Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/C4Xsb9lAoJY6rmYd2Xjse0wGCHU.roa
File: C4Xsb9lAoJY6rmYd2Xjse0wGCHU.roa (raw, json)
Hash identifier: zKZ00L1a5+Q7RowIWYrmwN6AohbhglCQQXEYhfQsr5I=
Subject key identifier: 0B:85:EC:6F:D9:40:A0:96:3A:AE:66:1D:D9:78:EC:7B:4C:06:08:75
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 0193F7A80A435D5FE49725E63415F8A2D1AF
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/C4Xsb9lAoJY6rmYd2Xjse0wGCHU.roa
Signing time: Tue 24 Dec 2024 07:53:25 +0000
ROA not before: Tue 24 Dec 2024 07:53:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 2.56.226.0/23 maxlen: 23
46.182.180.0/23 maxlen: 23
46.182.182.0/23 maxlen: 23
185.214.148.0/22 maxlen: 22
2a04:e1c0:1::/48 maxlen: 48
2a09:d240:1::/48 maxlen: 48
2a0b:9cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Dec 2024 10:18:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f7:a8:0a:43:5d:5f:e4:97:25:e6:34:15:f8:a2:d1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Dec 24 07:53:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b85ec6fd940a0963aae661dd978ec7b4c060875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a0:f6:b9:7c:97:d6:d3:8f:c8:79:ea:2b:e2:
f0:d9:6b:a7:ac:53:e6:12:91:3b:0a:92:cf:94:3e:
76:31:03:6b:88:43:63:11:7b:e9:19:e9:ee:4c:9f:
83:52:9b:af:2e:98:0f:fa:9d:09:f2:b9:3d:1b:c8:
59:ab:66:d7:ca:ed:26:cb:4c:42:ef:f9:a9:7d:85:
2b:d3:d3:4e:35:03:e0:34:63:48:dc:e3:19:45:2d:
2a:cd:e5:75:d4:05:5f:8a:78:7a:af:48:05:63:f5:
48:59:bb:3b:c5:75:55:17:19:2a:3a:5b:1f:1c:a7:
80:9e:a7:9e:fa:6f:54:31:f6:c3:a1:85:12:7b:9f:
28:45:d5:2e:57:ff:7a:db:ad:62:ba:20:a6:49:cf:
0f:4e:23:ad:f7:9f:26:84:1c:c7:34:81:03:b4:fe:
3d:fb:af:c5:0d:32:2d:31:ec:f6:11:1e:84:54:c2:
9a:da:f6:90:94:a1:2c:29:42:91:94:19:7c:b2:a5:
39:f5:71:b1:57:67:39:fc:ec:48:2d:33:b9:1b:74:
5b:01:a8:a9:d9:cc:b5:bd:9f:42:e9:9e:a4:f8:fe:
e3:ca:2a:6b:a2:b5:fd:e9:1b:3e:70:c3:60:55:c3:
cf:8e:e4:da:6c:8e:48:24:ca:d0:cf:3a:2c:3f:cb:
14:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:85:EC:6F:D9:40:A0:96:3A:AE:66:1D:D9:78:EC:7B:4C:06:08:75
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/C4Xsb9lAoJY6rmYd2Xjse0wGCHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.226.0/23
46.182.180.0/22
185.214.148.0/22
IPv6:
2a04:e1c0:1::/48
2a09:d240:1::/48
2a0b:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
65:ec:fb:1f:8c:b7:b0:f5:dc:49:01:e7:40:5d:09:6c:6c:53:
65:1d:c3:52:9b:ad:de:73:95:8b:19:1c:6c:61:85:e5:c5:d4:
72:0a:5e:ba:83:f8:4b:9f:07:1c:5e:2b:d9:5c:94:3c:c7:07:
c8:79:3a:ec:ce:af:04:af:a0:fb:96:a4:e9:1e:b4:47:f9:e1:
bb:25:9d:27:46:df:f4:f5:ff:da:c4:a5:86:3c:aa:ff:fc:39:
d4:2a:18:44:db:dc:7b:7f:11:e4:b3:17:85:a6:11:4d:6c:b1:
49:e5:58:cf:8b:d4:ee:7e:ae:86:c9:57:fd:96:94:88:7f:c1:
57:ca:ad:dd:63:70:99:21:23:a1:d5:4c:46:fb:37:b8:e1:a0:
19:55:0f:b2:4d:e8:ee:80:f7:c0:9f:fc:75:b4:ac:70:ea:f7:
e4:81:c9:12:df:e8:61:b6:c5:e6:7e:2a:5d:ed:ea:4a:37:4e:
db:d1:f2:15:f8:61:77:e8:fe:3c:97:ec:c1:b0:0d:65:98:a9:
64:8c:3f:fa:f3:9a:a9:f0:21:0c:a3:f8:1a:91:43:61:1c:f9:
d9:66:1f:36:08:5e:72:ac:a9:27:8a:55:53:61:f9:51:61:52:
a9:b7:fd:a6:c3:70:4a:71:33:aa:f1:4b:cc:e0:7c:3d:7e:49:
89:52:4e:08
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZP3qApDXV/klyXmNBX4otGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjQxMjI0MDc1MzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjg1ZWM2ZmQ5NDBhMDk2M2FhZTY2MWRkOTc4ZWM3YjRjMDYwODc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaD2uXyX1tOPyHnqK+Lw2WunrFPm
EpE7CpLPlD52MQNriENjEXvpGenuTJ+DUpuvLpgP+p0J8rk9G8hZq2bXyu0my0xC
7/mpfYUr09NONQPgNGNI3OMZRS0qzeV11AVfinh6r0gFY/VIWbs7xXVVFxkqOlsf
HKeAnqee+m9UMfbDoYUSe58oRdUuV/96261iuiCmSc8PTiOt958mhBzHNIEDtP49
+6/FDTItMez2ER6EVMKa2vaQlKEsKUKRlBl8sqU59XGxV2c5/OxILTO5G3RbAaip
2cy1vZ9C6Z6k+P7jyiprorX96Rs+cMNgVcPPjuTabI5IJMrQzzosP8sUMQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAuF7G/ZQKCWOq5mHdl47HtMBgh1MB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvQzRYc2I5bEFvSlk2cm1ZZDJYanNlMHdHQ0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQBAjjiAwQC
Lra0AwQCudaUMB8EAgACMBkDBwAqBOHAAAEDBwAqCdJAAAEDBQMqC5zAMA0GCSqG
SIb3DQEBCwUAA4IBAQBl7PsfjLew9dxJAedAXQlsbFNlHcNSm63ec5WLGRxsYYXl
xdRyCl66g/hLnwccXivZXJQ8xwfIeTrszq8Er6D7lqTpHrRH+eG7JZ0nRt/09f/a
xKWGPKr//DnUKhhE29x7fxHksxeFphFNbLFJ5VjPi9Tufq6GyVf9lpSIf8FXyq3d
Y3CZISOh1UxG+ze44aAZVQ+yTejugPfAn/x1tKxw6vfkgckS3+hhtsXmfipd7epK
N07b0fIV+GF36P48l+zBsA1lmKlkjD/685qp8CEMo/gakUNhHPnZZh82CF5yrKkn
ilVTYflRYVKpt/2mw3BKcTOq8UvM4Hw9fkmJUk4I
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:09:32 2025 by rpki-client