Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xK9l1-exjWywbVCw4HR3UxtIzLY.roa
File: xK9l1-exjWywbVCw4HR3UxtIzLY.roa (raw, json)
Hash identifier: 0GK8BXZY31cCTZnDYzCpf7rXkQDriKmj2iXOqtHvjzY=
Subject key identifier: C4:AF:65:D7:E7:B1:8D:6C:B0:6D:50:B0:E0:74:77:53:1B:48:CC:B6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222051450B14AAEBD284BBE02333FCA6
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xK9l1-exjWywbVCw4HR3UxtIzLY.roa
Signing time: Wed 01 Jan 2025 13:48:50 +0000
ROA not before: Wed 01 Jan 2025 13:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213005
IP address blocks: 81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
95.214.144.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.179.228.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
185.211.180.0/22 maxlen: 22
185.223.220.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.245.34.0/23 maxlen: 23
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:51:45:0b:14:aa:eb:d2:84:bb:e0:23:33:fc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4af65d7e7b18d6cb06d50b0e07477531b48ccb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ff:ee:17:0c:81:70:39:51:c5:f1:75:63:35:
29:90:39:49:c8:3b:21:d3:3c:7b:97:9b:4d:b5:37:
e2:3b:56:52:26:75:b5:ec:b0:d5:a3:42:7c:07:53:
eb:a7:1f:20:29:3b:35:88:8b:fa:c3:2f:68:53:b0:
ab:a1:00:0c:2d:87:2e:80:ab:18:e1:1c:f9:5e:eb:
7c:a5:72:97:cf:57:4f:6c:aa:2c:0c:67:ca:e1:8c:
b5:9c:48:08:e0:15:bc:d4:85:d0:98:01:02:e5:5f:
41:4a:0e:b2:38:63:33:94:b1:d9:f1:37:f1:58:28:
17:55:b4:4e:fd:f2:a5:a1:fc:5e:dd:c3:32:c1:c6:
35:fa:2f:1e:13:8e:fa:37:b6:6f:e2:26:d9:15:f8:
5f:9f:2c:83:3d:24:c6:c1:17:69:92:19:70:a5:13:
4c:fa:bf:e8:ad:20:f0:a9:3a:f2:cb:5d:c6:61:36:
ad:bc:ea:16:8b:cb:f8:a8:c7:93:a2:52:1c:fa:3e:
43:72:db:73:3d:79:4a:bf:f3:1b:96:55:e2:8b:07:
7b:df:22:8f:d4:28:a9:57:c2:d1:38:de:5f:80:90:
65:c6:67:51:3d:72:98:72:97:31:c1:02:aa:f0:b5:
3e:d5:5a:bf:3e:09:f7:df:d1:9b:c1:36:9d:ac:d3:
ac:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AF:65:D7:E7:B1:8D:6C:B0:6D:50:B0:E0:74:77:53:1B:48:CC:B6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xK9l1-exjWywbVCw4HR3UxtIzLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
92.60.34.0/24
93.92.228.0/22
95.214.144.0/22
185.106.124.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.245.34.0/23
193.26.152.0/22
193.35.88.0/22
194.38.56.0/22
212.80.208.0/22
212.115.44.0/22
Signature Algorithm: sha256WithRSAEncryption
69:a5:e3:2b:ee:3b:75:85:ea:1b:14:51:af:c3:f8:64:9c:43:
69:9c:19:a1:99:83:54:fc:8a:0d:5a:91:74:da:df:88:e1:84:
66:d0:35:dd:3b:04:53:fc:ef:70:c3:19:8d:9c:80:38:f6:7f:
13:d1:ef:91:42:60:0a:13:7c:db:d4:cf:38:0b:9b:02:d3:9d:
b5:15:3f:f1:8a:bf:70:19:ee:85:4b:a8:ff:d6:4c:0d:65:58:
4c:85:a4:1e:f4:e1:53:39:05:ba:ef:15:e6:cd:70:7b:b3:c8:
53:6d:4a:e5:9c:34:37:f7:fb:dc:2f:39:83:23:1a:72:9c:9d:
bf:79:d1:81:6d:4f:f9:93:96:4a:6c:73:c3:1c:c6:0c:3f:3e:
8f:b6:0c:65:98:ed:2c:6b:5d:7d:ea:ed:e5:7d:9e:ff:c9:ca:
dd:27:98:3f:33:95:9b:87:3a:22:e3:8a:9d:78:88:c5:a3:db:
d9:74:e4:1c:1f:ca:05:0a:52:26:bd:42:79:cf:c6:9f:e8:b7:
41:14:40:71:ec:96:2b:34:8d:e4:7f:fd:f2:f5:8e:56:66:11:
a7:66:b1:be:d2:e6:6d:0a:ba:5b:8c:cd:04:66:37:36:c6:4a:
82:31:29:4a:cc:00:72:eb:86:e8:6b:e2:1d:70:09:de:f3:a4:
a9:c7:09:6f
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZQiIFFFCxSq69KEu+AjM/ymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGFmNjVkN2U3YjE4ZDZjYjA2ZDUwYjBlMDc0Nzc1MzFiNDhjY2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv/uFwyBcDlRxfF1YzUpkDlJyDsh
0zx7l5tNtTfiO1ZSJnW17LDVo0J8B1Prpx8gKTs1iIv6wy9oU7CroQAMLYcugKsY
4Rz5Xut8pXKXz1dPbKosDGfK4Yy1nEgI4BW81IXQmAEC5V9BSg6yOGMzlLHZ8Tfx
WCgXVbRO/fKlofxe3cMywcY1+i8eE476N7Zv4ibZFfhfnyyDPSTGwRdpkhlwpRNM
+r/orSDwqTryy13GYTatvOoWi8v4qMeTolIc+j5DcttzPXlKv/MbllXiiwd73yKP
1CipV8LRON5fgJBlxmdRPXKYcpcxwQKq8LU+1Vq/Pgn339GbwTadrNOsAwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMSvZdfnsY1ssG1QsOB0d1MbSMy2MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveEs5bDEtZXhqV3l3YlZDdzRIUjNVeHRJekxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAlEV5AME
AlVzwAMEAliHQAMEAFw8IgMEAl1c5AMEAl/WkAMEArlqfAMEArmz5AMEArm9QAME
ArnTtAMEArnf3AMEArnjgAMEAbn1IgMEAsEamAMEAsEjWAMEAsImOAMEAtRQ0AME
AtRzLDANBgkqhkiG9w0BAQsFAAOCAQEAaaXjK+47dYXqGxRRr8P4ZJxDaZwZoZmD
VPyKDVqRdNrfiOGEZtA13TsEU/zvcMMZjZyAOPZ/E9HvkUJgChN829TPOAubAtOd
tRU/8Yq/cBnuhUuo/9ZMDWVYTIWkHvThUzkFuu8V5s1we7PIU21K5Zw0N/f73C85
gyMacpydv3nRgW1P+ZOWSmxzwxzGDD8+j7YMZZjtLGtdfert5X2e/8nK3SeYPzOV
m4c6IuOKnXiIxaPb2XTkHB/KBQpSJr1Cec/Gn+i3QRRAceyWKzSN5H/98vWOVmYR
p2axvtLmbQq6W4zNBGY3NsZKgjEpSswAcuuG6GviHXAJ3vOkqccJbw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:30:44 2025 by rpki-client