Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/boUU4tUDfmhB7wo4R0xCXSpRn8s.roa
File: boUU4tUDfmhB7wo4R0xCXSpRn8s.roa (raw, json)
Hash identifier: lNItw0yp8QUIaH+Re3/pC9Mo9eN5Nu025QSOIkfGHS0=
Subject key identifier: 6E:85:14:E2:D5:03:7E:68:41:EF:0A:38:47:4C:42:5D:2A:51:9F:CB
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5995B39EA25954FB41629FA89B00D
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/boUU4tUDfmhB7wo4R0xCXSpRn8s.roa
Signing time: Wed 01 Jan 2025 07:47:36 +0000
ROA not before: Wed 01 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2280
IP address blocks: 90.84.11.0/24 maxlen: 24
90.84.14.0/24 maxlen: 24
90.84.15.0/24 maxlen: 24
90.84.16.0/21 maxlen: 24
90.84.39.0/24 maxlen: 24
90.84.40.0/21 maxlen: 24
90.84.154.0/23 maxlen: 23
90.84.154.0/24 maxlen: 24
90.84.155.0/24 maxlen: 24
90.84.168.0/21 maxlen: 24
90.84.176.0/21 maxlen: 24
90.84.184.0/21 maxlen: 24
90.84.184.0/24 maxlen: 24
90.84.192.0/21 maxlen: 24
90.84.240.0/21 maxlen: 24
90.84.251.0/24 maxlen: 24
90.84.252.0/24 maxlen: 24
90.84.253.0/24 maxlen: 24
90.84.254.0/24 maxlen: 24
2a01:c9c0:8000::/48 maxlen: 48
2a01:c9c0:800f::/48 maxlen: 64
Validation: Failed, certificate revoked on Thu 13 Mar 2025 13:17:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:99:5b:39:ea:25:95:4f:b4:16:29:fa:89:b0:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e8514e2d5037e6841ef0a38474c425d2a519fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:64:dc:fc:31:89:69:ee:3b:20:97:fd:d5:2a:
fa:94:f7:d2:7b:23:af:e4:86:ce:e7:0d:75:35:da:
ae:ee:bd:2c:23:62:26:0f:73:73:5b:01:e6:d7:23:
84:47:41:97:74:2c:ec:7d:33:84:71:6f:09:01:7e:
40:48:61:89:e0:19:f1:db:d9:ba:9f:1f:bf:55:6c:
d8:66:20:43:d2:b1:19:fc:02:91:65:5a:50:a9:9e:
4e:05:57:88:7d:84:5a:f0:fd:2a:62:3f:29:ea:73:
ea:66:d3:4b:c7:61:a9:9d:88:e4:62:08:c2:54:58:
0e:88:b9:bb:3f:df:89:54:c8:27:e9:03:04:a1:78:
8c:87:8e:41:cb:b8:26:49:b9:8a:db:c8:95:ed:3f:
bb:79:b9:a5:63:29:f9:bd:6a:32:1e:c1:23:29:d4:
ad:80:4c:19:71:ee:c6:6a:ff:52:23:5f:70:e2:1e:
db:40:c7:03:8a:1d:fe:82:46:57:df:ce:31:c0:13:
0f:5d:e7:2c:aa:8f:fc:7a:d3:b0:d8:19:7f:e6:db:
2f:da:7d:3a:51:73:35:ea:95:9d:32:6e:9f:0a:75:
d3:1f:07:fb:07:71:03:66:62:b5:8e:c2:ef:62:4a:
45:4d:c8:cc:80:d2:dd:f4:fc:a3:39:79:97:37:6d:
a6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:85:14:E2:D5:03:7E:68:41:EF:0A:38:47:4C:42:5D:2A:51:9F:CB
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/boUU4tUDfmhB7wo4R0xCXSpRn8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.84.11.0/24
90.84.14.0-90.84.23.255
90.84.39.0-90.84.47.255
90.84.154.0/23
90.84.168.0-90.84.199.255
90.84.240.0/21
90.84.251.0-90.84.254.255
IPv6:
2a01:c9c0:8000::/48
2a01:c9c0:800f::/48
Signature Algorithm: sha256WithRSAEncryption
2b:de:19:7c:89:98:52:b5:00:6d:92:a2:5d:db:8c:bb:ca:19:
b5:76:97:29:ba:9c:de:f7:bf:f7:af:43:d3:2e:72:dd:ea:57:
5e:2d:20:6d:59:c1:1f:4b:bd:90:8e:22:21:6b:61:b5:cc:83:
71:14:b7:d0:ac:b4:37:4f:60:63:4b:c8:84:93:5c:ed:a7:9d:
e7:f0:7f:dd:40:cf:8d:3c:34:b3:90:dd:cc:87:7a:e8:4f:8d:
13:1f:c1:40:4d:9f:c9:ea:e3:9c:6e:f9:ad:5c:cb:d3:5e:52:
07:61:d3:c3:ca:de:e7:ac:c8:ea:5b:78:05:49:89:77:39:3f:
00:1f:82:a0:99:73:26:e3:21:18:73:fd:6e:4f:9d:6f:06:55:
9e:95:de:ae:41:03:d1:b4:37:b0:45:c1:37:30:4c:94:94:6f:
bc:65:e8:28:6e:a8:68:d9:1a:40:62:67:20:35:ed:fc:58:ba:
9b:86:6e:4d:67:24:47:ba:92:8a:d2:13:b9:05:98:08:79:18:
fa:85:19:67:e1:47:0f:bb:32:c6:25:38:10:6e:ee:cd:0e:eb:
ff:21:06:c5:59:28:1f:96:e6:c2:dd:3b:9f:d5:47:b9:fd:66:
29:2d:11:6c:09:b6:4d:a2:f0:19:32:76:8d:2e:f6:00:d7:bf:
9d:53:5a:37
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQg1ZlbOeollU+0Fin6ibANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg1MTRlMmQ1MDM3ZTY4NDFlZjBhMzg0NzRjNDI1ZDJhNTE5ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWTc/DGJae47IJf91Sr6lPfSeyOv
5IbO5w11Ndqu7r0sI2ImD3NzWwHm1yOER0GXdCzsfTOEcW8JAX5ASGGJ4Bnx29m6
nx+/VWzYZiBD0rEZ/AKRZVpQqZ5OBVeIfYRa8P0qYj8p6nPqZtNLx2GpnYjkYgjC
VFgOiLm7P9+JVMgn6QMEoXiMh45By7gmSbmK28iV7T+7ebmlYyn5vWoyHsEjKdSt
gEwZce7Gav9SI19w4h7bQMcDih3+gkZX384xwBMPXecsqo/8etOw2Bl/5tsv2n06
UXM16pWdMm6fCnXTHwf7B3EDZmK1jsLvYkpFTcjMgNLd9PyjOXmXN22mPQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFG6FFOLVA35oQe8KOEdMQl0qUZ/LMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvYm9VVTR0VURmbWhCN3dvNFIweENYU3BSbjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBQBAIAATBKAwQAWlQLMAwD
BAFaVA4DBANaVBAwDAMEAFpUJwMEBFpUIAMEAVpUmjAMAwQDWlSoAwQDWlTAAwQD
WlTwMAwDBABaVPsDBABaVP4wGAQCAAIwEgMHACoBycCAAAMHACoBycCADzANBgkq
hkiG9w0BAQsFAAOCAQEAK94ZfImYUrUAbZKiXduMu8oZtXaXKbqc3ve/969D0y5y
3epXXi0gbVnBH0u9kI4iIWthtcyDcRS30Ky0N09gY0vIhJNc7aed5/B/3UDPjTw0
s5DdzId66E+NEx/BQE2fyerjnG75rVzL015SB2HTw8re56zI6lt4BUmJdzk/AB+C
oJlzJuMhGHP9bk+dbwZVnpXerkED0bQ3sEXBNzBMlJRvvGXoKG6oaNkaQGJnIDXt
/Fi6m4ZuTWckR7qSitITuQWYCHkY+oUZZ+FHD7syxiU4EG7uzQ7r/yEGxVkoH5bm
wt07n9VHuf1mKS0RbAm2TaLwGTJ2jS72ANe/nVNaNw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 04:09:29 2025 by rpki-client