Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/xkjBz7GgrCVsZ-RTkpI9rM3QJvo.roa
File: xkjBz7GgrCVsZ-RTkpI9rM3QJvo.roa (raw, json)
Hash identifier: Y/t4K0R71UgkKmHNWfoNiZticjTmQyo9tZnckQBJMGQ=
Subject key identifier: C6:48:C1:CF:B1:A0:AC:25:6C:67:E4:53:92:92:3D:AC:CD:D0:26:FA
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018E31A38BAFEF3F4141B3F870A12F479C4F
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/xkjBz7GgrCVsZ-RTkpI9rM3QJvo.roa
Signing time: Tue 12 Mar 2024 07:49:45 +0000
ROA not before: Tue 12 Mar 2024 07:49:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25086
IP address blocks: 62.168.224.0/20 maxlen: 20
62.168.240.0/20 maxlen: 20
81.91.32.0/20 maxlen: 20
81.91.48.0/20 maxlen: 20
85.235.32.0/20 maxlen: 20
85.235.48.0/20 maxlen: 20
93.90.228.0/22 maxlen: 22
93.90.232.0/21 maxlen: 21
94.140.132.0/23 maxlen: 23
94.140.138.0/23 maxlen: 23
94.140.144.0/23 maxlen: 23
94.140.150.0/23 maxlen: 23
95.169.128.0/20 maxlen: 20
95.169.144.0/20 maxlen: 20
109.198.224.0/20 maxlen: 20
109.198.240.0/20 maxlen: 20
141.105.24.0/22 maxlen: 22
213.176.228.0/24 maxlen: 24
213.176.229.0/24 maxlen: 24
213.176.230.0/24 maxlen: 24
213.176.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:a3:8b:af:ef:3f:41:41:b3:f8:70:a1:2f:47:9c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Mar 12 07:49:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c648c1cfb1a0ac256c67e45392923daccdd026fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:85:0d:d9:cc:b9:1b:98:a4:78:c5:69:bc:14:
71:c3:03:c4:3d:57:95:75:c7:87:a5:71:7a:98:ff:
ae:4c:b1:ff:6a:57:1a:96:73:0a:c0:5b:8c:8c:fc:
01:59:65:8a:ef:ef:cc:6f:53:db:2a:ae:6a:14:55:
55:79:30:dd:d5:12:be:5e:69:65:85:1e:8a:28:ff:
45:10:41:02:00:d5:11:f8:9e:72:3c:99:35:9b:64:
35:b9:5e:cc:25:04:d3:e5:58:65:e5:98:52:db:85:
7d:f5:85:5c:8e:3d:5b:4e:31:47:6a:cb:31:79:b4:
bb:e8:a7:a9:92:98:74:6a:15:af:6e:ac:cb:ec:c5:
f0:57:fd:d1:1b:b8:fe:c1:cc:03:f1:38:b6:c9:cc:
1b:14:f7:0b:05:42:66:de:04:48:97:e9:cc:19:8f:
8f:cb:35:6d:54:bb:69:9c:04:da:0d:23:90:27:dd:
52:bd:44:86:49:eb:b4:fa:92:5c:2d:4a:70:a6:e4:
dd:06:13:0e:82:a1:b9:c1:08:d0:8e:51:a5:af:5c:
58:1c:de:a6:95:ac:64:7e:e6:f0:a3:e7:82:0c:bd:
e2:55:f6:c8:46:4b:64:87:7d:83:ef:52:95:15:4b:
4e:6d:48:14:a5:fc:72:95:4d:5f:0d:75:fd:18:47:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:48:C1:CF:B1:A0:AC:25:6C:67:E4:53:92:92:3D:AC:CD:D0:26:FA
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/xkjBz7GgrCVsZ-RTkpI9rM3QJvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.168.224.0/19
81.91.32.0/19
85.235.32.0/19
93.90.228.0-93.90.239.255
94.140.132.0/23
94.140.138.0/23
94.140.144.0/23
94.140.150.0/23
95.169.128.0/19
109.198.224.0/19
141.105.24.0/22
213.176.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:24:aa:ef:7f:dc:12:03:02:87:0d:e6:d7:80:6b:44:96:eb:
41:9f:fa:12:30:39:05:fb:b5:7e:a6:95:49:44:23:6f:53:a2:
62:e1:7f:fa:7f:1c:2d:b3:ab:b6:59:4e:8d:c9:e8:41:05:c2:
79:80:a6:62:95:72:f2:ac:63:45:66:42:b0:c3:04:dd:5a:46:
a2:31:2b:30:4d:ce:6a:ce:a2:88:fa:31:42:06:9b:da:88:9a:
b7:d7:84:33:b9:81:27:82:b2:b0:40:05:12:e0:79:9e:71:c4:
48:b5:61:6f:14:ff:32:64:e9:12:7c:ab:92:ac:09:ec:41:e2:
53:81:a3:d6:e7:00:23:9c:e9:fb:b5:51:86:76:a5:dc:5e:8c:
58:82:ee:79:85:6d:15:99:13:97:e3:37:0f:41:ec:bd:e5:9d:
1a:87:2b:0c:8a:60:6b:a9:c7:ea:76:bf:65:8f:1d:be:12:d8:
10:10:26:d5:20:10:e0:66:37:98:7d:5f:93:a4:e6:07:7b:c1:
4a:42:3a:3d:d7:cd:af:63:cf:2f:b5:2f:48:61:58:80:6c:7d:
c7:cb:5a:a9:12:31:39:6e:e0:72:8b:ac:2d:2f:dd:fe:78:12:
e1:6b:9f:52:18:2a:d4:e1:49:30:f2:e5:ce:9c:71:61:3d:ee:
4c:3a:4c:8f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY4xo4uv7z9BQbP4cKEvR5xPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMzEyMDc0OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ4YzFjZmIxYTBhYzI1NmM2N2U0NTM5MjkyM2RhY2NkZDAyNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIUN2cy5G5ikeMVpvBRxwwPEPVeV
dceHpXF6mP+uTLH/alcalnMKwFuMjPwBWWWK7+/Mb1PbKq5qFFVVeTDd1RK+Xmll
hR6KKP9FEEECANUR+J5yPJk1m2Q1uV7MJQTT5Vhl5ZhS24V99YVcjj1bTjFHassx
ebS76Kepkph0ahWvbqzL7MXwV/3RG7j+wcwD8Ti2ycwbFPcLBUJm3gRIl+nMGY+P
yzVtVLtpnATaDSOQJ91SvUSGSeu0+pJcLUpwpuTdBhMOgqG5wQjQjlGlr1xYHN6m
laxkfubwo+eCDL3iVfbIRktkh32D71KVFUtObUgUpfxylU1fDXX9GEcrvwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFMZIwc+xoKwlbGfkU5KSPazN0Cb6MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEveGtqQno3R2dyQ1ZzWi1SVGtwSTlyTTNRSnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQFPqjgAwQF
UVsgAwQFVesgMAwDBAJdWuQDBARdWuADBAFejIQDBAFejIoDBAFejJADBAFejJYD
BAVfqYADBAVtxuADBAKNaRgDBALVsOQwDQYJKoZIhvcNAQELBQADggEBADskqu9/
3BIDAocN5teAa0SW60Gf+hIwOQX7tX6mlUlEI29TomLhf/p/HC2zq7ZZTo3J6EEF
wnmApmKVcvKsY0VmQrDDBN1aRqIxKzBNzmrOooj6MUIGm9qImrfXhDO5gSeCsrBA
BRLgeZ5xxEi1YW8U/zJk6RJ8q5KsCexB4lOBo9bnACOc6fu1UYZ2pdxejFiC7nmF
bRWZE5fjNw9B7L3lnRqHKwyKYGupx+p2v2WPHb4S2BAQJtUgEOBmN5h9X5Ok5gd7
wUpCOj3Xza9jzy+1L0hhWIBsfcfLWqkSMTlu4HKLrC0v3f54EuFrn1IYKtThSTDy
5c6ccWE97kw6TI8=
-----END CERTIFICATE-----
Generated at Thu May 1 20:00:55 2025 by rpki-client