Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tZHZrfCbpdAUpqmvqax9UmTi3H8.roa
File: tZHZrfCbpdAUpqmvqax9UmTi3H8.roa (raw, json)
Hash identifier: iFimZut7lbNFGHcERkI2Fz2yYg94dEKF2EAh0Rba0dE=
Subject key identifier: B5:91:D9:AD:F0:9B:A5:D0:14:A6:A9:AF:A9:AC:7D:52:64:E2:DC:7F
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E8A2A6BED1B21C20F07488D7D8DA3E80B
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tZHZrfCbpdAUpqmvqax9UmTi3H8.roa
Signing time: Fri 29 Mar 2024 12:23:39 +0000
ROA not before: Fri 29 Mar 2024 12:23:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25490
IP address blocks: 83.239.0.0/18 maxlen: 18
83.239.0.0/20 maxlen: 20
83.239.16.0/20 maxlen: 20
83.239.32.0/19 maxlen: 19
83.239.32.0/21 maxlen: 21
83.239.40.0/22 maxlen: 22
83.239.48.0/20 maxlen: 20
83.239.64.0/19 maxlen: 19
83.239.96.0/20 maxlen: 20
83.239.200.0/21 maxlen: 24
83.239.224.0/20 maxlen: 20
83.239.240.0/22 maxlen: 22
83.239.244.0/22 maxlen: 22
85.172.0.0/19 maxlen: 19
85.172.32.0/19 maxlen: 19
85.172.64.0/21 maxlen: 21
85.172.72.0/22 maxlen: 22
85.172.79.0/24 maxlen: 24
85.172.82.0/23 maxlen: 23
85.172.84.0/22 maxlen: 22
85.172.96.0/20 maxlen: 20
85.172.160.0/21 maxlen: 21
85.173.4.0/22 maxlen: 22
85.173.144.0/20 maxlen: 20
85.174.128.0/18 maxlen: 18
85.174.143.0/24 maxlen: 24
85.174.224.0/20 maxlen: 20
85.174.240.0/20 maxlen: 20
85.175.0.0/16 maxlen: 23
85.175.0.0/19 maxlen: 19
85.175.32.0/21 maxlen: 21
85.175.46.0/24 maxlen: 24
85.175.62.0/23 maxlen: 23
85.175.65.0/24 maxlen: 24
85.175.66.0/23 maxlen: 23
85.175.71.0/24 maxlen: 24
85.175.72.0/22 maxlen: 22
85.175.82.0/23 maxlen: 23
85.175.91.0/24 maxlen: 24
85.175.96.0/22 maxlen: 22
85.175.100.0/23 maxlen: 23
85.175.152.0/23 maxlen: 23
85.175.170.0/23 maxlen: 23
85.175.192.0/20 maxlen: 20
85.175.216.0/22 maxlen: 22
85.175.226.0/23 maxlen: 23
85.175.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 06:41:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:2a:6b:ed:1b:21:c2:0f:07:48:8d:7d:8d:a3:e8:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 12:23:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b591d9adf09ba5d014a6a9afa9ac7d5264e2dc7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8d:90:a0:82:f3:d3:69:3a:3e:49:95:7d:60:
c0:fd:4f:2a:2e:26:5e:3d:0d:41:f4:b5:38:08:dd:
24:88:23:5e:f0:7a:fc:dd:de:a0:9f:52:14:dc:ec:
84:5f:5d:85:58:4d:c8:11:bc:d8:73:16:9d:5b:0f:
25:74:3f:cd:df:ab:6c:0d:b3:7e:24:3d:46:32:05:
00:81:5e:84:f7:c4:69:73:9b:23:6e:03:e7:f4:82:
94:53:a3:66:68:d9:d1:89:19:29:c4:ca:6c:e3:ae:
6a:3a:0b:9f:83:71:56:93:9a:12:11:e5:e1:96:59:
3c:bc:8d:bf:95:9d:fd:74:1a:31:8c:51:25:ec:27:
5a:f8:1f:d9:b8:73:64:ab:73:bc:97:b6:a4:1c:51:
fe:30:b0:d1:d9:b8:18:aa:c8:87:38:cc:73:cc:2e:
53:8e:17:15:e2:72:5e:49:2d:89:fe:a9:8e:ba:b7:
ab:95:89:44:87:2c:3a:f8:a6:06:c1:3f:15:dd:53:
54:59:81:aa:37:8f:79:fd:65:b1:7e:66:29:24:24:
29:c9:25:48:a5:3a:6f:f7:2e:c6:c7:b6:bd:1e:88:
ae:bd:96:72:ce:1f:ac:e3:47:c2:44:58:7b:ee:cc:
c6:be:93:e0:55:fb:41:21:96:76:7e:cb:63:4c:d4:
7d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:91:D9:AD:F0:9B:A5:D0:14:A6:A9:AF:A9:AC:7D:52:64:E2:DC:7F
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tZHZrfCbpdAUpqmvqax9UmTi3H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.0.0-83.239.111.255
83.239.200.0/21
83.239.224.0-83.239.247.255
85.172.0.0-85.172.75.255
85.172.79.0/24
85.172.82.0-85.172.87.255
85.172.96.0/20
85.172.160.0/21
85.173.4.0/22
85.173.144.0/20
85.174.128.0/18
85.174.224.0-85.175.255.255
Signature Algorithm: sha256WithRSAEncryption
9d:cb:e4:ed:46:93:c0:27:0f:93:6e:1f:9b:b6:97:15:e8:c2:
7f:74:52:ea:17:82:0f:fd:c5:d2:57:74:fe:52:54:8e:47:fb:
60:f5:7a:c8:e4:e6:1e:5b:fc:ba:53:ef:4a:d3:1a:6f:73:5e:
92:d9:aa:ae:84:be:90:33:33:ac:3e:ab:82:ce:b5:7e:ae:64:
84:04:44:f0:1e:d1:db:b4:5d:78:31:08:ea:42:e4:61:71:52:
10:fb:d3:d5:4b:1c:07:cf:ae:a2:57:a7:79:b8:d0:2a:71:1a:
94:d6:ff:86:f4:73:35:aa:3e:f2:b0:7a:4c:55:67:d9:81:f1:
a5:cf:a1:45:b4:7c:6f:40:20:f5:db:31:c8:73:d7:c0:4e:5b:
86:a6:03:e6:a3:96:77:f4:66:11:6e:c2:04:9a:f2:5e:9b:df:
05:9e:90:a7:cf:65:11:55:43:99:5a:ba:63:89:1e:03:31:2c:
0b:79:c1:7c:13:4d:d1:af:db:21:5b:40:53:28:7e:31:2a:7e:
3c:e3:51:65:a8:1c:90:17:da:79:f4:1e:4c:43:12:79:fd:60:
ad:7c:68:e3:bb:33:d9:6a:35:d4:a1:2b:65:2f:db:3d:f1:e8:
4f:1a:2f:db:8d:0a:3f:4c:41:3a:11:b3:7f:6b:46:ce:55:34:
7f:d5:a9:cc
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAY6KKmvtGyHCDwdIjX2No+gLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MTIyMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTkxZDlhZGYwOWJhNWQwMTRhNmE5YWZhOWFjN2Q1MjY0ZTJkYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI2QoILz02k6PkmVfWDA/U8qLiZe
PQ1B9LU4CN0kiCNe8Hr83d6gn1IU3OyEX12FWE3IEbzYcxadWw8ldD/N36tsDbN+
JD1GMgUAgV6E98Rpc5sjbgPn9IKUU6NmaNnRiRkpxMps465qOgufg3FWk5oSEeXh
llk8vI2/lZ39dBoxjFEl7Cda+B/ZuHNkq3O8l7akHFH+MLDR2bgYqsiHOMxzzC5T
jhcV4nJeSS2J/qmOurerlYlEhyw6+KYGwT8V3VNUWYGqN495/WWxfmYpJCQpySVI
pTpv9y7Gx7a9HoiuvZZyzh+s40fCRFh77szGvpPgVftBIZZ2fstjTNR9IQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFLWR2a3wm6XQFKapr6msfVJk4tx/MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdFpIWnJmQ2JwZEFVcHFtdnFheDlVbVRpM0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbTALAwMAU+8D
BART72ADBANT78gwDAMEBVPv4AMEA1Pv8DALAwMCVawDBAJVrEgDBABVrE8wDAME
AVWsUgMEA1WsUAMEBFWsYAMEA1WsoAMEAlWtBAMEBFWtkAMEBlWugDALAwQFVa7g
AwMEVaAwDQYJKoZIhvcNAQELBQADggEBAJ3L5O1Gk8AnD5NuH5u2lxXown90UuoX
gg/9xdJXdP5SVI5H+2D1esjk5h5b/LpT70rTGm9zXpLZqq6EvpAzM6w+q4LOtX6u
ZIQERPAe0du0XXgxCOpC5GFxUhD709VLHAfPrqJXp3m40CpxGpTW/4b0czWqPvKw
ekxVZ9mB8aXPoUW0fG9AIPXbMchz18BOW4amA+ajlnf0ZhFuwgSa8l6b3wWekKfP
ZRFVQ5laumOJHgMxLAt5wXwTTdGv2yFbQFMofjEqfjzjUWWoHJAX2nn0HkxDEnn9
YK18aOO7M9lqNdShK2Uv2z3x6E8aL9uNCj9MQToRs39rRs5VNH/Vqcw=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:05:13 2025 by rpki-client