Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/XwSmv7Px4wJqH_oNZVImJdE9Mm0.roa
File: XwSmv7Px4wJqH_oNZVImJdE9Mm0.roa (raw, json)
Hash identifier: Js+NU4G97UZ6Rp6+2NXkuLAJJMdvOQQeMr3pinAPB7o=
Subject key identifier: 5F:04:A6:BF:B3:F1:E3:02:6A:1F:FA:0D:65:52:26:25:D1:3D:32:6D
Certificate issuer: /CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Certificate serial: 0193B57B13E1E680828856CCD9611E09A440
Authority key identifier: 6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/XwSmv7Px4wJqH_oNZVImJdE9Mm0.roa
Signing time: Wed 11 Dec 2024 11:29:22 +0000
ROA not before: Wed 11 Dec 2024 11:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201502
IP address blocks: 46.255.240.0/21 maxlen: 24
176.124.114.0/24 maxlen: 24
185.13.220.0/22 maxlen: 24
185.25.136.0/22 maxlen: 24
185.203.172.0/22 maxlen: 24
185.220.80.0/24 maxlen: 24
185.253.80.0/22 maxlen: 24
188.208.19.0/24 maxlen: 24
188.214.82.0/23 maxlen: 24
2a03:a6c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:7b:13:e1:e6:80:82:88:56:cc:d9:61:1e:09:a4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bba6d0f0f9b19f7f43ceb43e7359a3d84e99d99
Validity
Not Before: Dec 11 11:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f04a6bfb3f1e3026a1ffa0d65522625d13d326d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:68:be:e5:12:6a:94:6b:e5:3b:5f:57:4e:c7:
34:01:ca:5d:dc:ad:2b:10:75:1f:25:e8:50:69:9a:
54:60:c4:45:11:28:cd:16:1c:e4:8a:b4:4d:29:4b:
d5:d0:84:81:f7:49:65:e7:75:44:80:16:9c:03:52:
dd:3d:7c:c6:65:b7:d1:57:ac:95:28:64:15:2e:bc:
c4:e2:14:33:75:24:3c:50:2c:66:9b:a7:eb:a1:86:
5e:9c:7e:4f:05:76:f4:50:e2:9f:af:82:94:10:03:
06:0e:72:85:88:9c:4f:dc:7d:7e:51:9f:a9:22:5d:
a5:86:d7:d9:05:53:20:4e:75:2d:ca:7a:64:cd:ac:
24:63:ce:34:b9:42:84:93:ca:30:09:9b:63:24:4c:
a4:f5:3a:be:5d:a3:c8:2d:9b:b9:da:a0:b2:f7:9c:
94:69:2e:5b:0e:90:15:21:b7:54:b4:b7:45:83:19:
86:0f:3b:40:7e:bb:e7:b9:ee:79:df:42:b5:54:71:
08:24:53:6d:95:e9:60:41:38:83:68:b5:05:1f:0d:
75:5f:7b:5d:73:3e:c9:b3:19:a6:2e:28:21:d5:45:
8d:fd:db:36:ff:66:b2:6c:10:b1:71:c0:98:aa:65:
03:2e:c9:83:6f:c5:6d:c0:8e:12:c6:07:76:7d:f9:
1f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:04:A6:BF:B3:F1:E3:02:6A:1F:FA:0D:65:52:26:25:D1:3D:32:6D
X509v3 Authority Key Identifier:
keyid:6B:BA:6D:0F:0F:9B:19:F7:F4:3C:EB:43:E7:35:9A:3D:84:E9:9D:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7ptDw-bGff0POtD5zWaPYTpnZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/XwSmv7Px4wJqH_oNZVImJdE9Mm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/632e89-8842-48b1-9dcf-2aeadb966b76/1/a7ptDw-bGff0POtD5zWaPYTpnZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.240.0/21
176.124.114.0/24
185.13.220.0/22
185.25.136.0/22
185.203.172.0/22
185.220.80.0/24
185.253.80.0/22
188.208.19.0/24
188.214.82.0/23
IPv6:
2a03:a6c0::/32
Signature Algorithm: sha256WithRSAEncryption
53:a9:c7:60:1b:cc:eb:ec:67:b3:1b:96:37:f4:86:52:54:ac:
2b:da:7c:81:59:2b:f6:bb:39:3c:cb:84:05:e6:17:ff:5b:f0:
ea:f2:32:36:5e:2f:a0:de:7f:1f:f7:aa:36:fe:b9:82:d8:74:
c4:1f:9f:43:89:99:15:8b:0f:b6:7f:9d:cc:6d:9a:ce:a4:a3:
30:ff:27:c0:c9:ed:0e:4b:80:84:04:2d:1f:52:60:ef:94:9b:
9a:52:48:f8:54:c6:9e:2c:4c:d1:e6:be:70:a0:65:8b:3a:3b:
e1:7f:52:63:3d:f9:0d:26:15:96:98:1b:ce:45:45:ae:5b:ee:
10:4c:87:99:bc:ed:b5:1e:04:5c:8f:67:6f:a9:80:61:1e:5e:
72:28:da:d9:3f:8f:e8:03:8a:0e:6d:ef:31:01:a4:63:2a:f1:
99:4e:ba:5c:71:9e:48:05:59:58:ce:1e:ae:46:26:2d:91:d9:
c6:3f:71:2d:a1:8e:91:89:c6:cf:75:5a:0d:82:31:db:3d:b0:
95:a2:d6:f0:83:dd:e5:2e:06:2c:c7:b4:67:b3:98:42:27:9f:
2b:4a:1c:ae:ff:bb:73:c6:43:4f:fd:d9:fc:d6:b5:39:34:0c:
1c:56:9d:d0:c2:b7:7a:f5:6d:d8:e6:cb:ae:41:ef:3d:0f:4f:
ca:51:5e:03
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZO1exPh5oCCiFbM2WEeCaRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYmE2ZDBmMGY5YjE5ZjdmNDNjZWI0M2U3MzU5YTNkODRl
OTlkOTkwHhcNMjQxMjExMTEyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA0YTZiZmIzZjFlMzAyNmExZmZhMGQ2NTUyMjYyNWQxM2QzMjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGi+5RJqlGvlO19XTsc0Acpd3K0r
EHUfJehQaZpUYMRFESjNFhzkirRNKUvV0ISB90ll53VEgBacA1LdPXzGZbfRV6yV
KGQVLrzE4hQzdSQ8UCxmm6froYZenH5PBXb0UOKfr4KUEAMGDnKFiJxP3H1+UZ+p
Il2lhtfZBVMgTnUtynpkzawkY840uUKEk8owCZtjJEyk9Tq+XaPILZu52qCy95yU
aS5bDpAVIbdUtLdFgxmGDztAfrvnue5530K1VHEIJFNtlelgQTiDaLUFHw11X3td
cz7JsxmmLigh1UWN/ds2/2aybBCxccCYqmUDLsmDb8VtwI4Sxgd2ffkf8QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFF8Epr+z8eMCah/6DWVSJiXRPTJtMB8GA1UdIwQY
MBaAFGu6bQ8Pmxn39DzrQ+c1mj2E6Z2ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2Yt
MmFlYWRiOTY2Yjc2LzEvWHdTbXY3UHg0d0pxSF9vTlpWSW1KZEU5TW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MzJlODktODg0Mi00OGIxLTlkY2YtMmFlYWRiOTY2Yjc2
LzEvYTdwdER3LWJHZmYwUE90RDV6V2FQWVRwblprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDLv/wAwQA
sHxyAwQCuQ3cAwQCuRmIAwQCucusAwQAudxQAwQCuf1QAwQAvNATAwQBvNZSMA0E
AgACMAcDBQAqA6bAMA0GCSqGSIb3DQEBCwUAA4IBAQBTqcdgG8zr7GezG5Y39IZS
VKwr2nyBWSv2uzk8y4QF5hf/W/Dq8jI2Xi+g3n8f96o2/rmC2HTEH59DiZkViw+2
f53MbZrOpKMw/yfAye0OS4CEBC0fUmDvlJuaUkj4VMaeLEzR5r5woGWLOjvhf1Jj
PfkNJhWWmBvORUWuW+4QTIeZvO21HgRcj2dvqYBhHl5yKNrZP4/oA4oObe8xAaRj
KvGZTrpccZ5IBVlYzh6uRiYtkdnGP3EtoY6RicbPdVoNgjHbPbCVotbwg93lLgYs
x7Rns5hCJ58rShyu/7tzxkNP/dn81rU5NAwcVp3Qwrd69W3Y5suuQe89D0/KUV4D
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:52:41 2025 by rpki-client