Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/XGKTytJctrA-CLduwa45q00sPao.roa
File: XGKTytJctrA-CLduwa45q00sPao.roa (raw, json)
Hash identifier: 2uWYJm7jiG2BoCLJNHVjOHtziS4tFQxX3dwyPjxHt8U=
Subject key identifier: 5C:62:93:CA:D2:5C:B6:B0:3E:08:B7:6E:C1:AE:39:AB:4D:2C:3D:AA
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 018C57A0BBB4B838DF7C4463889CC153B791
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/XGKTytJctrA-CLduwa45q00sPao.roa
Signing time: Mon 11 Dec 2023 06:46:40 +0000
ROA not before: Mon 11 Dec 2023 06:46:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8400
IP address blocks: 178.220.0.0/15 maxlen: 15
109.92.0.0/15 maxlen: 15
93.87.0.0/16 maxlen: 16
178.223.128.0/18 maxlen: 18
93.87.38.0/24 maxlen: 24
109.122.77.0/24 maxlen: 24
77.46.128.0/17 maxlen: 17
212.200.52.0/24 maxlen: 24
5.154.225.0/24 maxlen: 24
79.101.0.0/16 maxlen: 16
212.200.0.0/21 maxlen: 21
212.200.0.0/17 maxlen: 17
93.87.39.0/24 maxlen: 24
195.178.32.0/19 maxlen: 19
93.87.50.0/24 maxlen: 24
212.200.0.0/16 maxlen: 16
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
93.87.58.0/24 maxlen: 24
178.222.0.0/16 maxlen: 16
178.223.192.0/19 maxlen: 19
212.200.51.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.45.0/24 maxlen: 24
185.190.152.0/22 maxlen: 22
212.200.192.0/19 maxlen: 19
91.150.64.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.66.0/24 maxlen: 24
79.101.21.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.132.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
93.86.0.0/16 maxlen: 16
93.86.0.0/15 maxlen: 15
178.223.0.0/17 maxlen: 17
91.150.91.0/24 maxlen: 24
212.200.224.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.225.0/24 maxlen: 24
212.200.232.0/21 maxlen: 21
212.200.228.0/22 maxlen: 22
212.200.240.0/20 maxlen: 20
2a06:63c0::/29 maxlen: 29
2a00:e90::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:a0:bb:b4:b8:38:df:7c:44:63:88:9c:c1:53:b7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Dec 11 06:46:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c6293cad25cb6b03e08b76ec1ae39ab4d2c3daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:30:14:9e:dd:40:8c:a4:0a:01:d6:8f:33:c7:
bf:19:f1:03:42:e4:c0:bc:47:b8:ba:14:a7:b1:b2:
ec:e8:89:26:40:5a:f0:74:52:2c:54:dd:26:4a:77:
d8:04:01:7b:54:b3:33:c2:77:34:73:47:16:fd:09:
95:ea:ed:66:4d:11:c4:d3:26:13:c1:01:b3:fd:3c:
f7:7b:6f:c8:c8:52:08:78:c1:64:56:07:d8:9b:0e:
0e:52:5e:26:3b:38:13:84:45:b9:18:ae:89:84:a4:
be:d2:5a:b7:6a:36:62:8e:25:43:d6:fa:41:9b:2d:
e4:d1:2c:ba:3e:30:95:32:70:22:47:a7:82:26:6a:
12:e3:1c:74:44:7b:a8:f3:b1:f2:71:b0:31:70:f2:
6c:65:2e:e7:d4:e0:0b:f8:be:f8:33:50:69:59:77:
55:18:73:a0:ce:82:3b:ca:37:91:43:ed:fb:5b:6f:
92:b6:4b:6e:32:63:2f:36:91:5c:0e:5d:82:26:04:
8b:e7:56:6a:db:e6:58:27:29:99:ae:cc:67:93:e9:
7f:67:50:ba:3b:ff:9d:7e:9d:69:02:ac:a2:e8:c8:
30:06:78:6f:87:8c:84:86:e9:99:ad:c5:2d:0c:b0:
42:f7:97:4f:08:29:32:f0:37:b8:ce:4b:51:89:cb:
f4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:62:93:CA:D2:5C:B6:B0:3E:08:B7:6E:C1:AE:39:AB:4D:2C:3D:AA
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/XGKTytJctrA-CLduwa45q00sPao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
77.46.128.0/17
79.101.0.0/16
91.150.64.0/18
93.86.0.0/15
109.92.0.0/15
109.122.77.0/24
178.220.0.0-178.223.223.255
185.190.152.0/22
195.178.32.0/19
212.200.0.0/16
IPv6:
2a00:e90::/32
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
80:c6:bb:f3:81:28:fa:ba:c5:10:3b:78:de:ca:bc:75:01:39:
ec:2d:87:67:6e:42:78:98:56:df:22:28:b9:67:c2:a3:7e:6c:
47:ff:50:c2:7a:46:17:66:7f:a5:97:ec:e5:4d:45:1b:a8:fc:
77:08:75:3c:7d:f1:48:22:30:40:64:8d:c5:67:6a:a0:b6:a3:
11:77:2c:57:1a:fd:d6:e5:9e:c6:90:d7:c1:b4:a9:c5:e5:6d:
87:50:8d:8c:61:a8:0e:3e:83:0a:5a:66:61:2f:8c:7f:6f:18:
3d:95:80:f0:b6:ff:e8:eb:28:9f:dc:cc:c6:64:b8:4b:41:0e:
d9:39:9b:f1:0c:ce:63:ed:18:a5:9d:1c:7a:71:81:83:60:e7:
bf:c5:0b:1f:39:13:60:26:75:08:94:25:8c:6c:15:ec:3b:74:
41:0e:0c:ef:fb:66:a7:60:75:90:60:a3:9a:8d:e3:24:b8:db:
60:22:f5:13:21:bc:93:81:1c:d6:c2:eb:a6:6a:6c:43:34:c4:
61:82:1a:d8:b1:4c:99:a6:3f:6b:6b:e1:54:ce:a0:da:f8:d4:
de:9b:f2:fd:f3:a9:7a:55:17:d3:79:4f:f8:44:a7:1c:16:f4:
5b:f4:8e:d3:7b:84:09:66:1b:db:30:c5:98:80:ce:13:eb:e0:
a2:c2:d0:be
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYxXoLu0uDjffERjiJzBU7eRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjMxMjExMDY0NjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzYyOTNjYWQyNWNiNmIwM2UwOGI3NmVjMWFlMzlhYjRkMmMzZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTAUnt1AjKQKAdaPM8e/GfEDQuTA
vEe4uhSnsbLs6IkmQFrwdFIsVN0mSnfYBAF7VLMzwnc0c0cW/QmV6u1mTRHE0yYT
wQGz/Tz3e2/IyFIIeMFkVgfYmw4OUl4mOzgThEW5GK6JhKS+0lq3ajZijiVD1vpB
my3k0Sy6PjCVMnAiR6eCJmoS4xx0RHuo87HycbAxcPJsZS7n1OAL+L74M1BpWXdV
GHOgzoI7yjeRQ+37W2+StktuMmMvNpFcDl2CJgSL51Zq2+ZYJymZrsxnk+l/Z1C6
O/+dfp1pAqyi6MgwBnhvh4yEhumZrcUtDLBC95dPCCky8De4zktRicv0kQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFFxik8rSXLawPgi3bsGuOatNLD2qMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvWEdLVHl0SmN0ckEtQ0xkdXdhNDVxMDBzUGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBLBAIAATBFAwQABZrhAwQH
TS6AAwMAT2UDBAZblkADAwFdVgMDAW1cAwQAbXpNMAsDAwKy3AMEBbLfwAMEArm+
mAMEBcOyIAMDANTIMBQEAgACMA4DBQAqAA6QAwUDKgZjwDANBgkqhkiG9w0BAQsF
AAOCAQEAgMa784Eo+rrFEDt43sq8dQE57C2HZ25CeJhW3yIouWfCo35sR/9QwnpG
F2Z/pZfs5U1FG6j8dwh1PH3xSCIwQGSNxWdqoLajEXcsVxr91uWexpDXwbSpxeVt
h1CNjGGoDj6DClpmYS+Mf28YPZWA8Lb/6Oson9zMxmS4S0EO2Tmb8QzOY+0YpZ0c
enGBg2Dnv8ULHzkTYCZ1CJQljGwV7Dt0QQ4M7/tmp2B1kGCjmo3jJLjbYCL1EyG8
k4Ec1sLrpmpsQzTEYYIa2LFMmaY/a2vhVM6g2vjU3pvy/fOpelUX03lP+ESnHBb0
W/SO03uECWYb2zDFmIDOE+vgosLQvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:32 2024 by rpki-client on console-fra.rpki-client.org