Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xlirBuMG-18UQxKDlaHnuoaxbp8.roa
File: xlirBuMG-18UQxKDlaHnuoaxbp8.roa (raw, json)
Hash identifier: IRhwnLnkAbVOBPdcMlOJGFqXTfvUv8Cf9I40gSl5OHE=
Subject key identifier: C6:58:AB:06:E3:06:FB:5F:14:43:12:83:95:A1:E7:BA:86:B1:6E:9F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422203A78114710699F91E89197175012
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xlirBuMG-18UQxKDlaHnuoaxbp8.roa
Signing time: Wed 01 Jan 2025 13:48:45 +0000
ROA not before: Wed 01 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202636
IP address blocks: 37.32.96.0/23 maxlen: 23
45.90.238.0/24 maxlen: 24
45.134.87.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
93.189.121.0/24 maxlen: 24
93.189.122.0/24 maxlen: 24
95.214.144.0/22 maxlen: 24
185.150.77.0/24 maxlen: 24
185.150.78.0/23 maxlen: 23
185.179.233.0/24 maxlen: 24
185.179.235.0/24 maxlen: 24
185.191.44.0/22 maxlen: 22
185.199.55.0/24 maxlen: 24
185.218.18.0/24 maxlen: 24
185.227.205.0/24 maxlen: 24
185.239.254.0/24 maxlen: 24
185.248.200.0/22 maxlen: 24
185.252.44.0/22 maxlen: 22
194.35.41.0/24 maxlen: 24
194.38.56.0/22 maxlen: 24
194.41.116.0/23 maxlen: 23
194.41.118.0/23 maxlen: 23
212.80.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 12:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3a:78:11:47:10:69:9f:91:e8:91:97:17:50:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c658ab06e306fb5f1443128395a1e7ba86b16e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8f:77:bf:31:fd:ad:1f:13:b7:af:07:dc:27:
c5:c8:82:31:97:6b:6c:ef:30:54:e8:f1:98:98:3f:
b8:34:44:c4:45:ae:5d:61:9c:75:db:a4:d4:58:72:
b4:b6:8e:08:ed:7c:9e:13:9b:7b:28:36:1c:30:46:
d4:fc:ec:5d:48:5e:58:7a:54:70:8b:06:55:73:9f:
8f:4d:26:e8:63:b6:a1:24:78:7c:6e:0a:71:2e:27:
47:17:e8:28:70:27:89:a9:91:53:7e:8d:0b:7b:47:
44:4e:24:d7:d6:96:59:41:77:c4:dc:5f:f9:0b:61:
99:23:9a:e1:14:78:84:2f:42:13:fe:72:6a:ba:a3:
c3:65:0b:9f:a9:bd:e7:70:4c:fa:dd:cd:9b:65:62:
89:7f:07:e9:bb:6f:cb:5b:64:24:f2:96:e3:3c:48:
e6:60:bb:03:cf:df:80:16:44:11:73:31:f8:57:97:
96:5e:5d:8b:d6:00:95:cb:40:5f:dc:dd:c4:bc:c7:
98:76:2e:41:2b:4f:4c:65:a9:57:12:d7:7f:b3:b6:
74:9c:1f:4c:8e:01:c3:2f:93:95:3d:82:09:31:6d:
9c:21:31:90:cc:31:e0:bb:12:7b:8c:8b:f8:81:14:
cf:00:4c:9e:a3:8a:0a:08:5f:85:6c:3b:81:cc:21:
52:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:58:AB:06:E3:06:FB:5F:14:43:12:83:95:A1:E7:BA:86:B1:6E:9F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xlirBuMG-18UQxKDlaHnuoaxbp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.96.0/23
45.90.238.0/24
45.134.87.0/24
93.92.228.0/22
93.189.121.0-93.189.122.255
95.214.144.0/22
185.150.77.0-185.150.79.255
185.179.233.0/24
185.179.235.0/24
185.191.44.0/22
185.199.55.0/24
185.218.18.0/24
185.227.205.0/24
185.239.254.0/24
185.248.200.0/22
185.252.44.0/22
194.35.41.0/24
194.38.56.0/22
194.41.116.0/22
212.80.208.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:ad:9f:d9:cf:cd:44:8a:9d:42:62:d6:ee:e8:4f:10:34:8b:
4d:02:40:60:4e:a5:06:dd:ce:92:9f:06:3c:1d:4b:c9:75:a6:
1b:54:e0:94:d4:fe:54:9c:47:24:99:64:eb:b0:8a:9c:67:59:
3a:42:2c:ff:ce:e1:28:1e:7f:00:15:49:fc:89:76:71:78:d6:
50:4a:dc:c3:ac:ae:60:01:e5:1b:e4:4d:ce:2d:29:a1:18:a6:
10:e4:17:1c:b9:da:d8:8c:af:3a:c0:13:40:45:fd:3b:bc:ce:
e5:c2:1b:a1:54:21:55:f6:ee:6a:55:dd:0a:43:7d:e9:a5:48:
29:dd:bd:37:cd:dc:87:f5:05:52:bb:05:69:55:0f:8c:14:8d:
ff:74:02:17:37:28:e1:4e:ca:3c:8c:67:e3:54:79:7b:05:d8:
29:7e:d0:da:00:40:fa:18:35:51:ea:57:7b:00:98:5a:fb:4a:
96:f4:d0:32:bc:aa:f2:fa:38:28:80:0c:93:59:c5:0c:72:c3:
54:ce:f1:a6:dc:56:80:7a:d1:40:1a:ea:ac:d2:be:65:ce:ff:
f1:f5:98:e5:b4:6e:bf:21:8f:4e:c3:13:29:cb:c8:9e:eb:97:
38:81:55:40:27:23:c8:d7:a5:a3:bd:f7:04:93:8d:c6:e2:e5:
05:cd:45:36
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZQiIDp4EUcQaZ+R6JGXF1ASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjU4YWIwNmUzMDZmYjVmMTQ0MzEyODM5NWExZTdiYTg2YjE2ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo493vzH9rR8Tt68H3CfFyIIxl2ts
7zBU6PGYmD+4NETERa5dYZx126TUWHK0to4I7XyeE5t7KDYcMEbU/OxdSF5YelRw
iwZVc5+PTSboY7ahJHh8bgpxLidHF+gocCeJqZFTfo0Le0dETiTX1pZZQXfE3F/5
C2GZI5rhFHiEL0IT/nJquqPDZQufqb3ncEz63c2bZWKJfwfpu2/LW2Qk8pbjPEjm
YLsDz9+AFkQRczH4V5eWXl2L1gCVy0Bf3N3EvMeYdi5BK09MZalXEtd/s7Z0nB9M
jgHDL5OVPYIJMW2cITGQzDHguxJ7jIv4gRTPAEyeo4oKCF+FbDuBzCFSDQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFMZYqwbjBvtfFEMSg5Wh57qGsW6fMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveGxpckJ1TUctMThVUXhLRGxhSG51b2F4YnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAEl
IGADBAAtWu4DBAAthlcDBAJdXOQwDAMEAF29eQMEAF29egMEAl/WkDAMAwQAuZZN
AwQEuZZAAwQAubPpAwQAubPrAwQCub8sAwQAucc3AwQAudoSAwQAuePNAwQAue/+
AwQCufjIAwQCufwsAwQAwiMpAwQCwiY4AwQCwil0AwQC1FDQMA0GCSqGSIb3DQEB
CwUAA4IBAQCrrZ/Zz81Eip1CYtbu6E8QNItNAkBgTqUG3c6SnwY8HUvJdaYbVOCU
1P5UnEckmWTrsIqcZ1k6Qiz/zuEoHn8AFUn8iXZxeNZQStzDrK5gAeUb5E3OLSmh
GKYQ5BccudrYjK86wBNARf07vM7lwhuhVCFV9u5qVd0KQ33ppUgp3b03zdyH9QVS
uwVpVQ+MFI3/dAIXNyjhTso8jGfjVHl7BdgpftDaAED6GDVR6ld7AJha+0qW9NAy
vKry+jgogAyTWcUMcsNUzvGm3FaAetFAGuqs0r5lzv/x9ZjltG6/IY9OwxMpy8ie
65c4gVVAJyPI16WjvfcEk43G4uUFzUU2
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:39:42 2025 by rpki-client