc:6f:38:7e:43:5b:e4:
c9:80:28:82:b1:74:23:1c:52:dd:91:21:dc:95:cc:ba:79:6f:
c7:d8:20:3a:dc:a1:42:c2:a7:af:56:7c:97:d2:95:c2:57:de:
32:57:8a:bf:ad:a5:62:2b:6d:31:4e:89:04:b5:86:ff:a2:76:
c9:72:6f:5c:97:c6:53:03:80:3b:7b:7d:87:24:32:4f:c4:e5:
16:87:48:e1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVx17Dl9CLkcYtN6EsqPXcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmQxMjA5NzA1MTU4NDYzNjBlYTIyM2U5YTBlNmEzYzM4
OTY5MzQwHhcNMjMwMTAyMDkzNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA1Njk2OWNhMTE5ZDBkZjg4Y2ZkNDY3ZjA5ZTU4NzNiNmI1YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmx2L4wBb9JWuqTSiDh6R+RfbJec
8lM+2Yy11hRfhis9XFiH4oWnzwoce2Rts4tKJovwq0FSrTJDf1XSsJYBZXVbb49s
nJxuFT4ihIbzxgLzQCfJA2rMqlp/8Z1BBqWprIGJNxT9jz9JAiyO1oTAo1HHjVGr
6TYUEOOJycESYiXffcjLV3oB7LJ4V8ytzOzC9fiq/TBfwN6OfJjZlJWDr23Vnvu+
SKMSOxI0+bjzZpqB7yr6qhk2vw95xme590F/V5od6hjXHV220CUvMrOV73UgSXcE
GgWQFtb9JZE60ONRjFrzW2ZEu9xm5FlsbpnMW1znCwsXPBkHq3VuwwxGoQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFF0FaWnKEZ0N+Iz9Rn8J5Yc7a1rtMB8GA1UdIwQY
MBaAFCktEglwUVhGNg6iI+mg5qPDiWk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1MwU0NYQlJXRVkyRHFJajZhRG1vOE9KYVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9kZTkxMzktYTlkMC00OTNhLTkyNjAt
ZWQwZjI1NmE1ZmUzLzEvWFFWcGFjb1JuUTM0alAxR2Z3bmxoenRyV3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9kZTkxMzktYTlkMC00OTNhLTkyNjAtZWQwZjI1NmE1ZmUz
LzEvS1MwU0NYQlJXRVkyRHFJajZhRG1vOE9KYVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAAf
DhwDBAMfsSgDBAAf1pkDBAEuZrwDBABVzHcDBABVzJMDBABWabEDBAFZIKgDBAFZ
ILoDBABZIYUDBABZIqEDBABZJOQDBABZKhkDBAFdcz4DBAFddZgDBAFddawDBABe
sX8DBANfjtADBABt5tQwDAMEAYAAegMEB4AAAAMEArkIGAMEArmdNAMEArmjrAME
ALzxmjANBAIAAjAHAwUAKgMRQDANBgkqhkiG9w0BAQsFAAOCAQEARXsF0QtdWKwa
qtezw4C5/hButAFH43lNdonMHzeSRYM5LmCRa6UztRUKfYykK22ISrKJB7sXGiMg
wyAl7xtsuPkSxTKpVne/YiI61hDTsc3bIqm6YxWK94p9zYArq2yFIARojU2+9EF/
ncZyA6GDscT2ZBCDof+ppQXrAScE8wfYyWdyYYxSFmM/QM3lmXzSjdmWOQoobpFU
B2lZxmB7KOF+epzY3NlO8LzLAlbMbzh+Q1vkyYAogrF0IxxS3ZEh3JXMunlvx9gg
OtyhQsKnr1Z8l9KVwlfeMleKv62lYittMU6JBLWG/6J2yXJvXJfGUwOAO3t9hyQy
T8TlFodI4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:27 2024 by rpki-client on console-fra.rpki-client.org