Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/v4soAoF2_iMUtj1OWse4IMRrAaA.roa
File: v4soAoF2_iMUtj1OWse4IMRrAaA.roa (raw, json)
Hash identifier: zGq84fvmGRiVOW7JGQnrGPjklloDd7K3qtaa9HNO9f4=
Subject key identifier: BF:8B:28:02:81:76:FE:23:14:B6:3D:4E:5A:C7:B8:20:C4:6B:01:A0
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01943749EC85A978B33067F0765201090651
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/v4soAoF2_iMUtj1OWse4IMRrAaA.roa
Signing time: Sun 05 Jan 2025 16:26:19 +0000
ROA not before: Sun 05 Jan 2025 16:26:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197549
IP address blocks: 5.231.254.0/24 maxlen: 24
85.93.0.0/19 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.249.218.0/23 maxlen: 32
94.249.222.0/23 maxlen: 32
217.69.175.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 Jan 2025 15:12:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:37:49:ec:85:a9:78:b3:30:67:f0:76:52:01:09:06:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jan 5 16:26:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf8b28028176fe2314b63d4e5ac7b820c46b01a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:97:99:62:17:84:17:57:be:8b:ca:98:eb:32:
f9:e0:21:6b:ad:3f:bc:51:04:46:05:46:3e:58:f8:
c7:5e:6b:8b:08:50:8e:73:fb:98:d2:56:13:dc:5c:
cc:17:ba:98:f1:93:db:c3:7f:02:7d:bb:91:aa:ab:
09:8a:c0:3e:0f:21:4b:d1:45:df:63:38:d6:f9:70:
5c:26:db:bf:85:dd:e2:04:98:e8:13:11:0c:24:24:
51:1a:32:1d:d9:90:20:67:ea:47:48:0a:4a:f5:9f:
1e:8b:73:c3:85:e6:6c:29:87:84:8e:43:46:96:fc:
bc:f1:8f:53:8c:e3:36:6a:57:be:ad:cb:40:bc:64:
96:0c:e5:87:08:84:5d:13:fd:d3:4d:b7:40:65:0d:
f8:d9:54:ee:92:01:01:96:6d:25:0d:10:37:90:84:
e7:89:3c:ba:d5:51:d3:63:4e:33:9f:f8:2b:bb:60:
1e:a9:d3:06:8a:44:34:a8:bb:48:d8:6c:4c:f8:34:
a1:e4:36:e5:73:8b:18:1f:cc:66:5c:a0:2d:83:40:
25:c9:77:25:ee:88:81:35:b0:44:a8:91:b7:16:af:
9f:38:ca:31:64:6a:37:ae:1c:fc:ab:8d:85:f6:3c:
fe:4c:1f:7a:1f:0b:34:b7:30:0c:d8:20:c3:44:17:
1e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8B:28:02:81:76:FE:23:14:B6:3D:4E:5A:C7:B8:20:C4:6B:01:A0
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/v4soAoF2_iMUtj1OWse4IMRrAaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.254.0/24
85.93.0.0/19
89.106.64.0/19
89.144.0.0/18
94.249.218.0/23
94.249.222.0/23
217.69.175.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a1:9c:b3:72:81:d7:dd:9a:d7:02:fc:f4:66:b0:90:f0:89:
05:99:78:c9:93:0b:4e:13:10:1f:81:c8:5f:0a:51:4c:27:02:
e1:5c:7a:69:9b:b0:ca:87:30:00:9a:27:41:9b:02:c3:7a:2d:
c4:1e:9b:dd:02:f0:20:a3:2f:0d:71:b1:7f:c0:48:f3:8d:a8:
e7:81:3d:ca:78:d5:4a:e0:e3:88:88:07:f7:7f:7e:da:33:ea:
6b:5c:95:90:bf:9a:e3:e1:ef:46:b4:3b:85:29:96:96:5d:c5:
67:41:c5:f2:99:6e:b8:90:cd:e2:07:d5:a9:4e:d2:63:97:c5:
7c:42:37:56:13:fe:d2:93:ce:44:b3:da:ab:e7:5b:28:c5:fd:
98:f0:98:ce:aa:73:e7:d9:87:b1:79:a0:77:ff:5f:d1:65:34:
78:2b:b5:21:06:7d:df:26:8a:75:88:4e:cf:5b:72:2e:d2:e9:
6a:10:a4:f0:34:61:bc:4b:45:0d:8a:5d:80:2c:7e:b2:93:fe:
2b:0e:ef:49:86:0a:93:c3:f6:19:07:c6:7c:44:ed:51:18:08:
65:78:61:3b:75:38:46:b9:02:99:73:46:d3:e2:79:6b:10:85:
66:ea:94:f6:c4:49:6d:f9:ba:97:20:96:d4:b2:52:84:4c:09:
52:b1:fa:75
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQ3SeyFqXizMGfwdlIBCQZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMTA1MTYyNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhiMjgwMjgxNzZmZTIzMTRiNjNkNGU1YWM3YjgyMGM0NmIwMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopeZYheEF1e+i8qY6zL54CFrrT+8
UQRGBUY+WPjHXmuLCFCOc/uY0lYT3FzMF7qY8ZPbw38CfbuRqqsJisA+DyFL0UXf
YzjW+XBcJtu/hd3iBJjoExEMJCRRGjId2ZAgZ+pHSApK9Z8ei3PDheZsKYeEjkNG
lvy88Y9TjOM2ale+rctAvGSWDOWHCIRdE/3TTbdAZQ342VTukgEBlm0lDRA3kITn
iTy61VHTY04zn/gru2AeqdMGikQ0qLtI2GxM+DSh5Dblc4sYH8xmXKAtg0AlyXcl
7oiBNbBEqJG3Fq+fOMoxZGo3rhz8q42F9jz+TB96Hws0tzAM2CDDRBce7QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL+LKAKBdv4jFLY9TlrHuCDEawGgMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdjRzb0FvRjJfaU1VdGoxT1dzZTRJTVJyQWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABef+AwQF
VV0AAwQFWWpAAwQGWZAAAwQBXvnaAwQBXvneAwQA2UWvMA0GCSqGSIb3DQEBCwUA
A4IBAQBBoZyzcoHX3ZrXAvz0ZrCQ8IkFmXjJkwtOExAfgchfClFMJwLhXHppm7DK
hzAAmidBmwLDei3EHpvdAvAgoy8NcbF/wEjzjajngT3KeNVK4OOIiAf3f37aM+pr
XJWQv5rj4e9GtDuFKZaWXcVnQcXymW64kM3iB9WpTtJjl8V8QjdWE/7Sk85Es9qr
51soxf2Y8JjOqnPn2YexeaB3/1/RZTR4K7UhBn3fJop1iE7PW3Iu0ulqEKTwNGG8
S0UNil2ALH6yk/4rDu9JhgqTw/YZB8Z8RO1RGAhleGE7dThGuQKZc0bT4nlrEIVm
6pT2xElt+bqXIJbUslKETAlSsfp1
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:28:06 2025 by rpki-client