Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/90cf3e-d468-443c-afa4-f34a8f72eec4/1/pW0JaG5KnJ-ms_K6yLeHuWgODoY.roa
File: pW0JaG5KnJ-ms_K6yLeHuWgODoY.roa (raw, json)
Hash identifier: TsTnKVgWlU9x+7oJRt46Dvn2A3prbmbYtOWZ1/+7tIk=
Subject key identifier: A5:6D:09:68:6E:4A:9C:9F:A6:B3:F2:BA:C8:B7:87:B9:68:0E:0E:86
Certificate issuer: /CN=5335cac70a198a85f324bfeda0f35ed7991c2aeb
Certificate serial: 0195C791B5C6F0678749F9BA26D84E08CC63
Authority key identifier: 53:35:CA:C7:0A:19:8A:85:F3:24:BF:ED:A0:F3:5E:D7:99:1C:2A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzXKxwoZioXzJL_toPNe15kcKus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/90cf3e-d468-443c-afa4-f34a8f72eec4/1/pW0JaG5KnJ-ms_K6yLeHuWgODoY.roa
Signing time: Mon 24 Mar 2025 09:52:50 +0000
ROA not before: Mon 24 Mar 2025 09:52:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29085
IP address blocks: 185.116.28.0/22 maxlen: 22
185.116.28.0/24 maxlen: 24
185.116.29.0/24 maxlen: 24
185.116.31.0/24 maxlen: 24
193.109.74.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 24 Mar 2025 09:59:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c7:91:b5:c6:f0:67:87:49:f9:ba:26:d8:4e:08:cc:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5335cac70a198a85f324bfeda0f35ed7991c2aeb
Validity
Not Before: Mar 24 09:52:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a56d09686e4a9c9fa6b3f2bac8b787b9680e0e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7a:45:ee:6d:d8:dc:5b:8c:9d:35:65:11:50:
e6:f6:80:39:7f:d8:d6:a2:64:2b:4b:02:f5:10:74:
ca:4f:dc:5d:47:ef:21:b3:58:06:54:8b:3d:02:c1:
bf:1d:f5:fc:ff:e9:19:c3:ce:27:83:cb:52:30:ab:
92:8d:c7:4a:c5:b6:53:74:e4:8e:42:e1:9a:3c:ae:
bd:de:48:67:9d:42:6f:76:8c:df:38:cd:4f:61:c6:
2b:f6:67:d9:48:11:c3:5f:04:17:2c:83:d0:b7:f1:
17:b1:d9:59:0b:0c:28:72:b7:45:1b:3b:30:9e:ea:
cb:f8:b0:fa:08:f2:7f:c6:c5:74:e0:fc:cc:c4:d1:
5b:1f:61:95:23:1f:ca:13:2f:5d:62:90:e4:f0:64:
78:e3:4b:e9:aa:a8:89:dd:4b:f8:71:6d:d1:0a:3b:
64:7e:17:9f:c9:27:33:f0:9f:d7:d4:74:8a:3a:8c:
8f:cb:1b:6a:64:85:eb:3b:9f:8c:f9:a4:5b:af:91:
8d:30:43:ae:5a:e7:25:f9:9c:52:59:d3:e8:29:f6:
96:c9:10:f0:17:24:c0:9d:46:a7:61:20:86:2f:ff:
00:ff:23:1b:e6:a7:de:c6:e3:b4:c2:61:3c:31:a6:
ab:9b:ef:a5:94:0e:ba:73:0a:99:50:08:2b:f9:b7:
ca:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6D:09:68:6E:4A:9C:9F:A6:B3:F2:BA:C8:B7:87:B9:68:0E:0E:86
X509v3 Authority Key Identifier:
keyid:53:35:CA:C7:0A:19:8A:85:F3:24:BF:ED:A0:F3:5E:D7:99:1C:2A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzXKxwoZioXzJL_toPNe15kcKus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/90cf3e-d468-443c-afa4-f34a8f72eec4/1/pW0JaG5KnJ-ms_K6yLeHuWgODoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/90cf3e-d468-443c-afa4-f34a8f72eec4/1/UzXKxwoZioXzJL_toPNe15kcKus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.28.0/22
193.109.74.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:de:df:85:a1:ef:e4:ef:78:40:0b:b4:fb:15:67:5b:4d:c3:
11:3a:16:e0:b0:f4:00:20:e1:9a:f9:0a:01:98:1e:89:d4:df:
67:aa:98:ff:d0:06:7b:e6:68:93:66:75:7e:1f:d5:d0:8c:92:
ef:3e:e4:d7:88:43:82:ba:91:fc:8c:59:77:9c:a5:2e:86:28:
30:17:76:ce:07:6a:4d:12:e9:01:c9:9a:27:94:fb:2d:56:33:
5f:b6:cc:b3:b5:65:59:b6:55:30:1a:dc:50:c8:c4:d6:72:87:
41:f4:b1:ec:d4:65:5a:5a:2b:32:59:72:a4:a9:11:db:3a:f3:
24:8c:2f:62:f9:52:e2:5b:69:96:5e:73:c4:8b:84:79:7f:2d:
6f:bb:ea:77:46:ad:f0:76:f8:df:77:e1:aa:f6:0d:8b:bf:80:
cc:e7:c1:14:7d:5d:bb:ad:29:03:5a:2c:de:b0:c9:d2:10:ae:
c8:71:e0:5d:55:a8:1e:b7:42:f0:c0:e7:7c:96:67:06:a3:10:
be:ad:14:af:8b:4f:f0:19:75:65:f3:31:33:2f:a3:05:fe:78:
0d:a0:8f:48:a1:7b:ba:a9:4a:9d:9c:f6:98:3f:05:e8:a0:11:
9b:46:94:7e:1c:6c:6f:ba:d8:e1:d6:1d:0e:49:fb:19:f4:a0:
5c:f7:e6:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXHkbXG8GeHSfm6JthOCMxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzVjYWM3MGExOThhODVmMzI0YmZlZGEwZjM1ZWQ3OTkx
YzJhZWIwHhcNMjUwMzI0MDk1MjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTZkMDk2ODZlNGE5YzlmYTZiM2YyYmFjOGI3ODdiOTY4MGUwZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3pF7m3Y3FuMnTVlEVDm9oA5f9jW
omQrSwL1EHTKT9xdR+8hs1gGVIs9AsG/HfX8/+kZw84ng8tSMKuSjcdKxbZTdOSO
QuGaPK693khnnUJvdozfOM1PYcYr9mfZSBHDXwQXLIPQt/EXsdlZCwwocrdFGzsw
nurL+LD6CPJ/xsV04PzMxNFbH2GVIx/KEy9dYpDk8GR440vpqqiJ3Uv4cW3RCjtk
fhefyScz8J/X1HSKOoyPyxtqZIXrO5+M+aRbr5GNMEOuWucl+ZxSWdPoKfaWyRDw
FyTAnUanYSCGL/8A/yMb5qfexuO0wmE8Maarm++llA66cwqZUAgr+bfKkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKVtCWhuSpyfprPyusi3h7loDg6GMB8GA1UdIwQY
MBaAFFM1yscKGYqF8yS/7aDzXteZHCrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpYS3h3b1ppb1h6SkxfdG9QTmUxNWtjS3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85MGNmM2UtZDQ2OC00NDNjLWFmYTQt
ZjM0YThmNzJlZWM0LzEvcFcwSmFHNUtuSi1tc19LNnlMZUh1V2dPRG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi85MGNmM2UtZDQ2OC00NDNjLWFmYTQtZjM0YThmNzJlZWM0
LzEvVXpYS3h3b1ppb1h6SkxfdG9QTmUxNWtjS3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXQcAwQB
wW1KMA0GCSqGSIb3DQEBCwUAA4IBAQAs3t+Foe/k73hAC7T7FWdbTcMROhbgsPQA
IOGa+QoBmB6J1N9nqpj/0AZ75miTZnV+H9XQjJLvPuTXiEOCupH8jFl3nKUuhigw
F3bOB2pNEukByZonlPstVjNftsyztWVZtlUwGtxQyMTWcodB9LHs1GVaWisyWXKk
qRHbOvMkjC9i+VLiW2mWXnPEi4R5fy1vu+p3Rq3wdvjfd+Gq9g2Lv4DM58EUfV27
rSkDWizesMnSEK7IceBdVaget0LwwOd8lmcGoxC+rRSvi0/wGXVl8zEzL6MF/ngN
oI9IoXu6qUqdnPaYPwXooBGbRpR+HGxvutjh1h0OSfsZ9KBc9+ZG
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:23:39 2025 by rpki-client