Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/XW_n6xiHjXXzHvQdBXuqNs9LjOg.roa
File: XW_n6xiHjXXzHvQdBXuqNs9LjOg.roa (raw, json)
Hash identifier: EhksyMqEd/zaN5PkxKvaenrcyk7SFlCyKP3QaepJ62k=
Subject key identifier: 5D:6F:E7:EB:18:87:8D:75:F3:1E:F4:1D:05:7B:AA:36:CF:4B:8C:E8
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 0193727069A7BC2A4A60B6A1B16BB1DA53C7
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/XW_n6xiHjXXzHvQdBXuqNs9LjOg.roa
Signing time: Thu 28 Nov 2024 11:03:09 +0000
ROA not before: Thu 28 Nov 2024 11:03:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203396
IP address blocks: 145.12.0.0/16 maxlen: 24
145.12.216.0/24 maxlen: 24
145.12.217.0/24 maxlen: 24
145.69.0.0/16 maxlen: 24
145.69.0.0/19 maxlen: 19
145.69.25.0/24 maxlen: 24
145.69.40.0/21 maxlen: 21
145.69.47.0/24 maxlen: 24
145.69.56.0/21 maxlen: 21
145.69.96.0/19 maxlen: 19
145.69.100.0/24 maxlen: 24
145.69.101.0/24 maxlen: 24
145.69.102.0/24 maxlen: 24
145.69.103.0/24 maxlen: 24
145.69.104.0/24 maxlen: 24
145.69.105.0/24 maxlen: 24
145.69.106.0/24 maxlen: 24
145.69.107.0/24 maxlen: 24
145.69.108.0/24 maxlen: 24
145.69.109.0/24 maxlen: 24
145.69.110.0/24 maxlen: 24
145.69.128.0/17 maxlen: 17
145.69.210.0/24 maxlen: 24
145.69.216.0/24 maxlen: 24
145.69.221.0/24 maxlen: 24
145.69.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Nov 2024 13:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:72:70:69:a7:bc:2a:4a:60:b6:a1:b1:6b:b1:da:53:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Nov 28 11:03:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d6fe7eb18878d75f31ef41d057baa36cf4b8ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b2:4f:d3:b8:4f:aa:f2:38:66:ae:c9:28:b8:
88:7d:5a:36:a5:88:f3:bb:f4:bc:d9:b7:28:cb:be:
02:16:fe:c8:e8:26:62:cd:0b:52:33:65:a9:0b:a1:
2d:43:27:85:de:bf:d4:f0:2f:af:0c:da:14:a0:e1:
98:53:7a:4c:57:4a:31:e4:c7:fa:16:be:fa:fd:ad:
b0:20:92:3f:23:45:51:0c:12:87:5a:5f:0f:e3:5f:
ec:1e:10:7a:83:d1:ec:8f:c2:e1:4e:86:ca:f0:aa:
97:1c:58:2d:23:7e:52:33:97:a9:80:05:82:0f:d5:
db:29:87:54:f7:1a:fb:89:4d:f1:7f:c7:c7:70:8a:
30:b1:e2:e5:55:63:b3:c6:b6:96:89:08:ba:1f:5a:
bf:1e:ba:74:6e:48:93:0e:4e:ca:04:c7:0e:14:8d:
02:a1:c3:16:49:5f:d6:c2:9a:7e:88:fa:0e:c6:60:
3a:62:62:c7:42:60:d4:88:e7:91:c8:cf:7a:1b:e1:
b9:55:7d:89:9e:6f:85:83:81:2d:c4:c5:1e:1c:c3:
56:08:ea:bd:3f:89:b4:d1:3a:bf:db:b3:fd:a7:5a:
f6:1f:d4:d3:71:ea:1f:24:eb:46:0a:f7:48:1c:09:
7d:0f:1d:94:1a:59:74:42:f9:83:02:1c:1a:80:6b:
a6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6F:E7:EB:18:87:8D:75:F3:1E:F4:1D:05:7B:AA:36:CF:4B:8C:E8
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/XW_n6xiHjXXzHvQdBXuqNs9LjOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.12.0.0/16
145.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:81:bf:b9:e6:49:a0:50:eb:01:e5:08:e6:c3:f2:12:27:79:
b3:02:07:0b:eb:b0:7f:fb:09:0d:16:8c:54:fd:52:12:4d:ea:
22:55:ee:34:fd:ba:08:19:2e:6e:87:c9:33:3b:73:f8:a7:9b:
c3:8c:22:44:d5:b9:cc:b7:fd:44:e3:e7:6e:45:d4:ae:f3:e4:
c7:f1:9a:a9:ac:5f:d4:d1:3b:0d:d0:1b:c6:e9:05:4d:67:c5:
0c:2e:f3:f5:3c:a8:1c:35:b3:8e:8f:fa:91:9b:c7:03:8f:a9:
b8:99:f1:5d:98:ce:d0:0e:7d:ef:6e:02:a1:b2:48:4c:c4:62:
b5:38:fd:92:f5:7c:90:b6:73:f6:46:e1:db:7e:40:58:37:71:
b7:66:53:d3:73:3d:a3:62:e8:73:a6:4a:4d:25:a6:f9:3d:66:
47:45:89:6d:34:52:72:e6:9c:bf:87:77:40:b4:f9:3c:e6:ed:
07:19:32:f8:e6:88:94:55:c9:93:42:9a:8e:21:bc:21:81:e4:
a7:ec:2c:7b:9a:34:9a:e6:5b:3e:ee:91:db:ee:35:cc:1a:80:
7f:7e:62:0e:11:20:7a:69:fe:bc:96:22:67:d4:a8:d5:0c:d7:
25:6d:0b:56:f9:bb:4d:d8:42:55:f1:bf:93:9b:68:b8:66:3f:
89:2d:d4:0a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZNycGmnvCpKYLahsWux2lPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjQxMTI4MTEwMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZmZTdlYjE4ODc4ZDc1ZjMxZWY0MWQwNTdiYWEzNmNmNGI4Y2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7JP07hPqvI4Zq7JKLiIfVo2pYjz
u/S82bcoy74CFv7I6CZizQtSM2WpC6EtQyeF3r/U8C+vDNoUoOGYU3pMV0ox5Mf6
Fr76/a2wIJI/I0VRDBKHWl8P41/sHhB6g9Hsj8LhTobK8KqXHFgtI35SM5epgAWC
D9XbKYdU9xr7iU3xf8fHcIowseLlVWOzxraWiQi6H1q/Hrp0bkiTDk7KBMcOFI0C
ocMWSV/Wwpp+iPoOxmA6YmLHQmDUiOeRyM96G+G5VX2Jnm+Fg4EtxMUeHMNWCOq9
P4m00Tq/27P9p1r2H9TTceofJOtGCvdIHAl9Dx2UGll0QvmDAhwagGumewIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFF1v5+sYh4118x70HQV7qjbPS4zoMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvWFdfbjZ4aUhqWFh6SHZRZEJYdXFOczlMak9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAkQwDAwCR
RTANBgkqhkiG9w0BAQsFAAOCAQEAHoG/ueZJoFDrAeUI5sPyEid5swIHC+uwf/sJ
DRaMVP1SEk3qIlXuNP26CBkubofJMztz+Kebw4wiRNW5zLf9ROPnbkXUrvPkx/Ga
qaxf1NE7DdAbxukFTWfFDC7z9TyoHDWzjo/6kZvHA4+puJnxXZjO0A59724CobJI
TMRitTj9kvV8kLZz9kbh235AWDdxt2ZT03M9o2Loc6ZKTSWm+T1mR0WJbTRScuac
v4d3QLT5PObtBxky+OaIlFXJk0KajiG8IYHkp+wse5o0muZbPu6R2+41zBqAf35i
DhEgemn+vJYiZ9So1QzXJW0LVvm7TdhCVfG/k5touGY/iS3UCg==
-----END CERTIFICATE-----
Generated at Fri May 2 22:43:16 2025 by rpki-client