Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/Rc60vV-F1L-UqYzdKcZQOm60y-0.roa
File: Rc60vV-F1L-UqYzdKcZQOm60y-0.roa (raw, json)
Hash identifier: FQKstCOFxWP7ZQ28iVRSWHUy45Tut7m/+zZH8tzdTxg=
Subject key identifier: 45:CE:B4:BD:5F:85:D4:BF:94:A9:8C:DD:29:C6:50:3A:6E:B4:CB:ED
Certificate issuer: /CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Certificate serial: 019427B675288A9A26201D4083244D5BCA81
Authority key identifier: E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/Rc60vV-F1L-UqYzdKcZQOm60y-0.roa
Signing time: Thu 02 Jan 2025 15:50:56 +0000
ROA not before: Thu 02 Jan 2025 15:50:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12595
IP address blocks: 185.117.226.0/24 maxlen: 24
185.133.88.0/22 maxlen: 24
188.116.45.0/24 maxlen: 24
193.142.212.0/24 maxlen: 24
212.11.88.0/22 maxlen: 24
2a10:7180::/29 maxlen: 29
2a10:7180:101::/48 maxlen: 48
2a10:7180:102::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Mar 2025 10:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:75:28:8a:9a:26:20:1d:40:83:24:4d:5b:ca:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Validity
Not Before: Jan 2 15:50:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45ceb4bd5f85d4bf94a98cdd29c6503a6eb4cbed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f1:31:41:9f:58:b1:bd:72:e7:b2:12:dc:9c:
10:c2:77:d7:3b:48:89:a2:57:60:20:d7:fc:42:39:
21:73:ac:89:2d:7e:62:ac:b8:83:f7:68:b4:b6:16:
59:40:79:94:86:d2:53:d0:77:69:c5:03:f7:59:6c:
09:47:1c:31:3b:d5:01:02:af:90:ce:7a:43:04:b9:
4d:12:fc:6a:30:ec:54:8b:9f:20:07:a1:ad:23:06:
3b:58:dc:21:51:9b:4a:25:a7:91:ea:0a:f4:34:25:
27:ee:17:31:4f:ce:cf:d3:a0:9a:e0:0c:42:31:60:
47:0d:f4:ea:9b:13:e3:47:dd:ae:61:52:80:b5:b1:
97:ca:60:f1:b4:23:87:97:e5:61:29:02:4a:7c:8c:
44:c8:c0:f9:54:47:92:f1:fe:d7:43:15:7f:b4:f8:
ca:57:dd:05:2b:9b:df:9e:eb:ce:8e:ec:3e:c3:01:
ef:6c:cd:07:c5:05:f4:97:4b:36:fa:86:a6:f4:53:
fb:45:e4:34:7e:8b:1b:e7:e5:94:b4:93:ef:67:58:
14:4a:10:b1:8c:25:f9:aa:93:6b:ec:10:cc:e5:da:
98:44:01:43:5b:42:b0:a4:ed:5c:f2:bb:d1:3c:fc:
6e:92:99:6a:96:b9:3f:49:63:fd:29:0e:ef:07:a2:
20:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CE:B4:BD:5F:85:D4:BF:94:A9:8C:DD:29:C6:50:3A:6E:B4:CB:ED
X509v3 Authority Key Identifier:
keyid:E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/Rc60vV-F1L-UqYzdKcZQOm60y-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.226.0/24
185.133.88.0/22
188.116.45.0/24
193.142.212.0/24
212.11.88.0/22
IPv6:
2a10:7180::/29
Signature Algorithm: sha256WithRSAEncryption
75:7f:1a:c1:af:33:ec:0d:27:17:a6:29:e1:9d:81:85:02:34:
4d:3c:e0:53:d0:4f:af:46:ec:ed:b3:f7:5a:f9:c9:63:6e:30:
58:52:73:24:ae:d5:ae:44:14:aa:b1:d7:4d:7b:47:c7:7a:29:
23:89:cc:d1:3f:1a:d6:17:e7:7e:23:2a:7f:22:d6:82:1d:dd:
c1:2a:a1:c1:56:ac:01:01:b4:77:3a:a3:b7:4b:5a:1e:ce:e6:
43:29:94:d0:45:20:f2:bb:fe:20:09:71:51:4b:f7:7c:87:68:
41:6d:5b:ff:73:06:0f:f8:6b:49:96:30:9f:b7:01:67:67:89:
cd:fe:3e:de:da:fd:45:f4:bb:a7:d2:6a:b4:50:27:3f:2b:c0:
10:6a:ee:e8:c3:4a:fd:12:8d:e4:75:b0:f4:7a:b9:2d:12:34:
22:b1:ec:75:67:11:cd:0e:43:7b:b2:fb:81:b3:df:22:b3:0e:
55:c4:7b:2a:30:4d:c0:90:21:90:9a:22:ea:95:5b:47:51:c7:
94:80:92:71:a5:d3:eb:28:dd:2f:35:7d:46:9f:42:10:fd:a5:
95:06:94:c6:2f:6f:33:b7:53:85:98:00:d0:59:47:ff:20:7a:
ae:71:c6:fe:be:58:b7:ed:80:b2:26:7c:61:ae:70:57:4e:15:
ae:9f:9d:36
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQntnUoipomIB1AgyRNW8qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzM0MGVlNWI5ZGFmMWE2ODE4ZjBkZjQwN2ZhNTk3NTg4
NmIxMGYwHhcNMjUwMTAyMTU1MDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWNlYjRiZDVmODVkNGJmOTRhOThjZGQyOWM2NTAzYTZlYjRjYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvExQZ9Ysb1y57IS3JwQwnfXO0iJ
oldgINf8Qjkhc6yJLX5irLiD92i0thZZQHmUhtJT0HdpxQP3WWwJRxwxO9UBAq+Q
znpDBLlNEvxqMOxUi58gB6GtIwY7WNwhUZtKJaeR6gr0NCUn7hcxT87P06Ca4AxC
MWBHDfTqmxPjR92uYVKAtbGXymDxtCOHl+VhKQJKfIxEyMD5VEeS8f7XQxV/tPjK
V90FK5vfnuvOjuw+wwHvbM0HxQX0l0s2+oam9FP7ReQ0fosb5+WUtJPvZ1gUShCx
jCX5qpNr7BDM5dqYRAFDW0KwpO1c8rvRPPxukplqlrk/SWP9KQ7vB6IgXQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEXOtL1fhdS/lKmM3SnGUDputMvtMB8GA1UdIwQY
MBaAFOXDQO5bna8aaBjw30B/pZdYhrEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2It
NmUxZjJmNjg1MWNmLzEvUmM2MHZWLUYxTC1VcVl6ZEtjWlFPbTYweS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2ItNmUxZjJmNjg1MWNm
LzEvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAuXXiAwQC
uYVYAwQAvHQtAwQAwY7UAwQC1AtYMA0EAgACMAcDBQMqEHGAMA0GCSqGSIb3DQEB
CwUAA4IBAQB1fxrBrzPsDScXpinhnYGFAjRNPOBT0E+vRuzts/da+cljbjBYUnMk
rtWuRBSqsddNe0fHeikjiczRPxrWF+d+Iyp/ItaCHd3BKqHBVqwBAbR3OqO3S1oe
zuZDKZTQRSDyu/4gCXFRS/d8h2hBbVv/cwYP+GtJljCftwFnZ4nN/j7e2v1F9Lun
0mq0UCc/K8AQau7ow0r9Eo3kdbD0erktEjQisex1ZxHNDkN7svuBs98isw5VxHsq
ME3AkCGQmiLqlVtHUceUgJJxpdPrKN0vNX1Gn0IQ/aWVBpTGL28zt1OFmADQWUf/
IHquccb+vli37YCyJnxhrnBXThWun502
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:48:41 2025 by rpki-client