Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/X28UwwXN92PGSCxkKHom43KHXHQ.roa
File: X28UwwXN92PGSCxkKHom43KHXHQ.roa (raw, json)
Hash identifier: w4J5ZnU95L/Vo2epsfaE+ejKnFeojxQ115vCQdg0qiA=
Subject key identifier: 5F:6F:14:C3:05:CD:F7:63:C6:48:2C:64:28:7A:26:E3:72:87:5C:74
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 018D169877152999381BE32938DE8B4E8931
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/X28UwwXN92PGSCxkKHom43KHXHQ.roa
Signing time: Wed 17 Jan 2024 08:45:07 +0000
ROA not before: Wed 17 Jan 2024 08:45:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 21:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:16:98:77:15:29:99:38:1b:e3:29:38:de:8b:4e:89:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Jan 17 08:45:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f6f14c305cdf763c6482c64287a26e372875c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c7:75:47:dc:e7:b7:56:ff:95:4b:d1:5b:b6:
c9:c2:99:5a:67:6f:67:99:a1:09:db:83:03:7e:2a:
c1:72:35:cd:45:59:bc:35:c1:57:17:aa:c0:43:c7:
f9:80:89:18:0e:fc:51:50:dc:a9:e0:c2:04:06:53:
2e:e5:22:a7:2c:a2:0d:fa:0c:9e:12:49:2c:ed:49:
3a:68:5e:40:fc:2f:ed:dc:80:76:e6:32:8b:ae:af:
13:b1:4a:97:7e:f4:68:2e:3e:cf:b7:0c:0f:7f:5a:
fe:d7:f7:86:bd:a7:e4:38:be:c1:85:22:0e:13:0d:
16:3c:ee:a6:1b:8b:75:93:42:b3:d9:03:19:b5:d4:
3c:1c:5e:a7:de:27:d0:87:88:cf:57:ce:14:fd:79:
af:1d:2d:0e:97:d9:c1:ba:b8:97:e2:b5:7d:02:af:
8f:2b:9a:c9:34:f4:a6:5f:01:31:f1:4c:1a:79:bb:
f6:54:8e:78:b0:4a:f8:af:59:42:83:6a:5e:50:0b:
5f:f0:9d:eb:94:74:ad:51:30:3d:12:f2:53:ad:27:
49:be:a1:f6:d4:46:5f:17:fc:96:d5:d9:5e:d0:2c:
4e:69:66:e9:0f:6d:3b:1a:12:91:b2:28:a2:40:06:
e0:da:ca:2b:8a:1b:ff:ad:0c:15:24:9e:92:bc:de:
75:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6F:14:C3:05:CD:F7:63:C6:48:2C:64:28:7A:26:E3:72:87:5C:74
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/X28UwwXN92PGSCxkKHom43KHXHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0-85.117.119.255
185.57.72.0/22
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300e::/47
Signature Algorithm: sha256WithRSAEncryption
1b:3d:34:da:89:86:51:36:b3:17:4a:c0:46:20:51:0b:b8:75:
83:ed:af:74:7d:9a:80:d9:92:df:8a:7c:fb:1c:b6:b9:59:53:
51:0e:95:be:c2:03:c4:8c:73:27:29:03:60:21:12:45:a7:7a:
de:70:56:ad:77:43:53:3b:ae:03:13:8c:e0:2d:4f:42:54:16:
62:f5:9f:f9:a7:ee:0f:51:88:e0:85:09:6f:b0:e1:27:e3:17:
07:69:9c:27:36:07:42:13:04:86:09:8e:88:71:1b:86:98:f2:
e1:cb:ff:b1:36:36:d9:eb:cc:2a:27:f8:78:43:7f:40:37:c3:
f0:ec:da:15:e4:20:5b:46:04:1c:96:cf:f8:0c:1d:68:98:6a:
26:66:84:c0:67:f2:0a:c2:04:43:39:66:91:b4:7f:cb:89:5a:
e9:ba:8c:34:3f:71:5d:90:e6:b5:0c:5a:29:ae:ac:5d:cd:ae:
9f:5c:e5:8b:f6:2c:39:38:6d:21:4d:23:bf:19:de:91:72:f4:
57:15:4b:4e:18:4b:e4:d9:20:52:15:35:cd:6f:76:6f:38:7f:
7a:d1:e6:5f:52:67:87:0e:e6:a2:76:a9:c3:8f:7a:1b:14:07:
52:ee:07:71:a6:37:86:7f:66:d2:0e:3f:d0:9d:d1:dc:d8:84:
22:e8:0d:00
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY0WmHcVKZk4G+MpON6LTokxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjQwMTE3MDg0NTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZmMTRjMzA1Y2RmNzYzYzY0ODJjNjQyODdhMjZlMzcyODc1Yzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMd1R9znt1b/lUvRW7bJwplaZ29n
maEJ24MDfirBcjXNRVm8NcFXF6rAQ8f5gIkYDvxRUNyp4MIEBlMu5SKnLKIN+gye
Ekks7Uk6aF5A/C/t3IB25jKLrq8TsUqXfvRoLj7PtwwPf1r+1/eGvafkOL7BhSIO
Ew0WPO6mG4t1k0Kz2QMZtdQ8HF6n3ifQh4jPV84U/XmvHS0Ol9nBuriX4rV9Aq+P
K5rJNPSmXwEx8Uwaebv2VI54sEr4r1lCg2peUAtf8J3rlHStUTA9EvJTrSdJvqH2
1EZfF/yW1dle0CxOaWbpD207GhKRsiiiQAbg2sorihv/rQwVJJ6SvN511QIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFF9vFMMFzfdjxkgsZCh6JuNyh1x0MB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvWDI4VXd3WE45MlBHU0N4a0tIb200M0tIWEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwPAQCAAEwNjAMAwQFVXVg
AwQDVXVwAwQCuTlIAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDA3
BAIAAjAxMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGAMH
ASoDMsAwDjANBgkqhkiG9w0BAQsFAAOCAQEAGz002omGUTazF0rARiBRC7h1g+2v
dH2agNmS34p8+xy2uVlTUQ6VvsIDxIxzJykDYCESRad63nBWrXdDUzuuAxOM4C1P
QlQWYvWf+afuD1GI4IUJb7DhJ+MXB2mcJzYHQhMEhgmOiHEbhpjy4cv/sTY22evM
Kif4eEN/QDfD8OzaFeQgW0YEHJbP+AwdaJhqJmaEwGfyCsIEQzlmkbR/y4la6bqM
ND9xXZDmtQxaKa6sXc2un1zli/YsOThtIU0jvxnekXL0VxVLThhL5NkgUhU1zW92
bzh/etHmX1Jnhw7monapw496GxQHUu4HcaY3hn9m0g4/0J3R3NiEIugNAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org