Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/xyRB55pF0lV1V4EDLFktut8saCM.roa
File: xyRB55pF0lV1V4EDLFktut8saCM.roa (raw, json)
Hash identifier: W20+9ljlT4W4dFk+Y+CQWfwzhd/9cVGWxR9ndoRlqn4=
Subject key identifier: C7:24:41:E7:9A:45:D2:55:75:57:81:03:2C:59:2D:BA:DF:2C:68:23
Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Certificate serial: 019567002E312FE3A1C2D8E874D8040C8F77
Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/xyRB55pF0lV1V4EDLFktut8saCM.roa
Signing time: Wed 05 Mar 2025 15:50:19 +0000
ROA not before: Wed 05 Mar 2025 15:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41275
IP address blocks: 5.35.112.0/22 maxlen: 22
5.35.112.0/23 maxlen: 23
5.35.113.0/24 maxlen: 24
5.35.114.0/23 maxlen: 23
62.217.184.0/21 maxlen: 21
85.198.104.0/23 maxlen: 23
89.169.48.0/22 maxlen: 22
89.207.216.0/21 maxlen: 21
89.207.221.0/24 maxlen: 24
93.157.244.0/22 maxlen: 22
95.131.144.0/21 maxlen: 21
185.136.76.0/22 maxlen: 22
185.155.17.0/24 maxlen: 24
185.155.18.0/23 maxlen: 23
217.150.200.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 25 Mar 2025 10:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:00:2e:31:2f:e3:a1:c2:d8:e8:74:d8:04:0c:8f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25
Validity
Not Before: Mar 5 15:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c72441e79a45d255755781032c592dbadf2c6823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c6:e8:64:85:30:8d:4a:97:5a:5f:db:2e:94:
ee:ca:f3:51:5c:8c:d6:61:a0:93:6e:46:22:f7:e3:
a7:d5:1c:be:d4:70:e4:7f:8b:85:e6:97:3c:60:41:
be:df:b7:2d:96:10:d5:6e:4d:14:94:57:c7:b0:b0:
26:23:e8:24:d3:21:4b:12:27:16:1d:97:75:58:b2:
a5:47:04:b8:ae:6f:b8:38:36:cc:80:cf:f6:d2:d1:
98:83:8a:4c:48:68:30:89:ac:90:24:93:f7:37:f3:
b5:50:df:6d:32:02:9e:38:71:49:04:23:2e:41:35:
40:0f:21:71:8f:5e:f9:d1:97:83:8a:eb:a0:cd:19:
23:63:b6:fa:76:e9:61:23:d4:33:ad:7c:1c:94:ed:
15:f1:13:1a:65:38:2e:e8:30:f3:ed:d9:da:89:82:
ce:b1:cd:5c:54:1a:52:a4:bb:6b:87:42:9f:c5:24:
1e:8c:ff:ae:4c:1e:26:2b:f1:69:f7:a6:a8:43:28:
c8:1c:f7:a8:8b:14:11:65:18:38:a1:3c:f3:7a:60:
34:3f:86:51:7c:95:56:a4:41:33:7e:f3:20:1a:bb:
76:84:e8:f1:95:2a:71:b2:4a:5e:87:f1:c1:87:ca:
21:87:fc:86:b7:10:7e:8a:75:80:d5:f4:6e:3a:59:
64:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:24:41:E7:9A:45:D2:55:75:57:81:03:2C:59:2D:BA:DF:2C:68:23
X509v3 Authority Key Identifier:
keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/xyRB55pF0lV1V4EDLFktut8saCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.112.0/22
62.217.184.0/21
85.198.104.0/23
89.169.48.0/22
89.207.216.0/21
93.157.244.0/22
95.131.144.0/21
185.136.76.0/22
185.155.17.0-185.155.19.255
217.150.200.0/23
Signature Algorithm: sha256WithRSAEncryption
47:e6:90:7f:72:f3:a6:97:86:d0:31:cd:2f:6a:01:29:5b:f4:
2e:c7:e9:ac:dd:b1:a2:fd:17:bc:5b:9d:df:21:68:0b:f2:8f:
f7:12:5b:bc:c3:ba:09:11:43:00:ab:5b:05:5b:04:e7:8f:ec:
7e:40:b5:c6:36:19:44:b9:40:b1:20:20:84:a1:8f:8b:fd:95:
eb:14:26:b8:6c:2a:a3:90:76:92:5a:fb:2c:72:af:d3:90:5e:
c3:f3:62:9e:48:f2:ca:5f:b9:54:2d:5e:c4:e0:e9:69:a0:00:
5c:ba:a2:2a:1a:b9:80:de:69:1a:3a:79:aa:5b:c7:ec:8c:db:
e8:a1:ff:97:ea:02:cd:d0:ce:91:65:2d:25:fa:6d:ff:61:6f:
12:a0:e9:c3:0d:54:5a:15:cf:ca:3c:a8:1c:38:5c:53:d3:28:
08:15:02:35:0a:75:3d:22:68:7f:1b:67:07:3f:11:46:6b:87:
4a:1e:7d:68:c1:de:3d:23:0e:3f:43:ae:2b:0a:b7:ef:30:26:
9a:8c:db:d0:d5:d1:f9:bb:dd:94:e0:f8:09:92:3d:bb:1a:a6:
71:5a:1d:bf:e1:f1:9b:6b:56:bc:92:a5:55:0f:f6:fd:b2:7b:
94:07:c1:da:10:6a:de:74:68:db:79:bf:41:f9:27:ee:f0:fb:
0e:94:c0:f1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZVnAC4xL+OhwtjodNgEDI93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl
YjllMjUwHhcNMjUwMzA1MTU1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI0NDFlNzlhNDVkMjU1NzU1NzgxMDMyYzU5MmRiYWRmMmM2ODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcboZIUwjUqXWl/bLpTuyvNRXIzW
YaCTbkYi9+On1Ry+1HDkf4uF5pc8YEG+37ctlhDVbk0UlFfHsLAmI+gk0yFLEicW
HZd1WLKlRwS4rm+4ODbMgM/20tGYg4pMSGgwiayQJJP3N/O1UN9tMgKeOHFJBCMu
QTVADyFxj1750ZeDiuugzRkjY7b6dulhI9QzrXwclO0V8RMaZTgu6DDz7dnaiYLO
sc1cVBpSpLtrh0KfxSQejP+uTB4mK/Fp96aoQyjIHPeoixQRZRg4oTzzemA0P4ZR
fJVWpEEzfvMgGrt2hOjxlSpxskpeh/HBh8ohh/yGtxB+inWA1fRuOllkjQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMckQeeaRdJVdVeBAyxZLbrfLGgjMB8GA1UdIwQY
MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct
N2NhZTA0MGU0OWU4LzEveHlSQjU1cEYwbFYxVjRFRExGa3R1dDhzYUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4
LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCBSNwAwQD
Ptm4AwQBVcZoAwQCWakwAwQDWc/YAwQCXZ30AwQDX4OQAwQCuYhMMAwDBAC5mxED
BAK5mxADBAHZlsgwDQYJKoZIhvcNAQELBQADggEBAEfmkH9y86aXhtAxzS9qASlb
9C7H6azdsaL9F7xbnd8haAvyj/cSW7zDugkRQwCrWwVbBOeP7H5AtcY2GUS5QLEg
IIShj4v9lesUJrhsKqOQdpJa+yxyr9OQXsPzYp5I8spfuVQtXsTg6WmgAFy6oioa
uYDeaRo6eapbx+yM2+ih/5fqAs3QzpFlLSX6bf9hbxKg6cMNVFoVz8o8qBw4XFPT
KAgVAjUKdT0iaH8bZwc/EUZrh0oefWjB3j0jDj9DrisKt+8wJpqM29DV0fm73ZTg
+AmSPbsapnFaHb/h8ZtrVrySpVUP9v2ye5QHwdoQat50aNt5v0H5J+7w+w6UwPE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:02:44 2025 by rpki-client