Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/va1YvdML_33Z4DTrEtI1CNwRXrA.roa
File: va1YvdML_33Z4DTrEtI1CNwRXrA.roa (raw, json)
Hash identifier: o6DgADeFSD0DjRPdtzKiCfn+QbRBtxKRVx0MgljmYtU=
Subject key identifier: BD:AD:58:BD:D3:0B:FF:7D:D9:E0:34:EB:12:D2:35:08:DC:11:5E:B0
Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial: 0194A784CFA289929E21A37138E24DDDC704
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/va1YvdML_33Z4DTrEtI1CNwRXrA.roa
Signing time: Mon 27 Jan 2025 11:28:06 +0000
ROA not before: Mon 27 Jan 2025 11:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199484
IP address blocks: 185.40.72.0/22 maxlen: 24
185.40.72.0/24 maxlen: 24
185.40.73.0/24 maxlen: 24
185.40.74.0/24 maxlen: 24
185.40.75.0/24 maxlen: 24
195.142.152.0/22 maxlen: 24
195.142.152.0/24 maxlen: 24
195.142.154.0/24 maxlen: 24
195.142.184.0/22 maxlen: 22
195.142.184.0/24 maxlen: 24
195.142.185.0/24 maxlen: 24
195.142.186.0/24 maxlen: 24
195.142.187.0/24 maxlen: 24
195.142.192.0/22 maxlen: 24
195.142.192.0/24 maxlen: 24
195.142.193.0/24 maxlen: 24
195.142.194.0/24 maxlen: 24
195.155.96.0/24 maxlen: 24
195.155.97.0/24 maxlen: 24
195.155.98.0/24 maxlen: 24
195.155.99.0/24 maxlen: 24
2a01:4c20::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Jan 2025 22:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:84:cf:a2:89:92:9e:21:a3:71:38:e2:4d:dd:c7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
Validity
Not Before: Jan 27 11:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdad58bdd30bff7dd9e034eb12d23508dc115eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ea:9a:54:81:65:e6:86:1a:c5:cb:d7:81:a1:
9a:48:c3:0d:fb:ff:42:7c:40:67:05:5e:12:28:f4:
db:e8:69:a6:c3:a2:e1:c8:7e:0c:5f:0c:63:cf:69:
ba:53:64:b7:b3:c8:c4:bc:a0:5f:b1:37:77:51:f2:
9d:fa:b4:e9:7c:8f:bb:cd:fc:41:09:08:ee:99:a0:
73:8e:96:c1:4a:d4:35:d6:dd:5f:94:12:49:da:23:
26:0e:c8:a5:a9:14:ee:32:87:ea:71:bf:cf:f5:9d:
fd:dc:30:4e:3f:18:c5:3a:6d:11:f2:42:3b:13:70:
d5:cb:95:d9:a9:18:2d:26:0c:e7:16:95:c4:3c:cb:
9f:44:3b:2f:bf:89:1a:ea:26:fa:be:78:ff:9a:66:
f5:f0:e0:ea:d3:e1:12:ff:38:a8:6b:fe:e3:d9:af:
9e:27:70:a4:4c:92:25:7b:34:f1:10:95:70:97:68:
da:a1:ec:09:18:25:bb:40:e6:0c:7c:40:db:16:74:
5c:92:5d:d1:8e:ba:97:0a:d2:2c:a1:b6:d0:82:57:
4b:18:eb:fa:c3:b2:e5:ab:98:ff:8b:3d:52:7f:65:
e4:23:e7:60:6f:97:5f:a8:8b:3e:01:03:5b:21:5b:
37:59:45:6f:1f:68:ce:2c:30:d7:cc:45:0d:85:cd:
d6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AD:58:BD:D3:0B:FF:7D:D9:E0:34:EB:12:D2:35:08:DC:11:5E:B0
X509v3 Authority Key Identifier:
keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/va1YvdML_33Z4DTrEtI1CNwRXrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.72.0/22
195.142.152.0/22
195.142.184.0/22
195.142.192.0/22
195.155.96.0/22
IPv6:
2a01:4c20::/29
Signature Algorithm: sha256WithRSAEncryption
41:28:a9:f5:c3:3c:e8:e2:93:2f:46:81:5f:f4:52:bf:e2:8b:
c1:77:f4:c8:6e:cf:11:d6:27:aa:c0:59:9d:f0:87:9c:41:0e:
25:f0:4a:02:2d:ea:45:7e:16:c5:46:e7:06:88:08:31:1c:27:
cb:27:2d:ea:6b:f7:94:44:cc:23:5a:4a:f1:7f:24:2b:89:23:
e7:4d:ef:8d:a3:a3:0d:c0:28:88:5e:ce:45:28:5e:d5:e7:2c:
bf:4f:7f:08:2f:cf:7f:19:cb:4f:71:7a:8b:a3:f6:ba:4f:cd:
df:55:5f:96:62:c3:b2:d4:fb:f7:25:47:15:a7:f3:75:40:fc:
9d:e3:14:c5:d5:d1:6b:f4:ba:7f:61:14:7e:f1:39:46:ce:73:
1d:00:98:de:6f:87:e9:a4:fd:7e:8d:63:a4:a7:8d:1a:3e:4f:
2f:fb:58:7d:1e:04:16:2b:2b:cb:8b:a4:6e:1b:dd:fb:b5:59:
f4:19:a8:2a:e9:72:ab:f9:71:75:42:fa:f2:ea:22:86:ba:19:
3c:c6:95:47:92:55:89:20:db:20:9c:97:d1:79:4b:6d:88:71:
73:53:13:fb:92:98:57:64:3c:3f:f2:92:a6:37:f8:b6:fd:8f:
05:74:08:78:b6:ae:3b:9e:90:1b:7f:d7:9c:dc:fa:8a:41:ed:
25:76:ec:77
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZSnhM+iiZKeIaNxOOJN3ccEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjUwMTI3MTEyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGFkNThiZGQzMGJmZjdkZDllMDM0ZWIxMmQyMzUwOGRjMTE1ZWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOqaVIFl5oYaxcvXgaGaSMMN+/9C
fEBnBV4SKPTb6Gmmw6LhyH4MXwxjz2m6U2S3s8jEvKBfsTd3UfKd+rTpfI+7zfxB
CQjumaBzjpbBStQ11t1flBJJ2iMmDsilqRTuMofqcb/P9Z393DBOPxjFOm0R8kI7
E3DVy5XZqRgtJgznFpXEPMufRDsvv4ka6ib6vnj/mmb18ODq0+ES/zioa/7j2a+e
J3CkTJIlezTxEJVwl2jaoewJGCW7QOYMfEDbFnRckl3RjrqXCtIsobbQgldLGOv6
w7Llq5j/iz1Sf2XkI+dgb5dfqIs+AQNbIVs3WUVvH2jOLDDXzEUNhc3WnQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL2tWL3TC/992eA06xLSNQjcEV6wMB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvdmExWXZkTUxfMzNaNERUckV0STFDTndSWHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuShIAwQC
w46YAwQCw464AwQCw47AAwQCw5tgMA0EAgACMAcDBQMqAUwgMA0GCSqGSIb3DQEB
CwUAA4IBAQBBKKn1wzzo4pMvRoFf9FK/4ovBd/TIbs8R1ieqwFmd8IecQQ4l8EoC
LepFfhbFRucGiAgxHCfLJy3qa/eURMwjWkrxfyQriSPnTe+No6MNwCiIXs5FKF7V
5yy/T38IL89/GctPcXqLo/a6T83fVV+WYsOy1Pv3JUcVp/N1QPyd4xTF1dFr9Lp/
YRR+8TlGznMdAJjeb4fppP1+jWOkp40aPk8v+1h9HgQWKyvLi6RuG937tVn0Gagq
6XKr+XF1Qvry6iKGuhk8xpVHklWJINsgnJfReUttiHFzUxP7kphXZDw/8pKmN/i2
/Y8FdAh4tq47npAbf9ec3PqKQe0ldux3
-----END CERTIFICATE-----
Generated at Tue Apr 15 05:20:51 2025 by rpki-client