Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XcaNzRvBIm0HPhF2hQDq-0z2n10.roa
File: XcaNzRvBIm0HPhF2hQDq-0z2n10.roa (raw, json)
Hash identifier: A80RmgcW43chhfWGpYheb0AMsRyJB5FJFZLhZoazKGA=
Subject key identifier: 5D:C6:8D:CD:1B:C1:22:6D:07:3E:11:76:85:00:EA:FB:4C:F6:9F:5D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193AC8DECE8F248D7469FD5192A76279B70
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XcaNzRvBIm0HPhF2hQDq-0z2n10.roa
Signing time: Mon 09 Dec 2024 17:53:22 +0000
ROA not before: Mon 09 Dec 2024 17:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210876
IP address blocks: 45.134.84.0/22 maxlen: 24
45.134.84.0/23 maxlen: 23
45.142.228.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
93.189.123.0/24 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
185.247.6.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 11:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:8d:ec:e8:f2:48:d7:46:9f:d5:19:2a:76:27:9b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 9 17:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dc68dcd1bc1226d073e11768500eafb4cf69f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:38:c0:7a:c4:79:8b:2c:66:25:54:0d:ee:
f3:6d:a8:ad:c0:2a:62:71:97:77:74:ae:ce:9a:4b:
db:62:75:82:d9:f5:c4:5d:7e:6c:67:ba:73:f5:f4:
da:07:4c:c7:79:60:d7:83:1f:5e:22:98:bc:41:6a:
fd:aa:cd:43:55:bb:72:57:c8:59:9b:a1:40:7e:ee:
ee:1c:a9:93:62:1d:42:69:98:4e:0f:17:c2:63:47:
17:a5:1d:f7:08:9f:c8:6b:b3:1a:e6:5d:f8:75:b5:
fe:92:20:eb:ed:0d:8c:47:ba:cb:db:3f:62:39:74:
3f:20:e1:26:e0:1c:45:e6:ee:85:ae:7e:b4:8d:c7:
92:db:c9:37:c3:ff:9f:95:55:a3:f0:22:60:45:89:
4f:46:3e:b6:80:d9:eb:57:f9:65:36:1c:81:9d:9d:
45:c0:9b:c3:6c:6b:19:64:75:2e:60:38:bc:2a:ef:
85:ca:04:bb:ca:7b:46:a3:b3:99:92:af:be:92:03:
71:7f:f2:ed:6a:bf:0c:2f:0b:3b:07:f0:49:86:b5:
f0:0f:ef:24:0b:4c:ca:68:53:f3:37:b8:18:07:0e:
76:54:5e:a0:c7:b2:31:4f:73:6c:74:2d:f4:82:51:
d0:a5:d7:0a:77:fb:07:82:a6:d9:47:5f:3a:44:92:
ef:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C6:8D:CD:1B:C1:22:6D:07:3E:11:76:85:00:EA:FB:4C:F6:9F:5D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/XcaNzRvBIm0HPhF2hQDq-0z2n10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
93.189.123.0/24
185.216.30.0/23
185.226.8.0/24
185.247.6.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1a:26:0b:d1:de:94:7e:d7:1e:db:56:96:30:b0:c0:02:32:
95:74:ba:1d:59:e3:98:e2:3a:26:88:79:e4:19:b9:1e:ff:48:
c4:ba:15:6e:c3:68:24:b4:1e:c6:61:ab:a1:5b:9e:da:8a:61:
25:97:00:8f:b7:5c:f5:a7:7c:29:68:fa:2c:81:24:cb:94:89:
90:f4:81:a9:71:e1:c3:50:64:02:63:21:4a:9a:d5:b1:65:2e:
c7:c1:7d:c3:6d:28:0f:ab:b7:5a:00:cb:c3:c0:35:bf:2a:42:
3a:5e:4f:69:92:58:83:f1:3e:1c:df:80:4c:d6:bb:18:47:22:
ec:b6:cc:78:71:77:86:a7:b3:a6:d7:1d:d3:ba:9f:3d:a1:d7:
c4:d3:95:88:48:c2:8c:e0:75:93:32:de:50:da:6d:db:61:98:
b2:9f:7d:43:13:60:58:d6:bf:31:53:19:91:b2:c5:0b:60:3a:
60:06:7e:01:12:13:a0:80:b4:62:a8:af:8b:7c:cc:aa:02:75:
bb:9b:97:e5:6e:2f:e5:82:8c:88:6f:6f:4e:9a:19:ae:50:b4:
e1:3e:b0:94:f2:6b:86:d7:31:91:43:62:43:70:fc:1f:f9:1d:
3f:4c:f8:63:d9:72:28:a1:3f:85:d3:2c:26:7e:2b:8f:fa:00:
66:9a:c1:35
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZOsjezo8kjXRp/VGSp2J5twMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjA5MTc1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGM2OGRjZDFiYzEyMjZkMDczZTExNzY4NTAwZWFmYjRjZjY5ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGs4wHrEeYssZiVUDe7zbaitwCpi
cZd3dK7OmkvbYnWC2fXEXX5sZ7pz9fTaB0zHeWDXgx9eIpi8QWr9qs1DVbtyV8hZ
m6FAfu7uHKmTYh1CaZhODxfCY0cXpR33CJ/Ia7Ma5l34dbX+kiDr7Q2MR7rL2z9i
OXQ/IOEm4BxF5u6Frn60jceS28k3w/+flVWj8CJgRYlPRj62gNnrV/llNhyBnZ1F
wJvDbGsZZHUuYDi8Ku+FygS7yntGo7OZkq++kgNxf/Ltar8MLws7B/BJhrXwD+8k
C0zKaFPzN7gYBw52VF6gx7IxT3NsdC30glHQpdcKd/sHgqbZR186RJLvdQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF3Gjc0bwSJtBz4RdoUA6vtM9p9dMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWGNhTnpSdkJJbTBIUGhGMmhRRHEtMHoybjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQAXb17AwQBudgeAwQAueIIAwQAufcGAwQAwiMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBNGiYL0d6Uftce21aWMLDAAjKVdLodWeOY4jomiHnk
Gbke/0jEuhVuw2gktB7GYauhW57aimEllwCPt1z1p3wpaPosgSTLlImQ9IGpceHD
UGQCYyFKmtWxZS7HwX3DbSgPq7daAMvDwDW/KkI6Xk9pkliD8T4c34BM1rsYRyLs
tsx4cXeGp7Om1x3Tup89odfE05WISMKM4HWTMt5Q2m3bYZiyn31DE2BY1r8xUxmR
ssULYDpgBn4BEhOggLRiqK+LfMyqAnW7m5flbi/lgoyIb29OmhmuULThPrCU8muG
1zGRQ2JDcPwf+R0/TPhj2XIooT+F0ywmfiuP+gBmmsE1
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:16:34 2025 by rpki-client