Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/XLrXATcumB4J_A4_sJKVikBcpBo.roa
File: XLrXATcumB4J_A4_sJKVikBcpBo.roa (raw, json)
Hash identifier: rdXpzegBVuhbFIY0S+xwqJ8oJ2gz2UpCqaaIsUQiTLI=
Subject key identifier: 5C:BA:D7:01:37:2E:98:1E:09:FC:0E:3F:B0:92:95:8A:40:5C:A4:1A
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 0196686D86265E12619C6657D1DC5451A070
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/XLrXATcumB4J_A4_sJKVikBcpBo.roa
Signing time: Thu 24 Apr 2025 15:32:10 +0000
ROA not before: Thu 24 Apr 2025 15:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
89.63.20.0/24 maxlen: 24
89.63.240.0/20 maxlen: 24
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 24 Apr 2025 16:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:6d:86:26:5e:12:61:9c:66:57:d1:dc:54:51:a0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Apr 24 15:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cbad701372e981e09fc0e3fb092958a405ca41a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:da:6b:f2:91:c5:14:89:ab:76:e8:3a:84:
af:d9:8a:4b:d4:10:77:1f:bf:ca:a2:78:5b:9a:68:
3c:13:1f:9c:f5:be:ae:e6:37:46:65:08:65:0c:b3:
a3:84:b3:1b:9b:6f:3d:97:9e:2d:1f:93:ea:e7:99:
6f:5d:f1:ae:14:55:e7:ed:83:da:cc:a9:da:d8:fe:
c8:9c:86:4e:5f:7c:b1:83:34:1c:ff:de:91:5b:bc:
01:6d:e9:f4:4c:1d:d1:cb:08:aa:33:66:6a:39:05:
6a:d4:d8:47:ae:db:f7:19:ab:78:85:73:b3:a4:f4:
82:97:7f:2c:83:2d:36:e8:74:6b:22:92:95:52:32:
45:34:3f:39:f8:c2:da:da:5f:a0:d3:cc:21:95:9f:
9f:dc:0a:a1:ab:a3:96:b9:7d:c0:37:fc:39:e3:13:
77:c4:77:45:06:0a:30:c7:f1:15:e9:14:36:52:6e:
0f:c7:af:16:89:82:24:fa:fa:44:3a:56:82:9c:f6:
1e:d5:95:13:54:fa:ea:4a:40:d5:25:7a:fb:23:20:
68:b1:94:7e:ec:78:d2:5f:0d:5e:12:7b:c9:30:ff:
db:c6:87:93:b8:7a:90:a6:cd:89:74:84:96:8d:2a:
2b:b6:d8:ab:ae:57:b6:ad:24:d5:52:4d:70:87:d4:
9e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BA:D7:01:37:2E:98:1E:09:FC:0E:3F:B0:92:95:8A:40:5C:A4:1A
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/XLrXATcumB4J_A4_sJKVikBcpBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
c6:e4:59:87:5a:41:55:98:37:31:8b:6e:6c:aa:6c:3c:d0:cd:
0f:4e:d5:81:68:7e:a8:e2:ce:a6:a9:a3:53:69:58:5c:c1:e9:
23:78:be:31:c5:28:ff:c9:7f:ed:d8:1e:8d:25:45:4e:fd:3a:
41:6a:db:29:ec:50:f3:f2:4b:57:79:29:a4:9a:70:7d:c4:62:
ea:88:ca:d0:3e:df:67:d3:fd:60:b2:7e:fc:ab:fb:7f:4a:52:
9b:73:34:b0:bc:f9:e3:26:15:a5:03:5b:b0:93:b6:0b:58:b2:
c1:85:49:1f:2b:55:6c:d4:d6:97:46:0d:f8:42:ad:aa:fc:2c:
5b:1c:24:95:b1:b4:a9:03:c4:8b:ed:50:2e:70:e0:ac:e8:4d:
84:3b:2c:11:c3:f5:ba:db:97:b0:ce:c5:3f:43:11:5b:89:79:
20:f4:c2:9d:7c:98:23:19:12:7f:a5:c6:0b:84:d9:7f:54:32:
a1:a3:04:8c:b6:8a:7c:d0:ec:35:f7:c6:b3:0f:b9:87:d2:a9:
4c:07:90:bf:5f:82:b9:c7:29:bd:d6:15:c6:b2:ad:52:2b:db:
94:58:b2:88:cf:0f:78:90:c1:7a:17:af:99:8a:f2:fd:b8:6e:
79:5e:c5:cd:70:20:69:23:0c:1f:3e:33:14:b6:31:c5:c8:db:
09:45:63:a0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZZobYYmXhJhnGZX0dxUUaBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjUwNDI0MTUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JhZDcwMTM3MmU5ODFlMDlmYzBlM2ZiMDkyOTU4YTQwNWNhNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN/aa/KRxRSJq3boOoSv2YpL1BB3
H7/Konhbmmg8Ex+c9b6u5jdGZQhlDLOjhLMbm289l54tH5Pq55lvXfGuFFXn7YPa
zKna2P7InIZOX3yxgzQc/96RW7wBben0TB3RywiqM2ZqOQVq1NhHrtv3Gat4hXOz
pPSCl38sgy026HRrIpKVUjJFND85+MLa2l+g08whlZ+f3Aqhq6OWuX3AN/w54xN3
xHdFBgowx/EV6RQ2Um4Px68WiYIk+vpEOlaCnPYe1ZUTVPrqSkDVJXr7IyBosZR+
7HjSXw1eEnvJMP/bxoeTuHqQps2JdISWjSorttirrle2rSTVUk1wh9SeBwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFy61wE3LpgeCfwOP7CSlYpAXKQaMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvWExyWEFUY3VtQjRKX0E0X3NKS1Zpa0JjcEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQDG5FmHWkFVmDcxi25sqmw80M0PTtWBaH6o4s6mqaNT
aVhcwekjeL4xxSj/yX/t2B6NJUVO/TpBatsp7FDz8ktXeSmkmnB9xGLqiMrQPt9n
0/1gsn78q/t/SlKbczSwvPnjJhWlA1uwk7YLWLLBhUkfK1Vs1NaXRg34Qq2q/Cxb
HCSVsbSpA8SL7VAucOCs6E2EOywRw/W625ewzsU/QxFbiXkg9MKdfJgjGRJ/pcYL
hNl/VDKhowSMtop80Ow198azD7mH0qlMB5C/X4K5xym91hXGsq1SK9uUWLKIzw94
kMF6F6+ZivL9uG55XsXNcCBpIwwfPjMUtjHFyNsJRWOg
-----END CERTIFICATE-----
Generated at Wed May 14 00:39:50 2025 by rpki-client