Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/x83xWgIu09wvgO4YrN0jqaTET_Q.roa
File: x83xWgIu09wvgO4YrN0jqaTET_Q.roa (raw, json)
Hash identifier: DSfx++GqrYsykDH0GijE2cevgKaTLBRGFQyC4khnOnU=
Subject key identifier: C7:CD:F1:5A:02:2E:D3:DC:2F:80:EE:18:AC:DD:23:A9:A4:C4:4F:F4
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 019423D7078F07859D2B5F0696E18BDD7581
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/x83xWgIu09wvgO4YrN0jqaTET_Q.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43350
IP address blocks: 107.181.137.0/24 maxlen: 24
162.220.246.0/23 maxlen: 24
185.53.128.0/24 maxlen: 24
185.53.129.0/24 maxlen: 24
185.53.130.0/24 maxlen: 24
185.53.131.0/24 maxlen: 24
185.83.216.0/24 maxlen: 24
185.83.217.0/24 maxlen: 24
185.83.218.0/24 maxlen: 24
185.83.219.0/24 maxlen: 24
198.105.112.0/24 maxlen: 24
198.105.113.0/24 maxlen: 24
198.105.114.0/23 maxlen: 24
198.105.118.0/23 maxlen: 24
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Feb 2025 17:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:07:8f:07:85:9d:2b:5f:06:96:e1:8b:dd:75:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7cdf15a022ed3dc2f80ee18acdd23a9a4c44ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:87:9a:15:68:4f:b1:41:b1:85:04:04:51:72:
a3:35:fb:be:8c:1b:16:60:f1:e5:f2:3e:70:e5:8d:
52:12:22:eb:ad:87:12:fc:f5:47:be:8b:46:b3:60:
a3:7b:cd:fe:10:85:fd:2c:70:4c:b3:3a:35:56:c4:
0c:06:bb:37:50:0f:b9:3b:ec:3e:06:bd:e3:2b:91:
48:bd:d7:0c:cf:ea:f9:19:dd:21:47:41:eb:c5:bf:
ac:05:01:2c:3a:fa:2e:a4:f5:54:42:65:f5:8a:12:
ec:86:b4:e9:4e:81:5b:76:80:6f:e1:fb:63:0b:52:
5e:b4:2b:ce:46:82:59:9e:1e:a0:64:73:f9:e0:c2:
17:62:56:df:d4:6a:4b:b5:40:73:c7:56:3b:ac:50:
4d:0f:2c:6d:7d:83:12:8c:fd:b6:bd:2e:93:40:e4:
43:80:f8:97:90:9f:62:a8:61:35:fe:76:d8:ce:65:
bd:92:15:73:40:1e:93:8d:71:2d:20:76:43:95:06:
58:b9:d7:b9:53:bf:51:63:7a:9d:23:1e:84:0e:e7:
6f:ac:b4:0c:11:14:55:fe:f7:8f:b7:2c:3f:de:1f:
19:77:87:a2:70:32:4d:a7:1b:55:d7:90:fa:b4:0a:
9c:e5:da:e4:5f:38:a0:13:eb:f9:f7:79:01:34:09:
02:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CD:F1:5A:02:2E:D3:DC:2F:80:EE:18:AC:DD:23:A9:A4:C4:4F:F4
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/x83xWgIu09wvgO4YrN0jqaTET_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.137.0/24
162.220.246.0/23
185.53.128.0/22
185.83.216.0/22
198.105.112.0/22
198.105.118.0/23
IPv6:
2a02:2ca0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:c5:74:7d:56:c6:02:ef:6e:d4:a5:fd:38:e5:66:49:a3:dd:
66:cf:1f:5e:9d:1c:fe:50:6a:2f:96:c5:90:92:5e:6f:78:ee:
44:96:ad:23:06:05:48:18:de:49:6c:82:ed:81:f3:ab:ea:93:
4c:b9:3d:a8:a4:63:82:d0:38:23:8e:7b:c1:8f:29:bb:dc:96:
ab:5b:90:49:d7:dc:44:69:01:29:95:d5:bc:01:c3:21:6f:07:
f1:61:a4:5a:d4:85:72:3a:54:5d:bd:75:41:0b:24:b4:ce:a8:
19:31:1f:9e:25:97:cd:27:ea:95:c1:fb:f0:da:72:db:e3:eb:
4f:ce:d7:e9:ef:b5:e4:23:1b:70:ab:59:14:ba:d3:d2:f7:35:
65:ee:d9:bc:92:23:bd:79:60:10:08:75:b9:3f:85:2d:1e:1e:
ea:e7:a1:cf:a7:6e:02:28:f1:dd:6b:11:d0:bd:3c:bc:13:e5:
ae:40:21:6e:9d:60:73:ea:5b:d7:5f:9d:f8:7f:aa:bc:9c:ec:
af:78:88:1e:20:52:d7:be:17:93:2b:70:77:ed:d5:7d:0b:5f:
6e:8a:97:f0:63:e3:b7:0e:7d:70:15:c0:cd:c7:15:71:8d:c2:
82:31:46:11:6d:ee:70:a0:9c:36:07:80:e4:cc:5e:9a:50:46:
e8:82:9c:06
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQj1wePB4WdK18GluGL3XWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NkZjE1YTAyMmVkM2RjMmY4MGVlMThhY2RkMjNhOWE0YzQ0ZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IeaFWhPsUGxhQQEUXKjNfu+jBsW
YPHl8j5w5Y1SEiLrrYcS/PVHvotGs2Cje83+EIX9LHBMszo1VsQMBrs3UA+5O+w+
Br3jK5FIvdcMz+r5Gd0hR0Hrxb+sBQEsOvoupPVUQmX1ihLshrTpToFbdoBv4ftj
C1JetCvORoJZnh6gZHP54MIXYlbf1GpLtUBzx1Y7rFBNDyxtfYMSjP22vS6TQORD
gPiXkJ9iqGE1/nbYzmW9khVzQB6TjXEtIHZDlQZYude5U79RY3qdIx6EDudvrLQM
ERRV/vePtyw/3h8Zd4eicDJNpxtV15D6tAqc5drkXzigE+v593kBNAkC3QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMfN8VoCLtPcL4DuGKzdI6mkxE/0MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEveDgzeFdnSXUwOXd2Z080WXJOMGpxYVRFVF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAa7WJAwQB
otz2AwQCuTWAAwQCuVPYAwQCxmlwAwQBxml2MA0EAgACMAcDBQMqAiygMA0GCSqG
SIb3DQEBCwUAA4IBAQBrxXR9VsYC727Upf045WZJo91mzx9enRz+UGovlsWQkl5v
eO5Elq0jBgVIGN5JbILtgfOr6pNMuT2opGOC0DgjjnvBjym73JarW5BJ19xEaQEp
ldW8AcMhbwfxYaRa1IVyOlRdvXVBCyS0zqgZMR+eJZfNJ+qVwfvw2nLb4+tPztfp
77XkIxtwq1kUutPS9zVl7tm8kiO9eWAQCHW5P4UtHh7q56HPp24CKPHdaxHQvTy8
E+WuQCFunWBz6lvXX534f6q8nOyveIgeIFLXvheTK3B37dV9C19uipfwY+O3Dn1w
FcDNxxVxjcKCMUYRbe5woJw2B4DkzF6aUEbogpwG
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:45:18 2025 by rpki-client