Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/XycdKfZNs2ta5Bzm6KPV9iJfZ-E.roa
File: XycdKfZNs2ta5Bzm6KPV9iJfZ-E.roa (raw, json)
Hash identifier: w1BbNqmXVcEto5n/CRtDHiKOKy7RyDH7eGtWCUk7AOc=
Subject key identifier: 5F:27:1D:29:F6:4D:B3:6B:5A:E4:1C:E6:E8:A3:D5:F6:22:5F:67:E1
Certificate issuer: /CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Certificate serial: 0185719B9F4C1BAB0D61D4548AD213A87E99
Authority key identifier: 29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/XycdKfZNs2ta5Bzm6KPV9iJfZ-E.roa
Signing time: Mon 02 Jan 2023 08:31:42 +0000
ROA not before: Mon 02 Jan 2023 08:31:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16019
IP address blocks: 62.245.64.0/18 maxlen: 18
46.167.224.0/19 maxlen: 19
62.245.96.0/19 maxlen: 19
46.167.192.0/19 maxlen: 19
46.167.192.0/18 maxlen: 18
62.245.64.0/19 maxlen: 19
84.242.96.0/19 maxlen: 19
109.107.192.0/19 maxlen: 19
93.90.160.0/20 maxlen: 20
31.30.0.0/17 maxlen: 17
84.242.64.0/19 maxlen: 19
31.30.0.0/16 maxlen: 16
84.242.64.0/18 maxlen: 18
213.220.224.0/19 maxlen: 19
88.146.192.0/18 maxlen: 18
89.103.0.0/16 maxlen: 16
84.42.128.0/17 maxlen: 17
141.170.128.0/18 maxlen: 18
84.42.128.0/18 maxlen: 18
141.170.128.0/19 maxlen: 19
213.220.192.0/19 maxlen: 19
213.220.192.0/18 maxlen: 18
93.99.128.0/17 maxlen: 17
86.49.0.0/17 maxlen: 17
86.49.0.0/16 maxlen: 16
94.113.0.0/16 maxlen: 16
89.177.0.0/16 maxlen: 16
86.49.128.0/17 maxlen: 17
84.42.192.0/18 maxlen: 18
141.170.160.0/19 maxlen: 19
80.95.96.0/19 maxlen: 19
31.169.128.0/17 maxlen: 17
31.169.128.0/18 maxlen: 18
188.95.120.0/21 maxlen: 21
78.45.0.0/16 maxlen: 16
81.27.200.0/21 maxlen: 21
77.48.0.0/17 maxlen: 17
77.48.0.0/16 maxlen: 16
94.112.0.0/16 maxlen: 16
89.176.0.0/16 maxlen: 16
94.112.0.0/15 maxlen: 15
89.176.0.0/15 maxlen: 15
78.102.0.0/17 maxlen: 17
89.102.0.0/16 maxlen: 16
78.102.0.0/16 maxlen: 16
89.102.0.0/15 maxlen: 15
62.240.160.0/20 maxlen: 20
62.240.160.0/19 maxlen: 19
62.240.176.0/20 maxlen: 20
88.146.128.0/18 maxlen: 18
88.146.128.0/17 maxlen: 17
93.99.0.0/17 maxlen: 17
31.169.192.0/18 maxlen: 18
77.48.128.0/17 maxlen: 17
93.99.0.0/16 maxlen: 16
78.102.128.0/17 maxlen: 17
78.44.0.0/16 maxlen: 16
178.77.192.0/19 maxlen: 19
78.44.0.0/15 maxlen: 15
46.135.0.0/16 maxlen: 16
178.77.192.0/18 maxlen: 18
178.77.224.0/19 maxlen: 19
213.192.0.0/18 maxlen: 18
213.192.0.0/19 maxlen: 19
213.192.32.0/19 maxlen: 19
217.77.160.0/20 maxlen: 20
31.30.128.0/17 maxlen: 17
62.24.64.0/19 maxlen: 19
62.24.64.0/20 maxlen: 20
62.24.80.0/20 maxlen: 20
82.142.64.0/18 maxlen: 18
81.27.192.0/21 maxlen: 21
81.27.192.0/20 maxlen: 20
2a02:8300::/28 maxlen: 28
2a00:11b0::/29 maxlen: 29
2a02:8300::/29 maxlen: 29
2a02:8308::/29 maxlen: 29
2a01:5e0:8000::/33 maxlen: 33
2a01:5e0::/33 maxlen: 33
2a01:5e0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9b:9f:4c:1b:ab:0d:61:d4:54:8a:d2:13:a8:7e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29fb7da3b44e41b32369e4a5c790d3081fc69aa9
Validity
Not Before: Jan 2 08:31:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f271d29f64db36b5ae41ce6e8a3d5f6225f67e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ac:d0:24:e1:1d:5e:4c:72:19:48:13:29:f2:
06:c0:b1:ab:b7:4b:fa:25:f9:71:56:c7:fe:d9:6a:
1c:82:43:64:70:55:f7:4e:ed:61:44:a3:00:33:13:
0c:6b:15:74:55:89:ee:5e:51:e6:59:b6:6c:ef:9e:
fe:e9:a3:8e:6a:15:7a:0b:35:89:a9:76:7e:4e:f5:
18:68:8d:f8:75:03:a4:dc:1d:ca:f5:18:d6:90:51:
06:70:d8:41:f5:33:4b:b0:c7:cc:ca:a6:01:88:aa:
fe:b5:7b:06:aa:2f:ca:6f:ec:2a:6b:91:38:63:12:
8b:af:ab:26:ad:71:18:7f:2e:ba:d1:16:ed:27:36:
95:0c:45:0a:a4:31:b1:36:b0:75:e0:8c:6e:16:6a:
4b:8c:c7:d6:58:57:e4:93:7e:6e:59:b1:6c:94:e0:
f4:ef:7c:71:c6:37:7a:c6:93:2a:c2:2e:9a:98:fb:
24:f9:26:80:2a:d3:6a:58:5c:d7:e1:48:ad:35:d9:
d7:39:74:1f:68:1b:49:61:2f:1e:e0:e8:e9:aa:a0:
34:81:d6:24:eb:24:44:74:a8:c2:87:4c:92:82:e9:
2b:9c:bd:4d:d9:fe:21:fe:36:21:cc:6f:b7:2a:79:
bf:07:bc:1b:48:08:50:89:30:e3:d5:84:24:9f:2b:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:27:1D:29:F6:4D:B3:6B:5A:E4:1C:E6:E8:A3:D5:F6:22:5F:67:E1
X509v3 Authority Key Identifier:
keyid:29:FB:7D:A3:B4:4E:41:B3:23:69:E4:A5:C7:90:D3:08:1F:C6:9A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/XycdKfZNs2ta5Bzm6KPV9iJfZ-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17a016-26c7-424c-862f-bcac8b552a9a/1/Kft9o7ROQbMjaeSlx5DTCB_Gmqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.30.0.0/16
31.169.128.0/17
46.135.0.0/16
46.167.192.0/18
62.24.64.0/19
62.240.160.0/19
62.245.64.0/18
77.48.0.0/16
78.44.0.0/15
78.102.0.0/16
80.95.96.0/19
81.27.192.0/20
82.142.64.0/18
84.42.128.0/17
84.242.64.0/18
86.49.0.0/16
88.146.128.0/17
89.102.0.0/15
89.176.0.0/15
93.90.160.0/20
93.99.0.0/16
94.112.0.0/15
109.107.192.0/19
141.170.128.0/18
178.77.192.0/18
188.95.120.0/21
213.192.0.0/18
213.220.192.0/18
217.77.160.0/20
IPv6:
2a00:11b0::/29
2a01:5e0::/32
2a02:8300::/28
Signature Algorithm: sha256WithRSAEncryption
8a:f4:3a:14:80:66:40:77:ef:07:7f:48:55:b5:08:60:80:47:
07:37:63:d5:f4:03:99:e0:06:c8:09:19:bd:cd:e2:ba:b8:9e:
7a:e0:2d:6a:d0:af:2f:a9:50:1a:20:58:47:70:e6:f3:8f:f5:
26:7e:2e:88:4a:fb:64:fc:d6:47:d9:d0:7c:db:71:39:4c:e4:
cc:0e:e6:f4:d8:25:04:dd:15:34:62:c5:4b:4c:f5:fc:fd:3e:
8f:73:60:7a:b6:f0:c1:e3:4b:4a:6e:ca:e2:fe:26:d9:34:21:
26:56:38:4f:6a:5b:7d:7b:fe:a1:4f:02:e3:2b:39:25:d9:5a:
f0:ee:74:e4:11:16:13:c2:3b:64:5d:9f:79:71:0d:dc:54:d0:
0d:75:6b:91:0d:f2:10:84:35:a9:53:73:d3:04:75:27:07:24:
5a:d8:1d:0a:30:e7:31:4c:8a:bb:d8:72:6f:37:89:80:99:fb:
0e:e9:34:25:2a:a6:16:9c:19:a3:7a:14:0c:09:d1:12:30:51:
e0:18:f0:2b:20:ba:14:1e:50:d5:ca:ee:5c:5c:0b:68:23:7c:
2f:3e:45:2b:68:5e:d1:9a:3a:10:f6:ba:46:d3:92:87:72:e5:
e8:e9:c0:f2:7f:ec:70:70:d9:14:c2:85:9d:cb:af:b9:62:21:
2b:10:56:fd
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgISAYVxm59MG6sNYdRUitITqH6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmI3ZGEzYjQ0ZTQxYjMyMzY5ZTRhNWM3OTBkMzA4MWZj
NjlhYTkwHhcNMjMwMTAyMDgzMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI3MWQyOWY2NGRiMzZiNWFlNDFjZTZlOGEzZDVmNjIyNWY2N2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnazQJOEdXkxyGUgTKfIGwLGrt0v6
JflxVsf+2WocgkNkcFX3Tu1hRKMAMxMMaxV0VYnuXlHmWbZs757+6aOOahV6CzWJ
qXZ+TvUYaI34dQOk3B3K9RjWkFEGcNhB9TNLsMfMyqYBiKr+tXsGqi/Kb+wqa5E4
YxKLr6smrXEYfy660RbtJzaVDEUKpDGxNrB14IxuFmpLjMfWWFfkk35uWbFslOD0
73xxxjd6xpMqwi6amPsk+SaAKtNqWFzX4UitNdnXOXQfaBtJYS8e4OjpqqA0gdYk
6yREdKjCh0ySgukrnL1N2f4h/jYhzG+3Knm/B7wbSAhQiTDj1YQknysmHQIDAQAB
o4ICyTCCAsUwHQYDVR0OBBYEFF8nHSn2TbNrWuQc5uij1fYiX2fhMB8GA1UdIwQY
MBaAFCn7faO0TkGzI2nkpceQ0wgfxpqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYt
YmNhYzhiNTUyYTlhLzEvWHljZEtmWk5zMnRhNUJ6bTZLUFY5aUpmWi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xN2EwMTYtMjZjNy00MjRjLTg2MmYtYmNhYzhiNTUyYTlh
LzEvS2Z0OW83Uk9RYk1qYWVTbHg1RFRDQl9HbXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHeBggrBgEFBQcBBwEB/wSBzjCByzCBqwQCAAEwgaQDAwAf
HgMEBx+pgAMDAC6HAwQGLqfAAwQFPhhAAwQFPvCgAwQGPvVAAwMATTADAwFOLAMD
AE5mAwQFUF9gAwQEURvAAwQGUo5AAwQHVCqAAwQGVPJAAwMAVjEDBAdYkoADAwFZ
ZgMDAVmwAwQEXVqgAwMAXWMDAwFecAMEBW1rwAMEBo2qgAMEBrJNwAMEA7xfeAME
BtXAAAMEBtXcwAMEBNlNoDAbBAIAAjAVAwUDKgARsAMFACoBBeADBQQqAoMAMA0G
CSqGSIb3DQEBCwUAA4IBAQCK9DoUgGZAd+8Hf0hVtQhggEcHN2PV9AOZ4AbICRm9
zeK6uJ564C1q0K8vqVAaIFhHcObzj/Umfi6ISvtk/NZH2dB823E5TOTMDub02CUE
3RU0YsVLTPX8/T6Pc2B6tvDB40tKbsri/ibZNCEmVjhPalt9e/6hTwLjKzkl2Vrw
7nTkERYTwjtkXZ95cQ3cVNANdWuRDfIQhDWpU3PTBHUnByRa2B0KMOcxTIq72HJv
N4mAmfsO6TQlKqYWnBmjehQMCdESMFHgGPArILoUHlDVyu5cXAtoI3wvPkUraF7R
mjoQ9rpG05KHcuXo6cDyf+xwcNkUwoWdy6+5YiErEFb9
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:31 2024 by rpki-client on console-fra.rpki-client.org