Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/IDSJo6Svi_U1czkQxR4IcK6pjWk.roa
File: IDSJo6Svi_U1czkQxR4IcK6pjWk.roa (raw, json)
Hash identifier: uMhWKw4Zj+wch29Oxf07ml5JpFPr4Qew/zi83R/HB1E=
Subject key identifier: 20:34:89:A3:A4:AF:8B:F5:35:73:39:10:C5:1E:08:70:AE:A9:8D:69
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 0193BA0223F5BA43EF653F695AEA065404D6
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/IDSJo6Svi_U1czkQxR4IcK6pjWk.roa
Signing time: Thu 12 Dec 2024 08:35:22 +0000
ROA not before: Thu 12 Dec 2024 08:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24582
IP address blocks: 5.61.80.0/21 maxlen: 24
62.40.27.24/29 maxlen: 29
80.87.160.0/20 maxlen: 24
185.32.32.0/22 maxlen: 24
195.135.178.8/30 maxlen: 30
195.135.178.240/29 maxlen: 29
212.237.160.0/21 maxlen: 24
2a00:5f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:02:23:f5:ba:43:ef:65:3f:69:5a:ea:06:54:04:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Dec 12 08:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=203489a3a4af8bf535733910c51e0870aea98d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:10:8e:38:98:d2:09:67:d1:0d:29:b7:56:
9a:99:9b:be:3e:8f:8f:99:c6:30:dc:59:a1:95:7e:
b5:6c:37:13:13:d9:9c:06:b7:97:77:1a:95:ea:25:
f5:79:7e:02:d2:f6:c3:ed:9e:88:a2:f9:c9:0b:e3:
08:b0:f1:20:9c:60:76:4e:09:80:82:9f:7a:a2:c3:
72:da:8c:80:44:02:f8:b5:7f:c4:44:3c:15:5e:19:
3d:9d:1f:3e:59:d7:03:98:62:b2:b4:1f:08:68:8d:
4d:56:1e:7f:66:6c:42:44:d6:a3:ea:eb:56:05:6e:
d8:ae:99:c9:1c:ba:91:74:de:66:be:95:71:5a:bb:
53:c9:c2:d0:ba:bc:5e:10:96:1c:d1:53:ff:92:e3:
95:a5:29:6d:2c:41:1b:36:ed:41:13:5d:33:56:4e:
fd:95:a6:54:27:c5:4a:12:1e:84:dc:b8:5e:6e:52:
52:79:45:15:6f:34:c3:18:b0:de:bd:37:c5:dc:15:
2c:c6:8e:fa:4f:f6:6a:05:12:77:2b:67:a4:db:44:
c8:47:96:2a:fb:99:a0:ca:ea:cd:cd:de:ff:3d:e8:
ac:df:a3:e7:5f:7f:7f:c6:97:35:c9:a6:66:24:6b:
97:6e:ac:81:7f:f3:b5:b1:c9:f5:f0:9a:59:7d:4a:
40:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:34:89:A3:A4:AF:8B:F5:35:73:39:10:C5:1E:08:70:AE:A9:8D:69
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/IDSJo6Svi_U1czkQxR4IcK6pjWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
62.40.27.24/29
80.87.160.0/20
185.32.32.0/22
195.135.178.8/30
195.135.178.240/29
212.237.160.0/21
IPv6:
2a00:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
45:b8:4b:f2:4c:49:fa:b1:3b:75:e2:f4:94:57:5f:f1:81:19:
08:37:a1:dd:68:75:1a:1b:3a:1b:c7:2d:29:56:dc:c6:e4:38:
10:f3:1e:33:c3:1a:99:8a:b0:c7:96:2c:53:34:9e:fe:00:54:
93:9b:c9:5a:a9:ed:5e:08:08:16:69:89:f5:a7:4d:d8:cc:8a:
11:1d:c4:3b:21:63:40:8e:22:a4:69:2d:5a:ac:33:d6:48:a3:
5f:90:96:ec:2e:e5:95:70:0d:ee:76:7d:f0:1e:8a:3b:67:bb:
93:9f:fa:aa:4a:ea:13:55:e9:24:aa:35:16:9e:31:71:d9:7c:
f5:c4:51:f1:3e:6d:a2:39:08:84:80:62:e4:a6:02:64:1c:93:
6b:11:bd:2d:d0:35:ed:4a:9b:15:0a:bc:e4:ac:ab:c0:b4:ce:
1d:a6:1d:99:8d:b5:50:17:d5:2d:b9:fe:61:58:a4:69:03:cd:
39:21:8e:2a:85:2d:f5:57:84:4f:a7:bf:7f:15:f2:06:26:fe:
f6:99:2f:2c:91:d7:82:86:e5:d5:c8:51:ab:c3:67:47:5a:3c:
aa:55:71:e3:a7:17:1d:a2:14:9a:dc:2f:80:73:7b:89:32:b5:
dc:c0:b7:84:88:49:9e:e6:54:79:4e:67:52:37:65:bb:a5:bc:
64:dc:14:df
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZO6AiP1ukPvZT9pWuoGVATWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjQxMjEyMDgzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM0ODlhM2E0YWY4YmY1MzU3MzM5MTBjNTFlMDg3MGFlYTk4ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7AQjjiY0gln0Q0pt1aamZu+Po+P
mcYw3FmhlX61bDcTE9mcBreXdxqV6iX1eX4C0vbD7Z6IovnJC+MIsPEgnGB2TgmA
gp96osNy2oyARAL4tX/ERDwVXhk9nR8+WdcDmGKytB8IaI1NVh5/ZmxCRNaj6utW
BW7YrpnJHLqRdN5mvpVxWrtTycLQurxeEJYc0VP/kuOVpSltLEEbNu1BE10zVk79
laZUJ8VKEh6E3LheblJSeUUVbzTDGLDevTfF3BUsxo76T/ZqBRJ3K2ek20TIR5Yq
+5mgyurNzd7/Peis36PnX39/xpc1yaZmJGuXbqyBf/O1scn18JpZfUpAlQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCA0iaOkr4v1NXM5EMUeCHCuqY1pMB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvSURTSm82U3ZpX1UxY3prUXhSNEljSzZwaldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtAwQDBT1QAwUD
PigbGAMEBFBXoAMEArkgIAMFAsOHsggDBQPDh7LwAwQD1O2gMA0EAgACMAcDBQMq
AF9AMA0GCSqGSIb3DQEBCwUAA4IBAQBFuEvyTEn6sTt14vSUV1/xgRkIN6HdaHUa
Gzobxy0pVtzG5DgQ8x4zwxqZirDHlixTNJ7+AFSTm8laqe1eCAgWaYn1p03YzIoR
HcQ7IWNAjiKkaS1arDPWSKNfkJbsLuWVcA3udn3wHoo7Z7uTn/qqSuoTVekkqjUW
njFx2Xz1xFHxPm2iOQiEgGLkpgJkHJNrEb0t0DXtSpsVCrzkrKvAtM4dph2ZjbVQ
F9Utuf5hWKRpA805IY4qhS31V4RPp79/FfIGJv72mS8skdeChuXVyFGrw2dHWjyq
VXHjpxcdohSa3C+Ac3uJMrXcwLeEiEme5lR5TmdSN2W7pbxk3BTf
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:33:24 2025 by rpki-client