Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/9cjLWcXlWt0bZ9fY9Y3YOLl4hEg.roa
File: 9cjLWcXlWt0bZ9fY9Y3YOLl4hEg.roa (raw, json)
Hash identifier: INOcqhYZhDXAbfG8SxlHkwcxMZ9Eu0+HCH/U+rBDJQI=
Subject key identifier: F5:C8:CB:59:C5:E5:5A:DD:1B:67:D7:D8:F5:8D:D8:38:B9:78:84:48
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0194266BF6156BE636E1880EBDBBBDCF9567
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/9cjLWcXlWt0bZ9fY9Y3YOLl4hEg.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200712
IP address blocks: 80.254.231.0/24 maxlen: 24
185.92.168.0/24 maxlen: 24
185.92.169.0/24 maxlen: 24
185.92.170.0/24 maxlen: 24
2a13:5240::/32 maxlen: 32
2a13:5243::/32 maxlen: 48
2a13:5245::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Feb 2025 08:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f6:15:6b:e6:36:e1:88:0e:bd:bb:bd:cf:95:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5c8cb59c5e55add1b67d7d8f58dd838b9788448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:95:39:2e:48:51:5e:57:7c:51:eb:25:3c:6d:
87:93:53:28:f3:53:66:47:2e:f0:03:cc:30:15:8c:
aa:2c:56:5f:7b:47:45:22:94:1f:dc:bd:15:66:73:
da:31:e7:4f:1f:9a:67:56:b7:9d:02:f3:86:12:17:
af:21:9c:93:2e:90:39:58:6e:25:72:e1:39:1b:18:
0c:2e:e9:81:10:b8:ad:4f:1a:d2:70:a8:0c:6c:f0:
31:28:f7:29:bb:b9:9b:bf:38:3a:ca:e8:24:fc:c2:
53:b7:95:a3:b4:1f:1b:de:6d:f3:73:61:9c:f0:eb:
6b:16:15:a3:36:c9:f5:3b:61:d1:9b:2c:a2:5c:4d:
f5:a3:4a:c3:43:0a:d4:07:04:24:59:d0:70:c7:9e:
dc:df:82:54:8e:16:4c:4e:86:56:e2:bf:93:02:71:
ff:b3:3a:3c:91:93:68:50:be:50:19:71:24:29:a1:
35:2f:96:0b:a6:d7:e4:eb:0a:90:6b:c3:27:71:b0:
59:60:cf:10:98:ee:35:d6:05:2d:5a:0b:a2:d1:72:
8f:8c:5b:24:a0:a8:52:40:63:d7:86:ed:59:f3:e4:
0d:e9:b3:55:d1:f8:c7:cd:df:34:86:8d:0f:54:52:
c7:a9:85:1f:ba:ec:e6:1d:58:38:1a:7c:72:55:fe:
23:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C8:CB:59:C5:E5:5A:DD:1B:67:D7:D8:F5:8D:D8:38:B9:78:84:48
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/9cjLWcXlWt0bZ9fY9Y3YOLl4hEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
185.92.168.0-185.92.170.255
IPv6:
2a13:5240::/32
2a13:5243::/32
2a13:5245::/32
Signature Algorithm: sha256WithRSAEncryption
6f:01:dc:da:07:45:96:93:e2:52:c5:7e:fd:20:b3:3f:4b:39:
07:52:1c:d1:76:26:74:2b:d3:d5:c3:11:d6:53:d5:1a:68:e8:
53:f5:89:d8:85:1b:28:d7:a1:46:84:cf:15:78:ac:19:e9:d9:
e0:36:13:79:d3:6d:42:98:04:f3:27:80:51:cf:18:97:88:6c:
6b:e1:c6:8a:97:19:1c:a5:be:d8:7d:a1:93:74:cc:65:ab:eb:
d1:ee:11:08:4b:8f:ba:fe:9d:1c:e1:d0:9c:32:56:7f:a1:7d:
18:86:14:1f:aa:06:41:56:b7:1e:67:c3:5f:fb:7d:eb:1c:d1:
be:40:4c:af:5d:e4:51:c2:60:e5:c4:76:e2:b8:0b:d1:7d:df:
08:06:05:16:2b:d6:97:c8:ab:5c:e4:9d:0d:88:23:66:a9:1a:
eb:86:c2:9a:5a:d5:d7:ef:d0:3d:3f:86:e7:76:d3:17:90:43:
a2:d2:28:84:7a:d4:86:0d:50:29:9b:df:99:63:a7:de:5f:06:
42:80:e2:8d:c3:90:79:4f:4e:60:f5:1e:2c:e1:91:98:4c:4d:
45:51:8c:cd:59:67:aa:5b:8c:a0:8b:f6:b9:f4:99:64:cc:bd:
a8:66:8e:93:59:7e:a5:dc:e8:84:da:e7:36:2e:db:d6:74:57:
f8:60:f9:41
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQma/YVa+Y24YgOvbu9z5VnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWM4Y2I1OWM1ZTU1YWRkMWI2N2Q3ZDhmNThkZDgzOGI5Nzg4NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZU5LkhRXld8UeslPG2Hk1Mo81Nm
Ry7wA8wwFYyqLFZfe0dFIpQf3L0VZnPaMedPH5pnVredAvOGEhevIZyTLpA5WG4l
cuE5GxgMLumBELitTxrScKgMbPAxKPcpu7mbvzg6yugk/MJTt5WjtB8b3m3zc2Gc
8OtrFhWjNsn1O2HRmyyiXE31o0rDQwrUBwQkWdBwx57c34JUjhZMToZW4r+TAnH/
szo8kZNoUL5QGXEkKaE1L5YLptfk6wqQa8MncbBZYM8QmO411gUtWgui0XKPjFsk
oKhSQGPXhu1Z8+QN6bNV0fjHzd80ho0PVFLHqYUfuuzmHVg4GnxyVf4jNQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPXIy1nF5VrdG2fX2PWN2Di5eIRIMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvOWNqTFdjWGxXdDBiWjlmWTlZM1lPTGw0aEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAaBAIAATAUAwQAUP7nMAwD
BAO5XKgDBAC5XKowGwQCAAIwFQMFACoTUkADBQAqE1JDAwUAKhNSRTANBgkqhkiG
9w0BAQsFAAOCAQEAbwHc2gdFlpPiUsV+/SCzP0s5B1Ic0XYmdCvT1cMR1lPVGmjo
U/WJ2IUbKNehRoTPFXisGenZ4DYTedNtQpgE8yeAUc8Yl4hsa+HGipcZHKW+2H2h
k3TMZavr0e4RCEuPuv6dHOHQnDJWf6F9GIYUH6oGQVa3HmfDX/t96xzRvkBMr13k
UcJg5cR24rgL0X3fCAYFFivWl8irXOSdDYgjZqka64bCmlrV1+/QPT+G53bTF5BD
otIohHrUhg1QKZvfmWOn3l8GQoDijcOQeU9OYPUeLOGRmExNRVGMzVlnqluMoIv2
ufSZZMy9qGaOk1l+pdzohNrnNi7b1nRX+GD5QQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:39:42 2025 by rpki-client