Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/pVXKhVQdj4xoaKK7V-KeoFbk0Yk.roa
File: pVXKhVQdj4xoaKK7V-KeoFbk0Yk.roa (raw, json)
Hash identifier: gAG8noyrG9OHmxrLpXF/sCPOuWjuUHRBfRLL+ubE8zg=
Subject key identifier: A5:55:CA:85:54:1D:8F:8C:68:68:A2:BB:57:E2:9E:A0:56:E4:D1:89
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C120BD345B19B991A6B46A50928CD
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/pVXKhVQdj4xoaKK7V-KeoFbk0Yk.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12310
IP address blocks: 85.120.152.0/23 maxlen: 23
85.121.14.0/23 maxlen: 23
193.230.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 09:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:12:0b:d3:45:b1:9b:99:1a:6b:46:a5:09:28:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a555ca85541d8f8c6868a2bb57e29ea056e4d189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d3:46:9e:41:20:1d:cf:e0:75:32:13:ab:56:
82:24:50:7c:7a:30:5a:75:b8:42:63:de:25:1f:a6:
9f:d0:c6:b5:f9:a9:79:00:31:7f:47:7d:81:b4:d5:
e8:93:ce:e4:d4:61:e6:c2:c4:8e:3a:57:c7:3a:eb:
af:46:a3:53:a9:97:71:e6:14:45:0e:9e:76:ff:8c:
a2:23:b2:4b:05:8d:20:e6:2e:e7:52:54:7b:37:9c:
5d:41:c5:ec:c8:b8:90:94:3a:5f:e1:ff:30:cc:c1:
88:9d:b4:d2:bf:fb:0b:9e:6b:00:b9:56:d6:0f:4e:
f8:1d:d1:c2:bf:3f:30:c4:21:43:3d:61:ef:72:c2:
8a:c4:ca:3e:61:ca:da:2d:9f:ec:8e:a7:02:cc:06:
2d:7e:e0:b0:99:ad:e4:09:af:1c:77:8e:3d:ff:91:
f1:d2:8a:7c:dd:10:8b:e1:7a:43:2f:3f:c3:29:0b:
18:bd:26:db:fa:7b:51:46:f6:4a:bf:b8:33:1b:aa:
37:85:5b:87:ca:69:24:06:33:88:99:84:bc:86:fe:
6f:c5:91:87:44:99:67:f3:a1:eb:b3:74:49:79:85:
af:ac:bf:fe:55:3f:75:7b:3c:22:33:fe:28:6e:e6:
84:8d:8e:00:ec:0d:e3:d8:db:02:cd:ac:eb:70:4e:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:55:CA:85:54:1D:8F:8C:68:68:A2:BB:57:E2:9E:A0:56:E4:D1:89
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/pVXKhVQdj4xoaKK7V-KeoFbk0Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.152.0/23
85.121.14.0/23
193.230.170.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b4:27:c3:00:4b:4b:83:b5:94:78:3b:db:eb:1b:2e:ab:11:
9c:e6:7f:8b:f2:21:fe:af:71:a6:d3:fb:3b:a4:0d:3d:4b:fc:
cc:31:ec:d2:33:93:73:f8:d5:a0:c6:55:be:bc:93:b4:f0:39:
61:63:8b:95:90:a3:e6:5b:43:ee:07:dc:a2:ac:2f:da:d4:af:
f0:0a:6f:46:2c:ed:16:4a:74:dd:06:0f:ea:83:cb:6d:5e:88:
ca:7a:a4:4d:c3:62:35:cc:f3:85:71:3e:c0:0b:5f:78:6d:10:
01:c2:33:be:11:20:3e:ad:5f:1d:0a:7f:63:79:af:26:91:ab:
84:8e:4a:e0:47:45:1a:72:83:f2:d3:4e:f7:41:ec:a4:b7:b6:
e9:c7:1b:a2:c6:66:88:e2:5d:71:d8:76:7b:76:33:00:39:b3:
80:51:87:c5:35:19:de:38:b7:a5:c9:59:b5:12:12:ca:2a:ba:
1b:3c:03:5b:be:6f:73:4c:f7:63:d1:2e:c4:87:1e:cc:a3:6c:
3b:99:48:8b:c9:60:8b:51:03:89:12:7e:6e:ab:0d:cd:80:df:
52:3f:e4:a9:fa:db:6f:eb:98:41:59:0a:dd:83:af:de:1f:a3:
37:76:7e:94:84:45:88:31:66:06:36:de:4e:a0:b6:88:5e:7c:
57:7e:0b:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjBIL00Wxm5kaa0alCSjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTU1Y2E4NTU0MWQ4ZjhjNjg2OGEyYmI1N2UyOWVhMDU2ZTRkMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tNGnkEgHc/gdTITq1aCJFB8ejBa
dbhCY94lH6af0Ma1+al5ADF/R32BtNXok87k1GHmwsSOOlfHOuuvRqNTqZdx5hRF
Dp52/4yiI7JLBY0g5i7nUlR7N5xdQcXsyLiQlDpf4f8wzMGInbTSv/sLnmsAuVbW
D074HdHCvz8wxCFDPWHvcsKKxMo+YcraLZ/sjqcCzAYtfuCwma3kCa8cd449/5Hx
0op83RCL4XpDLz/DKQsYvSbb+ntRRvZKv7gzG6o3hVuHymkkBjOImYS8hv5vxZGH
RJln86Hrs3RJeYWvrL/+VT91ezwiM/4obuaEjY4A7A3j2NsCzazrcE7gPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKVVyoVUHY+MaGiiu1finqBW5NGJMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvcFZYS2hWUWRqNHhvYUtLN1YtS2VvRmJrMFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVXiYAwQB
VXkOAwQAweaqMA0GCSqGSIb3DQEBCwUAA4IBAQBotCfDAEtLg7WUeDvb6xsuqxGc
5n+L8iH+r3Gm0/s7pA09S/zMMezSM5Nz+NWgxlW+vJO08DlhY4uVkKPmW0PuB9yi
rC/a1K/wCm9GLO0WSnTdBg/qg8ttXojKeqRNw2I1zPOFcT7AC194bRABwjO+ESA+
rV8dCn9jea8mkauEjkrgR0UacoPy0073Qeykt7bpxxuixmaI4l1x2HZ7djMAObOA
UYfFNRneOLelyVm1EhLKKrobPANbvm9zTPdj0S7Ehx7Mo2w7mUiLyWCLUQOJEn5u
qw3NgN9SP+Sp+ttv65hBWQrdg6/eH6M3dn6UhEWIMWYGNt5OoLaIXnxXfgsE
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:00:45 2025 by rpki-client