Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-pxeNyAvLWGhRdjZ6UEvCf4q0Qs.roa
File: 1-pxeNyAvLWGhRdjZ6UEvCf4q0Qs.roa (raw, json)
Hash identifier: CPfGlDxdm7wirx1jKnuVDo8oeIN8/EC8n3fsteJIgv4=
Subject key identifier: FA:9C:5E:37:20:2F:2D:61:A1:45:D8:D9:E9:41:2F:09:FE:2A:D1:0B
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01956A26C279EEB51368114D1D662B72A47F
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-pxeNyAvLWGhRdjZ6UEvCf4q0Qs.roa
Signing time: Thu 06 Mar 2025 06:31:19 +0000
ROA not before: Thu 06 Mar 2025 06:31:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
85.239.150.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 10:28:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:26:c2:79:ee:b5:13:68:11:4d:1d:66:2b:72:a4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 6 06:31:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa9c5e37202f2d61a145d8d9e9412f09fe2ad10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cf:1f:37:54:d0:46:94:c7:5b:82:db:7e:96:
32:6e:91:2c:32:98:ec:93:d4:56:be:0b:43:66:84:
db:b9:b4:2f:9f:a8:7a:21:30:ba:6f:95:8e:6e:3a:
f6:7a:24:50:a2:7e:7e:25:8d:e0:8f:c5:30:3b:b5:
97:ae:ec:0d:69:45:92:af:9a:cf:a0:80:ec:9c:99:
a9:a6:85:52:dd:6e:4e:8e:7b:e9:20:d0:af:82:7a:
96:20:cb:00:87:ab:71:b6:af:12:5c:86:78:cc:21:
a9:59:b9:ed:46:b2:13:45:f0:1a:39:16:b2:9a:2b:
68:13:28:1f:4d:6c:0a:a5:96:67:2e:5d:0c:c1:a2:
43:1d:b3:3f:d7:1a:ab:9e:a3:e2:6d:d6:f9:91:1c:
f0:1d:b9:c2:a5:90:2e:1c:90:23:d9:0d:6c:1c:2a:
5c:3c:0e:ad:eb:84:31:b2:e9:02:f6:91:f0:ca:ce:
8b:fa:08:56:2f:99:4c:d0:43:60:35:21:2c:81:09:
26:aa:b1:5b:cc:dd:1c:ab:59:11:03:a0:0b:ec:ca:
2e:7d:4f:6f:2c:90:7e:71:48:04:2a:5e:25:5b:77:
6c:bb:1f:19:7f:0c:57:ac:f7:5e:f3:39:8f:6c:05:
ce:9c:97:e7:6c:64:73:fd:d5:51:3c:92:10:46:eb:
24:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9C:5E:37:20:2F:2D:61:A1:45:D8:D9:E9:41:2F:09:FE:2A:D1:0B
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-pxeNyAvLWGhRdjZ6UEvCf4q0Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.148.0/24
85.239.150.0/23
185.95.156.0/24
Signature Algorithm: sha256WithRSAEncryption
87:85:76:23:04:82:41:c3:a5:4c:d3:34:a9:3d:a5:5a:01:b9:
b8:7a:ec:75:aa:e8:21:b5:63:3f:19:fb:d3:cc:97:ae:fb:82:
b2:b6:be:1c:2c:c1:66:1e:73:aa:38:ab:2d:14:12:9b:3c:1a:
f4:86:87:00:bd:85:c9:ec:24:c4:2e:be:99:23:5c:f7:7c:67:
72:ac:2a:3e:ff:b6:b1:dc:d5:3c:af:c6:26:61:df:f7:c5:d0:
91:52:1b:f6:0e:47:cb:3c:19:21:da:c7:b2:8a:1f:f2:9d:ff:
30:9a:09:43:3e:41:fe:76:32:13:0d:d5:41:8b:63:ef:03:2d:
02:52:f8:59:59:8f:a3:e9:11:24:e9:5e:d0:a8:af:02:b5:f5:
be:24:da:bb:15:15:4d:2a:ec:f8:17:11:35:ee:d5:5c:94:2e:
0c:18:5b:af:c4:8b:9e:e0:52:b9:2d:f4:50:1d:44:1c:62:58:
ee:81:ea:af:ad:39:48:73:78:69:7f:f3:a5:f0:06:0e:54:ec:
cb:bc:35:9f:11:b6:79:67:ca:d6:fb:c9:d9:37:cf:e1:c7:7c:
2b:0c:1c:99:66:1b:83:98:97:08:77:4a:bb:bf:d8:d4:0d:ec:
20:b5:3a:e3:2a:09:73:f4:ce:37:5b:ae:9c:02:7b:16:1e:c1:
bb:ea:ab:6b
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZVqJsJ57rUTaBFNHWYrcqR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzA2MDYzMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTljNWUzNzIwMmYyZDYxYTE0NWQ4ZDllOTQxMmYwOWZlMmFkMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM8fN1TQRpTHW4LbfpYybpEsMpjs
k9RWvgtDZoTbubQvn6h6ITC6b5WObjr2eiRQon5+JY3gj8UwO7WXruwNaUWSr5rP
oIDsnJmppoVS3W5OjnvpINCvgnqWIMsAh6txtq8SXIZ4zCGpWbntRrITRfAaORay
mitoEygfTWwKpZZnLl0MwaJDHbM/1xqrnqPibdb5kRzwHbnCpZAuHJAj2Q1sHCpc
PA6t64QxsukC9pHwys6L+ghWL5lM0ENgNSEsgQkmqrFbzN0cq1kRA6AL7MoufU9v
LJB+cUgEKl4lW3dsux8ZfwxXrPde8zmPbAXOnJfnbGRz/dVRPJIQRuskZQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPqcXjcgLy1hoUXY2elBLwn+KtELMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvMS1weGVOeUF2TFdHaFJkalo2VUV2Q2Y0cTBRcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNh
YS8xL0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFXvkAME
AFXvlAMEAVXvlgMEALlfnDANBgkqhkiG9w0BAQsFAAOCAQEAh4V2IwSCQcOlTNM0
qT2lWgG5uHrsdaroIbVjPxn708yXrvuCsra+HCzBZh5zqjirLRQSmzwa9IaHAL2F
yewkxC6+mSNc93xncqwqPv+2sdzVPK/GJmHf98XQkVIb9g5HyzwZIdrHsoof8p3/
MJoJQz5B/nYyEw3VQYtj7wMtAlL4WVmPo+kRJOle0KivArX1viTauxUVTSrs+BcR
Ne7VXJQuDBhbr8SLnuBSuS30UB1EHGJY7oHqr605SHN4aX/zpfAGDlTsy7w1nxG2
eWfK1vvJ2TfP4cd8KwwcmWYbg5iXCHdKu7/Y1A3sILU64yoJc/TON1uunAJ7Fh7B
u+qraw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:51:08 2025 by rpki-client