Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/7mGJWdWh1zHQ-hETrpZylPXEKC0.roa
File: 7mGJWdWh1zHQ-hETrpZylPXEKC0.roa (raw, json)
Hash identifier: uGSLSvwQq0Wi6ARLW2Gc2er79tVCukUQDiPvKKZ+q8E=
Subject key identifier: EE:61:89:59:D5:A1:D7:31:D0:FA:11:13:AE:96:72:94:F5:C4:28:2D
Certificate issuer: /CN=489c263e818486cfd831c245ddfacca91fbd81c0
Certificate serial: 01954154AC3F346D863DE19B1DEE6405E9B9
Authority key identifier: 48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/7mGJWdWh1zHQ-hETrpZylPXEKC0.roa
Signing time: Wed 26 Feb 2025 08:17:02 +0000
ROA not before: Wed 26 Feb 2025 08:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209281
IP address blocks: 93.115.196.0/22 maxlen: 22
137.59.56.0/23 maxlen: 23
185.20.108.0/22 maxlen: 22
185.107.0.0/22 maxlen: 22
185.216.188.0/23 maxlen: 23
185.216.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 13:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:54:ac:3f:34:6d:86:3d:e1:9b:1d:ee:64:05:e9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=489c263e818486cfd831c245ddfacca91fbd81c0
Validity
Not Before: Feb 26 08:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee618959d5a1d731d0fa1113ae967294f5c4282d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:83:1f:53:92:5d:a8:6e:33:62:17:e2:d4:86:
40:ef:d6:55:b2:67:3c:0a:c3:da:dc:1e:f9:d0:4d:
09:e8:88:a8:7f:83:a1:7c:83:20:82:74:76:b1:99:
a6:44:3d:76:4f:9c:57:3a:21:be:0e:ee:c9:a0:a7:
52:3a:b1:6e:96:06:73:4e:31:a3:da:4e:e9:66:d1:
31:93:0d:85:92:ce:66:70:5a:a1:60:2f:98:f9:be:
92:ad:3a:3a:b3:6b:b5:95:7c:5f:47:47:c3:ac:0d:
61:96:54:b7:33:35:a0:45:c2:c9:9a:a8:f4:85:97:
37:11:ba:e6:fd:63:57:b7:79:d5:fb:14:0e:76:c8:
94:63:ca:7e:1f:13:bf:5e:f2:4e:66:a4:28:d3:09:
75:c2:a8:bf:02:52:c4:90:3c:36:b3:ff:13:ec:c9:
85:61:55:ff:a8:c7:f9:f7:48:3f:46:2b:76:2a:52:
ec:ea:bc:39:b3:99:2b:5e:65:da:45:f1:b7:53:8f:
83:67:b4:b0:d0:e1:95:fb:5b:ef:de:37:0b:94:b9:
41:a2:c6:e7:78:06:5f:03:c5:4f:12:dc:1c:14:8e:
bf:74:c3:be:f5:fc:45:f1:2b:bd:12:44:9e:a6:2b:
9a:dc:4e:b5:a9:46:8c:11:e9:e8:27:80:29:33:7f:
50:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:61:89:59:D5:A1:D7:31:D0:FA:11:13:AE:96:72:94:F5:C4:28:2D
X509v3 Authority Key Identifier:
keyid:48:9C:26:3E:81:84:86:CF:D8:31:C2:45:DD:FA:CC:A9:1F:BD:81:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SJwmPoGEhs_YMcJF3frMqR-9gcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/7mGJWdWh1zHQ-hETrpZylPXEKC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/117fc9-7a62-4682-bfbc-2ca3aa71ec5f/1/SJwmPoGEhs_YMcJF3frMqR-9gcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.196.0/22
137.59.56.0/23
185.20.108.0/22
185.107.0.0/22
185.216.188.0/23
Signature Algorithm: sha256WithRSAEncryption
40:af:60:cb:ae:cf:c0:0a:cd:4b:45:ac:6c:be:e5:a1:e3:d5:
bf:50:e0:09:a6:fa:eb:d6:94:07:a0:8c:df:a7:60:7d:68:08:
f1:f3:03:c0:ec:35:10:cc:17:4a:7d:77:b5:af:0f:cb:b1:b9:
c2:24:19:09:be:45:bc:ce:8c:eb:ec:15:72:de:2d:80:db:1c:
12:77:0d:17:06:d0:62:fa:96:34:22:80:67:8f:d8:6b:f8:12:
8b:ea:41:e6:54:24:28:36:83:62:ed:ac:8e:c5:5f:8e:8c:14:
66:58:de:12:7d:9d:ca:1d:a6:ea:87:4c:c4:05:d2:bb:10:c9:
54:ca:cc:6a:26:e1:4d:d3:69:b3:72:d2:72:cb:d0:42:5e:1b:
8b:65:23:e2:0d:e2:22:38:f3:41:ef:d8:e9:7e:15:89:5a:c8:
ef:86:26:f0:c6:4b:98:7c:9b:f9:ff:37:43:78:d6:aa:d8:67:
6f:8b:2a:10:bd:d8:99:2d:f2:e6:0b:d5:88:48:b0:e8:a0:24:
a2:a3:4a:3d:39:61:28:bf:17:55:5e:61:d7:ec:91:c2:71:84:
c5:80:b2:eb:fd:b2:a6:8f:af:7d:f9:0a:1a:98:07:7d:c5:6f:
5f:09:18:9b:1b:28:b1:05:4a:ef:74:33:06:0f:2f:43:1a:49:
33:67:fd:a7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVBVKw/NG2GPeGbHe5kBem5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OWMyNjNlODE4NDg2Y2ZkODMxYzI0NWRkZmFjY2E5MWZi
ZDgxYzAwHhcNMjUwMjI2MDgxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTYxODk1OWQ1YTFkNzMxZDBmYTExMTNhZTk2NzI5NGY1YzQyODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24MfU5JdqG4zYhfi1IZA79ZVsmc8
CsPa3B750E0J6Iiof4OhfIMggnR2sZmmRD12T5xXOiG+Du7JoKdSOrFulgZzTjGj
2k7pZtExkw2Fks5mcFqhYC+Y+b6SrTo6s2u1lXxfR0fDrA1hllS3MzWgRcLJmqj0
hZc3Ebrm/WNXt3nV+xQOdsiUY8p+HxO/XvJOZqQo0wl1wqi/AlLEkDw2s/8T7MmF
YVX/qMf590g/Rit2KlLs6rw5s5krXmXaRfG3U4+DZ7Sw0OGV+1vv3jcLlLlBosbn
eAZfA8VPEtwcFI6/dMO+9fxF8Su9EkSepiua3E61qUaMEenoJ4ApM39QawIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO5hiVnVodcx0PoRE66WcpT1xCgtMB8GA1UdIwQY
MBaAFEicJj6BhIbP2DHCRd36zKkfvYHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMt
MmNhM2FhNzFlYzVmLzEvN21HSldkV2gxekhRLWhFVHJwWnlsUFhFS0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8xMTdmYzktN2E2Mi00NjgyLWJmYmMtMmNhM2FhNzFlYzVm
LzEvU0p3bVBvR0Voc19ZTWNKRjNmck1xUi05Z2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCXXPEAwQB
iTs4AwQCuRRsAwQCuWsAAwQBudi8MA0GCSqGSIb3DQEBCwUAA4IBAQBAr2DLrs/A
Cs1LRaxsvuWh49W/UOAJpvrr1pQHoIzfp2B9aAjx8wPA7DUQzBdKfXe1rw/LsbnC
JBkJvkW8zozr7BVy3i2A2xwSdw0XBtBi+pY0IoBnj9hr+BKL6kHmVCQoNoNi7ayO
xV+OjBRmWN4SfZ3KHabqh0zEBdK7EMlUysxqJuFN02mzctJyy9BCXhuLZSPiDeIi
OPNB79jpfhWJWsjvhibwxkuYfJv5/zdDeNaq2GdviyoQvdiZLfLmC9WISLDooCSi
o0o9OWEovxdVXmHX7JHCcYTFgLLr/bKmj699+QoamAd9xW9fCRibGyixBUrvdDMG
Dy9DGkkzZ/2n
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:58 2025 by rpki-client