Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XSWSo9rh-UHA-zujHcshxBFSyRU.roa
File: XSWSo9rh-UHA-zujHcshxBFSyRU.roa (raw, json)
Hash identifier: 5LDEUvJ+HqXCs4hJ/tJOr4W1Xs9hT297hw3dK4EUUrA=
Subject key identifier: 5D:25:92:A3:DA:E1:F9:41:C0:FB:3B:A3:1D:CB:21:C4:11:52:C9:15
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193A66DEF7C3994865189F44934E8408F94
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XSWSo9rh-UHA-zujHcshxBFSyRU.roa
Signing time: Sun 08 Dec 2024 13:20:42 +0000
ROA not before: Sun 08 Dec 2024 13:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214083
IP address blocks: 80.240.86.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
212.38.89.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a6:6d:ef:7c:39:94:86:51:89:f4:49:34:e8:40:8f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 8 13:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d2592a3dae1f941c0fb3ba31dcb21c41152c915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:9b:3f:54:c5:94:8f:27:c0:d7:e7:b7:b9:
c0:36:71:24:d1:bf:19:59:8e:4d:e3:61:1c:08:44:
ae:64:33:fe:24:48:3d:9d:a0:21:79:e6:c7:88:0e:
91:56:11:26:e1:b3:d1:3f:d7:f7:74:e3:5f:d5:46:
7a:82:1e:5b:7b:4d:14:ca:82:46:37:4b:de:b5:da:
cb:5c:23:66:3e:69:a4:d2:08:32:d0:40:63:1e:fc:
60:9f:3d:f9:a8:86:77:5c:ab:ad:86:1c:1f:07:da:
0f:1a:d5:ed:2b:9c:06:f5:e8:93:fb:73:6f:cf:d6:
ba:78:34:78:5c:a6:70:3d:6f:32:99:1e:28:14:a1:
91:f6:24:30:1f:5b:58:fb:19:e8:77:f5:67:bb:85:
80:6b:72:72:75:67:a2:82:e1:49:6c:68:65:27:fa:
09:21:67:a1:4c:9c:f1:fe:3d:9a:06:cf:4f:0a:60:
3b:a3:55:77:81:84:46:cc:dc:55:86:c9:37:13:53:
9b:71:83:58:62:62:40:d8:26:92:c8:b0:8b:b5:7a:
fe:79:9f:c0:57:b7:dc:30:35:fd:59:03:fb:c2:d7:
8c:c7:34:8f:6c:dd:f4:d2:1d:a7:29:9f:35:db:d5:
1e:70:6f:41:42:2b:b0:b2:cf:35:14:ef:73:09:fb:
c0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:25:92:A3:DA:E1:F9:41:C0:FB:3B:A3:1D:CB:21:C4:11:52:C9:15
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XSWSo9rh-UHA-zujHcshxBFSyRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.86.0/24
82.153.207.0/24
212.38.89.0/24
213.218.209.0/24
Signature Algorithm: sha256WithRSAEncryption
04:f8:67:1a:55:61:87:d5:12:9c:59:3f:1c:d0:b0:60:8d:d8:
1f:8a:34:ff:f8:26:73:e1:29:02:6f:56:fa:39:e1:b6:25:7b:
93:22:6a:6f:3c:13:b8:2e:94:5d:01:32:f7:79:db:29:34:0c:
fa:5b:5b:cf:74:fc:82:6c:50:39:de:42:00:06:92:66:79:6a:
00:ca:30:25:a9:b5:cc:f3:61:ac:4e:c7:7b:a3:d3:e3:90:a8:
cf:ee:d0:b3:f0:10:b1:62:b5:25:a6:3c:55:33:df:88:45:ab:
34:84:c8:a8:82:b5:ae:8b:92:6d:1c:9e:ce:46:06:27:d7:46:
0e:d1:28:02:74:74:7e:dc:81:1b:9a:f7:42:e6:a8:78:a0:da:
b8:af:dd:da:14:65:b7:da:aa:9e:fc:7f:f3:33:64:35:7a:6b:
1d:6f:9b:b6:57:4f:07:dd:ee:d2:1e:21:fb:88:7c:d4:f3:35:
de:99:37:ae:1b:0b:6b:c3:aa:91:9f:d3:21:16:4a:9c:73:a1:
3f:af:ca:55:76:f1:a2:b7:4f:c9:f5:98:5d:b4:bd:f9:89:14:
54:aa:48:1a:2b:ad:aa:bd:e5:59:2c:8a:50:20:82:f2:f0:cb:
2d:79:68:d7:25:09:84:c7:c3:8b:14:ea:d6:37:ab:94:e5:11:
8e:30:25:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOmbe98OZSGUYn0STToQI+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA4MTMyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI1OTJhM2RhZTFmOTQxYzBmYjNiYTMxZGNiMjFjNDExNTJjOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3CbP1TFlI8nwNfnt7nANnEk0b8Z
WY5N42EcCESuZDP+JEg9naAheebHiA6RVhEm4bPRP9f3dONf1UZ6gh5be00UyoJG
N0vetdrLXCNmPmmk0ggy0EBjHvxgnz35qIZ3XKuthhwfB9oPGtXtK5wG9eiT+3Nv
z9a6eDR4XKZwPW8ymR4oFKGR9iQwH1tY+xnod/Vnu4WAa3JydWeiguFJbGhlJ/oJ
IWehTJzx/j2aBs9PCmA7o1V3gYRGzNxVhsk3E1ObcYNYYmJA2CaSyLCLtXr+eZ/A
V7fcMDX9WQP7wteMxzSPbN300h2nKZ8129UecG9BQiuwss81FO9zCfvAlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF0lkqPa4flBwPs7ox3LIcQRUskVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWFNXU285cmgtVUhBLXp1akhjc2h4QkZTeVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBWAwQA
UpnPAwQA1CZZAwQA1drRMA0GCSqGSIb3DQEBCwUAA4IBAQAE+GcaVWGH1RKcWT8c
0LBgjdgfijT/+CZz4SkCb1b6OeG2JXuTImpvPBO4LpRdATL3edspNAz6W1vPdPyC
bFA53kIABpJmeWoAyjAlqbXM82GsTsd7o9PjkKjP7tCz8BCxYrUlpjxVM9+IRas0
hMiogrWui5JtHJ7ORgYn10YO0SgCdHR+3IEbmvdC5qh4oNq4r93aFGW32qqe/H/z
M2Q1emsdb5u2V08H3e7SHiH7iHzU8zXemTeuGwtrw6qRn9MhFkqcc6E/r8pVdvGi
t0/J9ZhdtL35iRRUqkgaK62qveVZLIpQIILy8MsteWjXJQmEx8OLFOrWN6uU5RGO
MCVW
-----END CERTIFICATE-----
Generated at Wed Apr 30 03:38:15 2025 by rpki-client