Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xMLMGQ2FC2AAEs1UXdAq-QlSkZ4.roa
File: xMLMGQ2FC2AAEs1UXdAq-QlSkZ4.roa (raw, json)
Hash identifier: Xu1CeZQSH1N3TI3V8pMJEP3igJUuLqXK3A53yxkMlvI=
Subject key identifier: C4:C2:CC:19:0D:85:0B:60:00:12:CD:54:5D:D0:2A:F9:09:52:91:9E
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC47AE8B91B1D04FBC6BCAC5404736C39
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xMLMGQ2FC2AAEs1UXdAq-QlSkZ4.roa
Signing time: Mon 01 Jan 2024 10:03:58 +0000
ROA not before: Mon 01 Jan 2024 10:03:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 83.137.159.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
88.151.57.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.151.62.0/24 maxlen: 24
2.58.168.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
5.182.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 07:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:7a:e8:b9:1b:1d:04:fb:c6:bc:ac:54:04:73:6c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 10:03:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4c2cc190d850b600012cd545dd02af90952919e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:05:45:f8:12:9d:8f:16:0a:a3:cd:b7:99:d6:
ce:bb:7d:99:e3:dd:a0:b4:e6:0d:24:3c:8d:d4:7f:
84:ae:d7:b3:b7:a6:65:41:a0:2d:2c:18:11:77:40:
8c:a4:34:fe:35:35:98:18:b1:35:91:d5:48:d1:fc:
c6:8a:56:3f:9a:29:f9:51:ef:96:98:56:f8:f6:a5:
57:af:12:f0:a8:f7:fa:40:67:75:17:f1:a0:14:43:
f6:3b:d8:b7:49:af:a4:d6:71:a1:dc:00:3a:b8:ee:
40:5b:7b:67:13:a0:5d:93:80:53:89:7f:71:77:eb:
55:28:cb:9f:09:34:75:31:4b:dc:93:27:29:b8:d2:
3c:7e:b0:59:fb:75:2d:14:a3:36:fd:29:22:28:0b:
a8:cf:13:27:7c:8a:67:ce:ec:36:b7:4d:45:1b:74:
32:f4:76:8f:65:91:51:76:3f:8e:24:10:f7:2b:e5:
af:df:3d:a9:b7:dd:0a:d3:48:a4:94:6f:26:1a:bf:
8a:95:4c:21:5e:f3:45:27:d2:cd:23:78:f7:b6:a3:
11:ce:c3:00:3e:7e:87:f3:25:3d:7c:73:71:e4:bc:
b6:ac:91:2c:bb:cc:01:f8:37:a2:31:ce:81:0f:c0:
2b:ba:d8:14:b2:5e:33:cb:e8:00:43:72:98:9f:14:
f2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C2:CC:19:0D:85:0B:60:00:12:CD:54:5D:D0:2A:F9:09:52:91:9E
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/xMLMGQ2FC2AAEs1UXdAq-QlSkZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0-2.58.170.255
5.182.114.0/24
77.242.156.0/24
77.242.158.0/24
83.137.159.0/24
88.151.57.0-88.151.58.255
88.151.62.0/24
88.209.195.0/24
88.209.217.0/24
88.209.226.0/24
Signature Algorithm: sha256WithRSAEncryption
23:3a:40:34:02:48:83:93:95:3a:2c:0b:88:f6:10:83:38:82:
06:f9:95:48:4e:38:ce:09:37:d3:42:f0:08:9f:b5:62:8a:2a:
fa:e1:98:d4:c6:9b:9b:12:24:69:bd:e6:92:51:b6:1f:f8:ff:
99:31:8f:4f:0e:97:ea:86:9d:26:44:1c:fb:3a:36:7d:34:a7:
78:f3:69:67:3a:74:52:17:2b:db:50:00:35:4b:d7:b2:c7:3f:
0f:03:87:8c:d6:70:01:00:a0:b1:71:2e:57:3c:a7:bd:f4:48:
1d:6c:b3:13:e8:0c:a6:2b:76:2e:e4:64:fb:28:45:94:62:81:
c8:fd:ec:1a:57:85:a2:19:77:21:5c:c4:b1:d7:38:dc:6a:25:
b6:87:56:96:4d:2b:60:a1:df:63:00:08:7e:bd:bb:cc:5b:f0:
d6:86:9e:8e:0d:77:0a:31:04:11:95:00:37:8f:1c:d3:da:1e:
a4:0a:cc:53:ee:6b:7f:21:fd:09:b6:ea:45:38:1f:f0:1d:75:
9a:f9:bb:59:a6:05:86:c0:a2:a9:0c:8c:48:81:2d:d2:f1:58:
3c:f4:15:34:46:a9:be:b4:ab:83:cd:5f:92:57:49:ba:29:a6:
18:d3:06:b5:58:8c:96:15:6c:ee:0a:df:22:12:05:52:dd:37:
51:cf:4f:46
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzEeui5Gx0E+8a8rFQEc2w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMTAwMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGMyY2MxOTBkODUwYjYwMDAxMmNkNTQ1ZGQwMmFmOTA5NTI5MTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggVF+BKdjxYKo823mdbOu32Z492g
tOYNJDyN1H+Ertezt6ZlQaAtLBgRd0CMpDT+NTWYGLE1kdVI0fzGilY/min5Ue+W
mFb49qVXrxLwqPf6QGd1F/GgFEP2O9i3Sa+k1nGh3AA6uO5AW3tnE6Bdk4BTiX9x
d+tVKMufCTR1MUvckycpuNI8frBZ+3UtFKM2/SkiKAuozxMnfIpnzuw2t01FG3Qy
9HaPZZFRdj+OJBD3K+Wv3z2pt90K00iklG8mGr+KlUwhXvNFJ9LNI3j3tqMRzsMA
Pn6H8yU9fHNx5Ly2rJEsu8wB+DeiMc6BD8ArutgUsl4zy+gAQ3KYnxTy+QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMTCzBkNhQtgABLNVF3QKvkJUpGeMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEveE1MTUdRMkZDMkFBRXMxVVhkQXEtUWxTa1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAMCOqgD
BAACOqoDBAAFtnIDBABN8pwDBABN8p4DBABTiZ8wDAMEAFiXOQMEAFiXOgMEAFiX
PgMEAFjRwwMEAFjR2QMEAFjR4jANBgkqhkiG9w0BAQsFAAOCAQEAIzpANAJIg5OV
OiwLiPYQgziCBvmVSE44zgk300LwCJ+1Yooq+uGY1MabmxIkab3mklG2H/j/mTGP
Tw6X6oadJkQc+zo2fTSnePNpZzp0Uhcr21AANUvXssc/DwOHjNZwAQCgsXEuVzyn
vfRIHWyzE+gMpit2LuRk+yhFlGKByP3sGleFohl3IVzEsdc43GoltodWlk0rYKHf
YwAIfr27zFvw1oaejg13CjEEEZUAN48c09oepArMU+5rfyH9CbbqRTgf8B11mvm7
WaYFhsCiqQyMSIEt0vFYPPQVNEapvrSrg81fkldJuimmGNMGtViMlhVs7grfIhIF
Ut03Uc9PRg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org