Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/oxi4CRlDw_29Jpn3D0BBww6rUzs.roa
File: oxi4CRlDw_29Jpn3D0BBww6rUzs.roa (raw, json)
Hash identifier: 24KePjB4+8RaXBkI+YK+AwQfz1XucfQA1Nx+V0NHpIg=
Subject key identifier: A3:18:B8:09:19:43:C3:FD:BD:26:99:F7:0F:40:41:C3:0E:AB:53:3B
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 019403877EF1CF7CC6916E466A37206AFD35
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/oxi4CRlDw_29Jpn3D0BBww6rUzs.roa
Signing time: Thu 26 Dec 2024 15:13:18 +0000
ROA not before: Thu 26 Dec 2024 15:13:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.96.0/24 maxlen: 24
89.248.97.0/24 maxlen: 24
89.248.98.0/24 maxlen: 24
89.248.99.0/24 maxlen: 24
89.248.100.0/24 maxlen: 24
89.248.101.0/24 maxlen: 24
89.248.102.0/24 maxlen: 24
89.248.103.0/24 maxlen: 24
89.248.104.0/24 maxlen: 24
89.248.105.0/24 maxlen: 24
89.248.106.0/24 maxlen: 24
89.248.107.0/24 maxlen: 24
89.248.108.0/24 maxlen: 24
89.248.109.0/24 maxlen: 24
89.248.110.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
93.174.1.0/24 maxlen: 24
93.174.2.0/24 maxlen: 24
93.174.3.0/24 maxlen: 24
93.174.4.0/24 maxlen: 24
93.174.5.0/24 maxlen: 24
93.174.6.0/24 maxlen: 24
93.174.7.0/24 maxlen: 24
185.15.76.0/22 maxlen: 24
185.15.76.0/24 maxlen: 24
185.15.77.0/24 maxlen: 24
185.80.4.0/22 maxlen: 24
185.80.4.0/24 maxlen: 24
185.80.5.0/24 maxlen: 24
185.80.6.0/24 maxlen: 24
185.80.7.0/24 maxlen: 24
185.86.248.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:03:87:7e:f1:cf:7c:c6:91:6e:46:6a:37:20:6a:fd:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Dec 26 15:13:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a318b8091943c3fdbd2699f70f4041c30eab533b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0e:e3:c3:eb:9d:a8:1f:c6:f3:21:0f:21:d7:
7b:0a:73:a3:d6:bf:ca:21:0c:19:2f:96:16:7b:59:
37:ba:97:ee:a5:f2:16:42:17:83:f1:3d:22:c5:15:
11:b9:e1:9a:d6:a1:8f:56:f9:be:c5:dc:53:5a:cf:
4f:e7:a6:50:94:99:fd:14:d5:69:66:6a:c8:c2:9b:
7a:6a:f8:66:5e:5e:5f:e8:50:f9:c6:7c:86:5a:df:
75:dc:dc:7c:34:c2:42:f7:d3:aa:23:bb:3b:47:8b:
f6:e2:70:03:37:42:3b:2d:99:6f:a8:76:c7:b5:60:
fb:1e:c0:ba:15:77:cb:c0:e9:d1:78:0b:c9:98:f9:
8f:bf:e6:69:f7:f0:c3:03:10:2c:15:a7:62:7c:70:
80:d1:61:15:27:2b:78:f0:e4:ef:e2:79:a1:b8:ec:
36:12:13:02:76:e1:3f:f6:d5:ea:33:6b:d8:06:92:
ae:d9:2f:40:22:82:9d:07:8f:8f:c0:30:c8:66:b7:
f2:22:3d:4b:6e:93:b4:a9:97:27:41:14:50:b0:c3:
cb:a4:61:81:b5:64:3a:23:86:ff:27:c7:09:d4:f9:
e6:a9:fa:cc:39:fe:6e:06:96:66:87:33:38:2f:84:
41:8b:5c:d6:ba:de:7e:f7:9b:19:5c:b3:c1:0c:3b:
1e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:18:B8:09:19:43:C3:FD:BD:26:99:F7:0F:40:41:C3:0E:AB:53:3B
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/oxi4CRlDw_29Jpn3D0BBww6rUzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
185.86.248.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
6e:26:36:f1:a4:58:2b:54:23:4d:48:b8:1d:c1:ea:89:7a:c6:
70:f3:57:2d:4c:0d:d2:69:fb:dd:02:1c:16:16:3b:d0:a6:df:
4c:c3:7a:35:77:1c:a7:15:63:b8:28:42:15:70:ab:01:f7:1a:
a6:73:5a:45:29:d9:25:6a:60:37:94:82:cc:9b:85:d6:f7:04:
14:b6:bd:06:81:11:13:4c:12:f3:ec:64:39:66:0e:25:1a:db:
c9:45:e4:4c:41:43:51:9f:e7:7f:dc:4e:83:f3:0c:d8:4a:27:
6f:e3:05:e8:de:f9:ef:03:d6:f9:a5:8b:a6:5c:42:59:b8:d9:
57:6e:7a:a1:88:44:3b:cb:06:69:c8:ea:35:3b:68:16:c1:29:
a9:a3:98:98:e5:ba:5e:e1:b8:2b:73:28:7b:82:82:3b:7b:80:
1c:4f:7f:f8:8b:ad:3d:ab:71:c5:5c:1d:a2:9c:bf:0c:e9:43:
7f:e4:2d:b1:d7:12:df:da:5f:bf:c0:d9:fc:db:41:92:c4:3e:
0f:05:de:7e:d3:fe:53:5f:dc:cc:fb:40:df:9e:dc:23:16:ce:
b6:75:81:e7:05:3a:44:2b:5d:39:f7:b1:bb:3d:46:7e:3b:15:
6a:ba:b9:27:82:19:c6:31:2f:9e:f8:82:8c:68:d9:50:30:9a:
88:67:9b:d6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQDh37xz3zGkW5Gajcgav01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQxMjI2MTUxMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE4YjgwOTE5NDNjM2ZkYmQyNjk5ZjcwZjQwNDFjMzBlYWI1MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg7jw+udqB/G8yEPIdd7CnOj1r/K
IQwZL5YWe1k3upfupfIWQheD8T0ixRURueGa1qGPVvm+xdxTWs9P56ZQlJn9FNVp
ZmrIwpt6avhmXl5f6FD5xnyGWt913Nx8NMJC99OqI7s7R4v24nADN0I7LZlvqHbH
tWD7HsC6FXfLwOnReAvJmPmPv+Zp9/DDAxAsFadifHCA0WEVJyt48OTv4nmhuOw2
EhMCduE/9tXqM2vYBpKu2S9AIoKdB4+PwDDIZrfyIj1LbpO0qZcnQRRQsMPLpGGB
tWQ6I4b/J8cJ1PnmqfrMOf5uBpZmhzM4L4RBi1zWut5+95sZXLPBDDseDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKMYuAkZQ8P9vSaZ9w9AQcMOq1M7MB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvb3hpNENSbER3XzI5SnBuM0QwQkJ3dzZyVXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEAwQCuVb4MA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEB
CwUAA4IBAQBuJjbxpFgrVCNNSLgdweqJesZw81ctTA3SafvdAhwWFjvQpt9Mw3o1
dxynFWO4KEIVcKsB9xqmc1pFKdklamA3lILMm4XW9wQUtr0GgRETTBLz7GQ5Zg4l
GtvJReRMQUNRn+d/3E6D8wzYSidv4wXo3vnvA9b5pYumXEJZuNlXbnqhiEQ7ywZp
yOo1O2gWwSmpo5iY5bpe4bgrcyh7goI7e4AcT3/4i609q3HFXB2inL8M6UN/5C2x
1xLf2l+/wNn820GSxD4PBd5+0/5TX9zM+0DfntwjFs62dYHnBTpEK10597G7PUZ+
OxVqurknghnGMS+e+IKMaNlQMJqIZ5vW
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:31:34 2025 by rpki-client