Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/XepuVwBu0K7zNJfW8QgnImVJLZA.roa
File: XepuVwBu0K7zNJfW8QgnImVJLZA.roa (raw, json)
Hash identifier: ti5aeC4VaxGfHJFwbHOjsIOsXVbEgOl2Em4Q6Q0OU9k=
Subject key identifier: 5D:EA:6E:57:00:6E:D0:AE:F3:34:97:D6:F1:08:27:22:65:49:2D:90
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0192D975ECCD1A8D9FA4589DBE471C68E05C
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/XepuVwBu0K7zNJfW8QgnImVJLZA.roa
Signing time: Tue 29 Oct 2024 18:07:17 +0000
ROA not before: Tue 29 Oct 2024 18:07:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
45.137.212.0/24 maxlen: 24
45.137.213.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
62.197.45.0/24 maxlen: 24
62.197.48.0/23 maxlen: 23
82.117.242.0/23 maxlen: 23
89.187.73.0/24 maxlen: 24
176.97.79.0/24 maxlen: 24
176.98.40.0/24 maxlen: 24
185.109.48.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
195.54.174.0/23 maxlen: 23
213.142.146.0/23 maxlen: 23
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:3::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c1:151::/48 maxlen: 48
2a02:c6c1:153::/48 maxlen: 48
2a02:c6c1:154::/48 maxlen: 48
2a02:c6c1:155::/48 maxlen: 48
2a02:c6c1:156::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
2a02:c6c3::/32 maxlen: 32
2a02:c6c7::/32 maxlen: 32
2a0c:6740::/29 maxlen: 29
2a0c:6741::/32 maxlen: 32
2a0e:92c0::/29 maxlen: 29
2a0e:9a40::/29 maxlen: 29
2a0e:a7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 29 Oct 2024 18:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:75:ec:cd:1a:8d:9f:a4:58:9d:be:47:1c:68:e0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 29 18:07:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dea6e57006ed0aef33497d6f108272265492d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:c6:91:ce:28:0b:21:f3:f2:6f:04:ba:63:
92:d7:df:ab:28:37:3e:e6:fd:4e:08:d4:1f:8d:fe:
ed:8b:1d:57:a2:e2:db:c5:fd:b8:a7:de:dd:88:85:
cc:ed:6e:ce:be:f9:15:71:c6:fe:44:ca:7b:69:a6:
98:c1:66:01:cd:6f:9d:2a:e0:7d:f1:1f:ed:a8:66:
31:4e:7b:57:96:52:96:76:e3:19:50:1f:08:25:4c:
f3:d4:c2:91:29:8d:16:5e:b8:6e:a8:0e:28:9b:aa:
f6:75:73:fb:98:40:2a:77:6d:6f:55:84:3c:1b:b5:
ce:e3:22:fd:9c:ca:a8:37:71:13:97:88:6f:ec:c6:
31:cf:ff:c0:f6:83:58:9d:bf:2b:91:23:13:ef:9e:
06:f3:5b:41:1b:d0:78:14:da:ca:1a:21:d0:df:02:
48:31:16:f1:eb:f3:d1:88:28:df:dd:54:be:37:d2:
a2:0e:66:da:e2:26:94:41:b0:c2:17:6c:e6:0f:1f:
a4:93:d6:8c:90:53:3d:dd:cd:41:4c:90:44:fb:13:
31:b5:5e:ab:b5:e4:82:0a:6b:b0:d1:2d:15:8f:3c:
7c:b9:bf:00:13:b9:c2:1b:9d:f8:22:70:c9:99:d1:
33:d7:69:57:d0:07:6c:d2:53:5e:8c:60:7b:9c:5f:
5b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EA:6E:57:00:6E:D0:AE:F3:34:97:D6:F1:08:27:22:65:49:2D:90
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/XepuVwBu0K7zNJfW8QgnImVJLZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
45.137.212.0/23
46.102.106.0/24
62.197.45.0/24
62.197.48.0/23
82.117.242.0/23
89.187.73.0/24
176.97.79.0/24
176.98.40.0/24
185.109.48.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
195.54.174.0/23
213.142.146.0/23
IPv6:
2a02:c6c1:2::/47
2a02:c6c1:10::/48
2a02:c6c1:151::/48
2a02:c6c1:153::-2a02:c6c1:156:ffff:ffff:ffff:ffff:ffff
2a02:c6c2::/31
2a02:c6c7::/32
2a0c:6740::/29
2a0e:92c0::/29
2a0e:9a40::/29
2a0e:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:c6:b7:a0:45:29:34:a1:90:27:32:64:13:fb:66:8a:e4:33:
2f:e5:f2:33:de:24:5c:80:78:93:8a:c7:4a:81:bc:d7:ae:9a:
0c:df:de:07:60:f0:6b:eb:fe:c3:28:ca:46:02:8c:b6:69:77:
a1:c0:76:1d:ab:86:d8:5e:23:c8:86:2b:bb:25:5f:b0:94:1b:
51:74:c2:1a:73:9e:43:d6:75:52:90:d5:d6:d2:78:80:a3:51:
8c:8c:c8:6b:2d:5e:6f:87:66:92:bd:1d:c4:1f:a0:99:ae:63:
d5:50:84:b2:70:0b:7c:10:5a:7f:cc:52:f3:ff:09:c1:ea:d5:
29:b1:aa:e6:da:a2:a7:e2:9d:0a:2b:88:17:2f:40:61:44:1c:
38:5c:4f:13:77:41:14:50:19:4a:04:01:dd:71:15:13:cf:bd:
63:1b:fc:bf:ca:a3:de:93:ef:f9:ba:d7:bd:6c:3b:e9:d7:1f:
e5:b8:2f:1b:c8:1d:66:50:67:46:04:f2:ca:37:ac:bf:6d:f7:
bc:eb:c4:14:a9:3d:fe:55:5d:4d:c3:a9:5c:8b:6e:d3:d7:3d:
58:59:60:4c:8a:5d:5a:16:28:92:ff:47:ad:bb:e9:c9:c2:d1:
a0:df:1f:65:62:37:c3:bd:e4:14:86:29:01:a2:ea:63:76:79:
89:18:a8:c3
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgISAZLZdezNGo2fpFidvkccaOBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMDI5MTgwNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVhNmU1NzAwNmVkMGFlZjMzNDk3ZDZmMTA4MjcyMjY1NDkyZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzjGkc4oCyHz8m8EumOS19+rKDc+
5v1OCNQfjf7tix1XouLbxf24p97diIXM7W7OvvkVccb+RMp7aaaYwWYBzW+dKuB9
8R/tqGYxTntXllKWduMZUB8IJUzz1MKRKY0WXrhuqA4om6r2dXP7mEAqd21vVYQ8
G7XO4yL9nMqoN3ETl4hv7MYxz//A9oNYnb8rkSMT754G81tBG9B4FNrKGiHQ3wJI
MRbx6/PRiCjf3VS+N9KiDmba4iaUQbDCF2zmDx+kk9aMkFM93c1BTJBE+xMxtV6r
teSCCmuw0S0Vjzx8ub8AE7nCG534InDJmdEz12lX0Ads0lNejGB7nF9bSQIDAQAB
o4IDEDCCAwwwHQYDVR0OBBYEFF3qblcAbtCu8zSX1vEIJyJlSS2QMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvWGVwdVZ3QnUwSzd6TkpmVzhRZ25JbVZKTFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJAYIKwYBBQUHAQcBAf8EggETMIIBDzCBqwQCAAEwgaQD
BAQFLUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQA
JfwDMAwDBAAl/A0DBAQl/AADBAItiDADBAEtidQDBAAuZmoDBAA+xS0DBAE+xTAD
BAFSdfIDBABZu0kDBACwYU8DBACwYigDBAC5bTADBAK57qgDBAC8dBUwDAMEALx0
FwMEArx0GAMEAcM2rgMEAdWOkjBfBAIAAjBZAwcBKgLGwQACAwcAKgLGwQAQAwcA
KgLGwQFRMBIDBwAqAsbBAVMDBwAqAsbBAVYDBQEqAsbCAwUAKgLGxwMFAyoMZ0AD
BQMqDpLAAwUDKg6aQAMFAyoOp8AwDQYJKoZIhvcNAQELBQADggEBAC3Gt6BFKTSh
kCcyZBP7ZorkMy/l8jPeJFyAeJOKx0qBvNeumgzf3gdg8Gvr/sMoykYCjLZpd6HA
dh2rhtheI8iGK7slX7CUG1F0whpznkPWdVKQ1dbSeICjUYyMyGstXm+HZpK9HcQf
oJmuY9VQhLJwC3wQWn/MUvP/CcHq1SmxqubaoqfinQoriBcvQGFEHDhcTxN3QRRQ
GUoEAd1xFRPPvWMb/L/Ko96T7/m6171sO+nXH+W4LxvIHWZQZ0YE8so3rL9t97zr
xBSpPf5VXU3DqVyLbtPXPVhZYEyKXVoWKJL/R6276cnC0aDfH2ViN8O95BSGKQGi
6mN2eYkYqMM=
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:25:16 2025 by rpki-client