Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/dBNK5-wuy0n0JmlwniAlHGeGbRg.roa
File: dBNK5-wuy0n0JmlwniAlHGeGbRg.roa (raw, json)
Hash identifier: +W8WIWK708pkfKzObdIsqyQiz9mg+XRIFQR7gW3oUOM=
Subject key identifier: 74:13:4A:E7:EC:2E:CB:49:F4:26:69:70:9E:20:25:1C:67:86:6D:18
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 0194FAD221BC9A9739B808A752C095075186
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/dBNK5-wuy0n0JmlwniAlHGeGbRg.roa
Signing time: Wed 12 Feb 2025 15:41:02 +0000
ROA not before: Wed 12 Feb 2025 15:41:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31042
IP address blocks: 5.22.160.0/19 maxlen: 19
94.127.0.0/21 maxlen: 21
94.127.0.0/24 maxlen: 24
185.81.60.0/22 maxlen: 24
217.26.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 13 Feb 2025 08:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:d2:21:bc:9a:97:39:b8:08:a7:52:c0:95:07:51:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Feb 12 15:41:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74134ae7ec2ecb49f42669709e20251c67866d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a5:d0:4f:97:64:3f:6e:36:dd:1b:7b:b8:64:
33:f5:50:bb:6a:51:a5:91:59:63:8e:10:df:50:e2:
b4:88:d7:33:85:fe:c0:2a:d5:90:f4:3e:6a:45:6d:
b7:30:d7:c5:c2:80:fb:ee:80:86:ce:4f:f5:b2:47:
11:fb:49:c9:55:93:24:3f:be:51:4f:5c:0f:28:66:
60:27:f7:11:28:89:af:e1:82:15:f7:8d:33:8e:e1:
63:ed:05:ca:26:8c:1c:7f:97:21:6a:c4:de:77:6a:
94:e5:d8:27:bd:82:de:84:52:b8:98:49:3e:9d:fe:
3a:40:f7:eb:87:c3:b6:e9:79:80:f1:e7:15:87:d0:
9d:e8:1b:94:15:d1:2f:f1:e8:aa:40:4c:71:c8:db:
73:84:c0:72:47:d2:31:5f:80:6b:85:48:2a:e7:32:
3e:5b:9e:a0:ad:6b:02:04:c5:db:d7:df:24:48:9f:
f0:39:7d:e6:cf:8a:7a:ea:ca:55:5f:7b:b4:f2:0b:
5e:cc:35:02:d8:66:25:ba:36:1d:17:4e:31:d4:cb:
98:8e:d5:e8:29:57:f4:71:7a:f6:58:82:bb:cb:7e:
81:c9:ce:1a:be:08:d4:31:8d:b5:c4:4e:7e:ca:59:
a3:b4:3c:4e:dc:f0:64:f0:50:15:35:64:51:2f:1a:
16:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:13:4A:E7:EC:2E:CB:49:F4:26:69:70:9E:20:25:1C:67:86:6D:18
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/dBNK5-wuy0n0JmlwniAlHGeGbRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
94.127.0.0/21
185.81.60.0/22
217.26.208.0/21
Signature Algorithm: sha256WithRSAEncryption
38:bf:e3:7f:bd:87:b1:39:f2:a7:40:93:ee:c6:36:b0:07:bb:
4d:ed:d0:91:53:e0:c8:20:4f:71:99:14:a6:5b:82:8b:f4:d0:
9b:48:8e:36:99:22:0c:3f:bd:ca:45:c3:25:ef:af:55:0e:96:
8e:fd:e5:59:79:bd:2a:8a:d6:c5:97:7b:10:c5:1d:d2:6f:67:
d3:6f:aa:3d:f8:31:32:8d:84:82:52:4f:5c:3b:00:2a:c2:82:
a3:15:06:59:ea:d4:e9:67:7a:25:c0:05:45:d3:fd:d5:d4:23:
d5:02:c9:44:f4:9d:ec:46:cd:55:a6:f6:91:5d:3e:95:e7:92:
7b:8c:d0:f8:f4:1f:32:07:44:4a:8c:fe:99:93:aa:b1:57:f8:
82:d7:01:b2:54:d2:54:1d:e2:88:0b:b9:41:96:81:0a:71:1d:
52:e0:38:e5:e3:94:1b:be:dd:ca:74:54:50:73:2b:fe:81:1e:
26:42:9a:af:8b:ff:3a:23:64:11:25:99:23:62:46:22:ed:80:
09:b9:55:0b:26:79:5d:93:b6:33:bb:4a:e4:67:f4:f4:2f:05:
f0:60:a7:68:79:d8:73:40:4f:c3:08:c0:d8:58:e1:4b:ce:4c:
c8:53:ef:be:da:31:83:d3:12:69:70:5a:11:cc:e7:2a:4d:b9:
a5:b5:a8:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZT60iG8mpc5uAinUsCVB1GGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjUwMjEyMTU0MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDEzNGFlN2VjMmVjYjQ5ZjQyNjY5NzA5ZTIwMjUxYzY3ODY2ZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6XQT5dkP2423Rt7uGQz9VC7alGl
kVljjhDfUOK0iNczhf7AKtWQ9D5qRW23MNfFwoD77oCGzk/1skcR+0nJVZMkP75R
T1wPKGZgJ/cRKImv4YIV940zjuFj7QXKJowcf5chasTed2qU5dgnvYLehFK4mEk+
nf46QPfrh8O26XmA8ecVh9Cd6BuUFdEv8eiqQExxyNtzhMByR9IxX4BrhUgq5zI+
W56grWsCBMXb198kSJ/wOX3mz4p66spVX3u08gtezDUC2GYlujYdF04x1MuYjtXo
KVf0cXr2WIK7y36Byc4avgjUMY21xE5+ylmjtDxO3PBk8FAVNWRRLxoWVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHQTSufsLstJ9CZpcJ4gJRxnhm0YMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvZEJOSzUtd3V5MG4wSm1sd25pQWxIR2VHYlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFBRagAwQD
Xn8AAwQCuVE8AwQD2RrQMA0GCSqGSIb3DQEBCwUAA4IBAQA4v+N/vYexOfKnQJPu
xjawB7tN7dCRU+DIIE9xmRSmW4KL9NCbSI42mSIMP73KRcMl769VDpaO/eVZeb0q
itbFl3sQxR3Sb2fTb6o9+DEyjYSCUk9cOwAqwoKjFQZZ6tTpZ3olwAVF0/3V1CPV
AslE9J3sRs1VpvaRXT6V55J7jND49B8yB0RKjP6Zk6qxV/iC1wGyVNJUHeKIC7lB
loEKcR1S4Djl45Qbvt3KdFRQcyv+gR4mQpqvi/86I2QRJZkjYkYi7YAJuVULJnld
k7Yzu0rkZ/T0LwXwYKdoedhzQE/DCMDYWOFLzkzIU+++2jGD0xJpcFoRzOcqTbml
taj9
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:13 2025 by rpki-client