Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bp5fMCcpWBiQDzNaRkf1VUFVoqM.roa
File: bp5fMCcpWBiQDzNaRkf1VUFVoqM.roa (raw, json)
Hash identifier: 10Dok+cBTE0Vo0IE3X9xzfSBqF+1NBRgssYlgGFaZ9s=
Subject key identifier: 6E:9E:5F:30:27:29:58:18:90:0F:33:5A:46:47:F5:55:41:55:A2:A3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D445C71A02F402BABA2BA3061FA182A1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bp5fMCcpWBiQDzNaRkf1VUFVoqM.roa
Signing time: Tue 17 Dec 2024 10:59:22 +0000
ROA not before: Tue 17 Dec 2024 10:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.64.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
194.180.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Dec 2024 04:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:45:c7:1a:02:f4:02:ba:ba:2b:a3:06:1f:a1:82:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 17 10:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e9e5f3027295818900f335a4647f5554155a2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e4:2b:ef:f7:c9:67:f8:41:a5:39:39:71:83:
7d:72:e6:8b:69:44:bc:b6:2b:84:06:47:81:46:19:
15:21:bc:00:4f:6a:75:99:a3:7b:e3:c2:6b:bd:8f:
2d:f7:e2:7f:9f:42:39:12:dd:00:2c:3b:38:4b:1a:
c4:2a:40:fc:95:f3:e6:47:10:d6:a0:8b:79:a2:35:
dd:8f:bf:77:2e:ed:26:d6:50:2e:35:f6:c8:84:38:
78:8b:4b:cc:ca:82:27:08:b2:b1:4f:0d:9d:5c:56:
6f:88:8b:2f:c3:1d:b7:e9:13:cb:91:87:19:98:c3:
45:b6:29:3f:f7:a6:c8:07:92:dd:3d:27:46:73:22:
11:90:69:cb:80:3d:cb:62:c3:40:c9:c9:4e:47:de:
5e:f8:c5:13:86:75:02:b0:c9:0d:66:a0:94:b7:d2:
4f:b1:41:64:b6:e9:c0:b2:35:0c:dc:c4:b1:04:83:
6a:db:44:34:5f:d8:a7:fc:d8:9c:77:fa:76:41:1c:
5f:d8:dd:28:45:25:1a:1c:a2:ee:28:58:bf:93:8e:
35:25:70:ad:50:40:6d:5d:a3:cf:8f:1f:06:dd:6b:
8e:d3:7a:3f:a8:67:59:74:32:5a:1a:3b:31:31:e2:
50:eb:85:f3:d0:90:6e:6f:92:f3:fc:42:84:56:83:
f3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9E:5F:30:27:29:58:18:90:0F:33:5A:46:47:F5:55:41:55:A2:A3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bp5fMCcpWBiQDzNaRkf1VUFVoqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
83.219.98.0/24
87.120.68.0/23
93.123.74.0/23
185.252.160.0/23
194.180.37.0/24
Signature Algorithm: sha256WithRSAEncryption
30:bb:68:67:d7:40:b4:72:57:51:51:d4:03:cd:7b:23:10:a2:
ed:c8:d4:8b:b2:f6:b3:ff:98:32:47:88:5d:ed:c3:d5:18:81:
e7:7b:e7:26:1f:e0:95:65:d9:ec:66:29:7b:d1:4f:22:ba:86:
fe:66:cb:c7:06:e2:74:18:2d:eb:bf:82:49:41:a3:2c:53:6b:
fd:5a:ce:36:81:d0:8d:cb:82:d4:cd:6b:c3:0a:04:af:97:2c:
f6:21:9e:50:a9:e0:aa:db:d1:91:4f:8e:f6:4c:c5:6e:d3:c0:
5a:6d:ee:19:9f:d1:cd:2b:43:0e:8f:9d:d0:56:38:b7:41:be:
67:ba:e2:6b:d3:ce:e5:56:97:d7:6c:13:92:08:07:70:af:45:
2a:fa:b2:f8:83:cd:a3:75:af:3a:c3:3f:85:03:12:46:a9:ca:
de:18:6b:b3:2c:a2:1a:5e:7c:c6:83:ba:be:61:b4:05:ff:e8:
d1:2a:2c:11:52:64:44:04:bb:62:16:ed:dc:b7:4d:74:72:c8:
f6:b2:6c:1f:aa:8e:bf:81:be:c3:19:ef:27:84:3e:64:dd:ac:
e8:81:80:ac:15:c3:7a:10:cd:7b:a0:0e:3d:93:52:af:c0:e9:
56:56:96:17:e1:cd:28:8f:68:64:82:17:69:3a:c4:32:7d:e3:
e7:f9:16:56
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPURccaAvQCurorowYfoYKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE3MTA1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTllNWYzMDI3Mjk1ODE4OTAwZjMzNWE0NjQ3ZjU1NTQxNTVhMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouQr7/fJZ/hBpTk5cYN9cuaLaUS8
tiuEBkeBRhkVIbwAT2p1maN748JrvY8t9+J/n0I5Et0ALDs4SxrEKkD8lfPmRxDW
oIt5ojXdj793Lu0m1lAuNfbIhDh4i0vMyoInCLKxTw2dXFZviIsvwx236RPLkYcZ
mMNFtik/96bIB5LdPSdGcyIRkGnLgD3LYsNAyclOR95e+MUThnUCsMkNZqCUt9JP
sUFktunAsjUM3MSxBINq20Q0X9in/Nicd/p2QRxf2N0oRSUaHKLuKFi/k441JXCt
UEBtXaPPjx8G3WuO03o/qGdZdDJaGjsxMeJQ64Xz0JBub5Lz/EKEVoPzVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG6eXzAnKVgYkA8zWkZH9VVBVaKjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYnA1Zk1DY3BXQmlRRHpOYVJrZjFWVUZWb3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABf1AAwQA
U9tiAwQBV3hEAwQBXXtKAwQBufygAwQAwrQlMA0GCSqGSIb3DQEBCwUAA4IBAQAw
u2hn10C0cldRUdQDzXsjEKLtyNSLsvaz/5gyR4hd7cPVGIHne+cmH+CVZdnsZil7
0U8iuob+ZsvHBuJ0GC3rv4JJQaMsU2v9Ws42gdCNy4LUzWvDCgSvlyz2IZ5QqeCq
29GRT472TMVu08Babe4Zn9HNK0MOj53QVji3Qb5nuuJr087lVpfXbBOSCAdwr0Uq
+rL4g82jda86wz+FAxJGqcreGGuzLKIaXnzGg7q+YbQF/+jRKiwRUmREBLtiFu3c
t010csj2smwfqo6/gb7DGe8nhD5k3azogYCsFcN6EM17oA49k1KvwOlWVpYX4c0o
j2hkghdpOsQyfePn+RZW
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:53 2025 by rpki-client