Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/97lSmcBENQyyVSCHQrm6UAj1xOw.roa
File: 97lSmcBENQyyVSCHQrm6UAj1xOw.roa (raw, json)
Hash identifier: Ne0JIHFCtYHcV4/57pMWTFnOl0zgrgFP4hNUi+BK8Jk=
Subject key identifier: F7:B9:52:99:C0:44:35:0C:B2:55:20:87:42:B9:BA:50:08:F5:C4:EC
Certificate issuer: /CN=aafa45a62c5e850ab9c8726a59a9bfa992d371b2
Certificate serial: 018CC56E07B6D8DB2C4D749C32F632F298C1
Authority key identifier: AA:FA:45:A6:2C:5E:85:0A:B9:C8:72:6A:59:A9:BF:A9:92:D3:71:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/97lSmcBENQyyVSCHQrm6UAj1xOw.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39614
IP address blocks: 185.228.176.0/22 maxlen: 24
213.139.240.0/22 maxlen: 24
2a09:7180::/29 maxlen: 48
2a0c:1d00::/30 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:07:b6:d8:db:2c:4d:74:9c:32:f6:32:f2:98:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aafa45a62c5e850ab9c8726a59a9bfa992d371b2
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7b95299c044350cb255208742b9ba5008f5c4ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:56:27:05:b6:1f:e0:b4:99:c8:83:27:0a:3a:
b1:f9:72:f0:53:6e:67:09:f7:08:a3:62:23:38:93:
57:48:bc:6d:2a:82:c8:69:00:ca:c1:3f:ad:a4:70:
26:99:76:ed:07:af:b6:21:0d:b7:4d:c2:b2:86:8e:
4a:f2:7c:ab:dc:a1:aa:f9:dc:b0:2c:f8:5d:94:da:
c0:78:7d:ee:fa:e9:de:62:a2:cc:f8:9e:8b:08:9f:
71:d0:44:09:25:21:73:80:58:1a:ca:6b:fb:52:71:
c1:86:a5:1b:12:6c:1c:51:0b:28:fc:b6:43:63:5c:
59:87:c4:7f:50:e2:2c:e4:5a:d4:e5:ed:99:0b:6b:
78:52:b7:9f:be:f2:f7:a1:9c:dc:20:2d:26:eb:7a:
08:f5:71:5b:db:3f:a7:56:2a:59:79:07:78:2d:18:
47:40:11:60:e7:e2:8a:78:68:92:5f:c1:0c:a3:33:
2e:7c:84:9c:7d:ab:74:00:39:be:be:76:1e:d2:84:
b3:2a:7b:07:f0:ac:01:d9:01:43:c6:fd:f4:96:38:
bd:95:1f:65:8c:c9:02:2f:29:01:76:4b:17:b9:95:
d0:b5:c8:cc:ad:28:01:f3:d9:38:36:84:05:63:5a:
81:4c:14:1a:95:4a:b7:a1:a5:cc:ec:76:30:0c:5a:
92:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B9:52:99:C0:44:35:0C:B2:55:20:87:42:B9:BA:50:08:F5:C4:EC
X509v3 Authority Key Identifier:
keyid:AA:FA:45:A6:2C:5E:85:0A:B9:C8:72:6A:59:A9:BF:A9:92:D3:71:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/97lSmcBENQyyVSCHQrm6UAj1xOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/qvpFpixehQq5yHJqWam_qZLTcbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.176.0/22
213.139.240.0/22
IPv6:
2a09:7180::/29
2a0c:1d00::/30
Signature Algorithm: sha256WithRSAEncryption
5c:e5:15:92:8a:74:dd:08:1d:4a:b6:1f:97:02:b6:8c:b6:9c:
b2:48:e3:ac:83:72:b9:6e:45:cf:bb:71:c9:d3:ea:57:bb:71:
64:70:85:c0:39:23:fc:97:26:ae:63:70:ac:99:f6:6e:35:4c:
ef:63:c3:05:6d:4e:96:7e:65:88:db:4f:e8:8f:ed:c2:3f:6b:
83:a2:35:d1:d1:f0:cc:06:d4:a1:c5:f4:9a:fa:17:48:fe:eb:
72:cd:ed:8e:d3:96:dc:bf:f2:b5:9a:51:c0:bd:0e:52:93:7c:
53:34:ca:51:e0:bf:49:94:7b:21:35:c1:31:ac:f0:e1:6f:87:
d5:db:86:78:fa:42:f1:d7:f0:0f:2e:2a:f9:6a:4d:3d:c2:af:
f2:b8:e1:eb:f5:2d:28:e5:ab:37:e5:1a:33:94:0e:20:f0:a2:
1f:0f:9e:17:3c:10:c6:84:83:1e:82:f8:63:87:ed:53:5b:0c:
4c:cd:47:8b:25:b7:b7:a8:5d:b8:dc:d6:a0:d0:d3:88:4a:98:
d3:45:6b:e7:d5:d6:f1:5f:0b:d9:71:ab:fe:8c:14:7d:41:a2:
c8:51:20:91:c0:20:48:d0:55:0a:ef:ea:4b:2d:17:bf:84:6d:
41:fb:ad:6a:73:e1:c3:81:03:3b:ae:85:cf:bc:f5:8a:f7:69:
80:8e:ce:b1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbge22NssTXScMvYy8pjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZmE0NWE2MmM1ZTg1MGFiOWM4NzI2YTU5YTliZmE5OTJk
MzcxYjIwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I5NTI5OWMwNDQzNTBjYjI1NTIwODc0MmI5YmE1MDA4ZjVjNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lYnBbYf4LSZyIMnCjqx+XLwU25n
CfcIo2IjOJNXSLxtKoLIaQDKwT+tpHAmmXbtB6+2IQ23TcKyho5K8nyr3KGq+dyw
LPhdlNrAeH3u+uneYqLM+J6LCJ9x0EQJJSFzgFgaymv7UnHBhqUbEmwcUQso/LZD
Y1xZh8R/UOIs5FrU5e2ZC2t4UrefvvL3oZzcIC0m63oI9XFb2z+nVipZeQd4LRhH
QBFg5+KKeGiSX8EMozMufIScfat0ADm+vnYe0oSzKnsH8KwB2QFDxv30lji9lR9l
jMkCLykBdksXuZXQtcjMrSgB89k4NoQFY1qBTBQalUq3oaXM7HYwDFqSEwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPe5UpnARDUMslUgh0K5ulAI9cTsMB8GA1UdIwQY
MBaAFKr6RaYsXoUKuchyalmpv6mS03GyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZwRnBpeGVoUXE1eUhKcVdhbV9xWkxUY2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85N2E5YWEtNjk3MC00OWM4LThkMGEt
MmIzZGRiY2I3MjM4LzEvOTdsU21jQkVOUXl5VlNDSFFybTZVQWoxeE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy85N2E5YWEtNjk3MC00OWM4LThkMGEtMmIzZGRiY2I3MjM4
LzEvcXZwRnBpeGVoUXE1eUhKcVdhbV9xWkxUY2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCueSwAwQC
1YvwMBQEAgACMA4DBQMqCXGAAwUCKgwdADANBgkqhkiG9w0BAQsFAAOCAQEAXOUV
kop03QgdSrYflwK2jLacskjjrINyuW5Fz7txydPqV7txZHCFwDkj/JcmrmNwrJn2
bjVM72PDBW1Oln5liNtP6I/twj9rg6I10dHwzAbUocX0mvoXSP7rcs3tjtOW3L/y
tZpRwL0OUpN8UzTKUeC/SZR7ITXBMazw4W+H1duGePpC8dfwDy4q+WpNPcKv8rjh
6/UtKOWrN+UaM5QOIPCiHw+eFzwQxoSDHoL4Y4ftU1sMTM1HiyW3t6hduNzWoNDT
iEqY00Vr59XW8V8L2XGr/owUfUGiyFEgkcAgSNBVCu/qSy0Xv4RtQfutanPhw4ED
O66Fz7z1ivdpgI7OsQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:57 2025 by rpki-client