Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aZx-sU_C_VzB2re8i0uvKexemtI.roa
File: aZx-sU_C_VzB2re8i0uvKexemtI.roa (raw, json)
Hash identifier: t19QOTNXKIwvBPFXgB5AzRXMbik3DUWoJh3ab/jZETo=
Subject key identifier: 69:9C:7E:B1:4F:C2:FD:5C:C1:DA:B7:BC:8B:4B:AF:29:EC:5E:9A:D2
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019361E9C3B36C2339C23A1B228181F6D37C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aZx-sU_C_VzB2re8i0uvKexemtI.roa
Signing time: Mon 25 Nov 2024 06:02:10 +0000
ROA not before: Mon 25 Nov 2024 06:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42362
IP address blocks: 78.111.240.0/20 maxlen: 20
83.239.192.0/21 maxlen: 21
83.239.208.0/20 maxlen: 20
85.172.128.0/19 maxlen: 19
85.172.192.0/21 maxlen: 21
85.172.200.0/22 maxlen: 22
85.172.208.0/20 maxlen: 20
85.172.224.0/20 maxlen: 20
85.172.240.0/20 maxlen: 20
85.173.32.0/19 maxlen: 19
85.173.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 25 Nov 2024 08:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:61:e9:c3:b3:6c:23:39:c2:3a:1b:22:81:81:f6:d3:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Nov 25 06:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=699c7eb14fc2fd5cc1dab7bc8b4baf29ec5e9ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c0:86:18:ac:73:31:34:ac:3e:72:ad:35:47:
76:83:cf:7b:e6:7e:87:83:c2:0d:12:4e:06:fe:b0:
db:e6:53:3d:c9:b4:2f:ab:17:96:ec:f4:15:56:8b:
24:d9:37:d1:f1:3c:ea:5f:d3:02:b4:19:7b:4b:6e:
2e:74:25:d1:56:de:7e:de:4b:6b:fe:fe:91:27:ea:
3d:6e:eb:ef:a2:c4:74:2c:e1:6e:35:17:a0:f3:e2:
f6:7a:9c:a7:1c:22:cb:1f:86:e9:3c:18:1e:0b:94:
1e:a3:e9:3b:24:36:41:d5:e1:17:5c:9a:15:6b:82:
2d:a5:51:4c:7c:fb:1c:2e:cc:16:8c:42:79:84:17:
33:18:c8:b6:f6:d5:bc:7a:fc:b4:c2:3c:34:54:a2:
30:bb:49:d1:32:89:21:91:5c:2b:c9:ab:eb:df:b8:
64:e0:58:db:89:c6:ea:9e:09:b7:a7:5c:ae:e4:9b:
9b:f0:0d:79:9e:a0:e4:a2:88:b8:3f:bd:34:cd:13:
87:f2:0c:9d:ce:41:41:b6:fb:4b:a7:f2:74:96:8d:
a9:83:90:4b:3c:99:90:8b:f2:99:8c:ac:f4:20:cc:
ef:73:95:09:72:af:9e:53:65:e6:d6:53:93:a5:fa:
88:1e:50:fa:5b:0e:7b:a2:e4:26:61:d3:df:ac:5f:
39:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:9C:7E:B1:4F:C2:FD:5C:C1:DA:B7:BC:8B:4B:AF:29:EC:5E:9A:D2
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/aZx-sU_C_VzB2re8i0uvKexemtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.240.0/20
83.239.192.0/21
83.239.208.0/20
85.172.128.0/19
85.172.192.0-85.172.203.255
85.172.208.0-85.172.255.255
85.173.32.0/19
85.173.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:2a:47:d0:03:00:18:28:1b:03:1e:a5:42:0e:ba:e8:d9:64:
ed:cc:64:1b:f6:83:1f:78:32:f6:d0:0e:d5:9f:5e:ec:81:5b:
3a:a8:27:94:fa:7d:fc:53:5f:e8:ee:a5:bb:ba:c7:90:30:28:
54:5d:da:41:48:40:e1:9c:af:37:15:02:5e:07:2f:2e:63:55:
84:88:29:5a:77:3c:50:7a:83:d9:14:02:20:84:ba:8d:78:6e:
1d:43:cd:3f:e4:2b:8c:48:77:52:97:8d:df:a9:b8:05:80:f6:
23:c0:b9:f4:7b:3d:67:d9:8f:2a:2f:29:df:e9:de:73:d6:60:
6e:1b:30:bb:16:27:cd:5c:bb:4e:45:46:36:39:60:07:42:cc:
d8:18:bb:22:a1:93:c0:2b:93:37:8f:e8:85:09:14:f4:25:51:
77:cc:83:e3:ca:74:76:31:8f:60:b4:2c:13:db:29:e8:0c:ca:
4a:a5:40:75:bf:84:6f:9b:76:24:d8:e2:10:03:24:02:0c:a5:
d4:b4:a4:c5:7a:4c:22:2e:b2:c2:b7:21:65:55:c1:b4:3b:f3:
9d:be:1a:51:8f:19:99:77:76:75:6d:73:c9:a7:a5:48:c3:cd:
2c:be:b3:4c:48:45:b2:96:9a:0c:77:fe:04:48:d3:5e:71:f8:
f3:4c:87:37
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZNh6cOzbCM5wjobIoGB9tN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMTI1MDYwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTljN2ViMTRmYzJmZDVjYzFkYWI3YmM4YjRiYWYyOWVjNWU5YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMCGGKxzMTSsPnKtNUd2g8975n6H
g8INEk4G/rDb5lM9ybQvqxeW7PQVVosk2TfR8TzqX9MCtBl7S24udCXRVt5+3ktr
/v6RJ+o9buvvosR0LOFuNReg8+L2epynHCLLH4bpPBgeC5Qeo+k7JDZB1eEXXJoV
a4ItpVFMfPscLswWjEJ5hBczGMi29tW8evy0wjw0VKIwu0nRMokhkVwryavr37hk
4Fjbicbqngm3p1yu5Jub8A15nqDkooi4P700zROH8gydzkFBtvtLp/J0lo2pg5BL
PJmQi/KZjKz0IMzvc5UJcq+eU2Xm1lOTpfqIHlD6Ww57ouQmYdPfrF85kwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGmcfrFPwv1cwdq3vItLrynsXprSMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvYVp4LXNVX0NfVnpCMnJlOGkwdXZLZXhlbXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAATA/AwQETm/wAwQD
U+/AAwQEU+/QAwQFVayAMAwDBAZVrMADBAJVrMgwCwMEBFWs0AMDAFWsAwQFVa0g
AwQFVa3gMA0GCSqGSIb3DQEBCwUAA4IBAQAtKkfQAwAYKBsDHqVCDrro2WTtzGQb
9oMfeDL20A7Vn17sgVs6qCeU+n38U1/o7qW7useQMChUXdpBSEDhnK83FQJeBy8u
Y1WEiCladzxQeoPZFAIghLqNeG4dQ80/5CuMSHdSl43fqbgFgPYjwLn0ez1n2Y8q
Lynf6d5z1mBuGzC7FifNXLtORUY2OWAHQszYGLsioZPAK5M3j+iFCRT0JVF3zIPj
ynR2MY9gtCwT2ynoDMpKpUB1v4Rvm3Yk2OIQAyQCDKXUtKTFekwiLrLCtyFlVcG0
O/OdvhpRjxmZd3Z1bXPJp6VIw80svrNMSEWylpoMd/4ESNNecfjzTIc3
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:33:22 2025 by rpki-client