Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/ApZnRBQM2IQqfY6kW0Cwg21m7Tg.roa
File: ApZnRBQM2IQqfY6kW0Cwg21m7Tg.roa (raw, json)
Hash identifier: c4x8u5TChG5Bf9f3ps6XB0rWmyoyF2PlvR3trST3e2U=
Subject key identifier: 02:96:67:44:14:0C:D8:84:2A:7D:8E:A4:5B:40:B0:83:6D:66:ED:38
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0192C3567947BE47A88D0F9714856BC206EA
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/ApZnRBQM2IQqfY6kW0Cwg21m7Tg.roa
Signing time: Fri 25 Oct 2024 11:01:17 +0000
ROA not before: Fri 25 Oct 2024 11:01:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196755
IP address blocks: 80.251.108.0/22 maxlen: 22
80.251.108.0/23 maxlen: 23
80.251.110.0/23 maxlen: 23
157.143.248.0/21 maxlen: 21
178.157.18.0/23 maxlen: 23
178.157.20.0/22 maxlen: 22
178.157.24.0/23 maxlen: 23
178.157.26.0/23 maxlen: 23
178.157.28.0/22 maxlen: 22
178.157.40.0/22 maxlen: 22
178.157.44.0/22 maxlen: 22
178.174.106.0/23 maxlen: 23
178.174.108.0/23 maxlen: 24
217.181.252.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:56:79:47:be:47:a8:8d:0f:97:14:85:6b:c2:06:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Oct 25 11:01:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02966744140cd8842a7d8ea45b40b0836d66ed38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:1e:c7:be:91:0b:a7:12:df:ff:db:9a:e2:
84:41:6c:74:11:17:05:0d:49:fc:ff:e6:16:7e:b4:
e0:df:06:84:71:79:70:22:7f:39:44:41:36:3b:ae:
ba:7e:a5:75:4d:49:ca:eb:bd:04:04:f7:95:0a:4a:
ca:61:43:94:a2:63:1d:4a:ed:ae:4c:27:32:51:d7:
cd:7e:65:1a:65:48:c7:a4:08:ca:e5:88:46:fa:69:
b3:d3:1d:c9:25:35:dd:3f:96:89:e4:5c:70:35:e9:
4e:ed:94:96:37:1b:b6:1c:0e:04:f5:8a:fd:f4:2b:
48:84:73:31:e0:30:db:4e:6b:b5:ab:b9:24:8d:07:
a6:bf:e9:38:d8:88:10:f9:4d:d0:e9:1f:37:1b:d8:
aa:24:43:51:2d:96:c9:97:bb:48:44:67:d9:ca:f8:
85:45:80:f7:90:b3:40:da:3e:d3:0d:3c:ba:94:5b:
f8:0e:a5:52:46:d2:8e:59:4a:23:33:29:cb:d1:35:
61:a7:db:53:28:10:08:1d:85:4f:fe:2f:73:88:09:
fc:29:59:af:c4:ea:a0:23:ec:f8:f5:af:05:3a:1d:
ec:f5:5a:5b:fb:62:ab:05:54:15:4d:10:69:a9:70:
0b:e1:23:1b:a5:5b:b9:6b:c3:80:6f:ad:77:ce:37:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:96:67:44:14:0C:D8:84:2A:7D:8E:A4:5B:40:B0:83:6D:66:ED:38
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/ApZnRBQM2IQqfY6kW0Cwg21m7Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.108.0/22
157.143.248.0/21
178.157.18.0-178.157.31.255
178.157.40.0/21
178.174.106.0-178.174.109.255
217.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
15:59:b2:28:b6:6e:f7:5d:c4:12:40:20:e4:7c:7e:42:16:71:
a3:e6:29:eb:f6:33:ca:4a:5e:6f:ef:7a:f3:6d:f8:1f:08:6a:
8b:8f:d5:e1:56:37:1d:cc:2f:d1:86:1d:2b:0d:85:b2:03:6f:
0d:e1:2e:c4:39:36:8d:6b:0a:b2:1f:a3:e5:ac:0d:97:ee:fb:
ed:35:3c:3d:9f:97:f9:52:2e:3a:98:cd:95:a1:b0:bf:fd:0f:
15:73:09:d2:6f:eb:0c:6f:c6:3e:99:93:7a:91:2c:57:16:d0:
98:0d:20:ad:df:be:19:c9:93:8a:21:07:5b:7f:3a:2c:ed:0d:
11:08:65:24:58:04:7d:d0:f3:4b:23:f3:7f:6d:47:54:f8:3b:
de:02:ca:32:bd:9b:01:5a:16:b2:ee:fe:8f:2f:2c:99:3b:ed:
8f:1d:36:92:b7:4d:0f:27:f3:cc:2e:01:9f:ff:05:29:c5:af:
47:4c:67:2e:10:a7:a6:ad:66:cd:b8:f1:fa:5e:8f:31:c5:21:
0a:e4:ac:7d:ea:c9:ed:6b:d0:89:e1:29:fe:a9:ec:2b:55:18:
fb:55:7e:53:8b:81:a9:ed:4c:25:d2:d8:f0:74:e2:76:b4:58:
83:97:30:e6:33:0d:e9:e2:85:c4:d0:4e:58:21:d4:e6:63:b6:
aa:46:14:86
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZLDVnlHvkeojQ+XFIVrwgbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQxMDI1MTEwMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk2Njc0NDE0MGNkODg0MmE3ZDhlYTQ1YjQwYjA4MzZkNjZlZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb0ex76RC6cS3//bmuKEQWx0ERcF
DUn8/+YWfrTg3waEcXlwIn85REE2O666fqV1TUnK670EBPeVCkrKYUOUomMdSu2u
TCcyUdfNfmUaZUjHpAjK5YhG+mmz0x3JJTXdP5aJ5FxwNelO7ZSWNxu2HA4E9Yr9
9CtIhHMx4DDbTmu1q7kkjQemv+k42IgQ+U3Q6R83G9iqJENRLZbJl7tIRGfZyviF
RYD3kLNA2j7TDTy6lFv4DqVSRtKOWUojMynL0TVhp9tTKBAIHYVP/i9ziAn8KVmv
xOqgI+z49a8FOh3s9Vpb+2KrBVQVTRBpqXAL4SMbpVu5a8OAb613zjdPJQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAKWZ0QUDNiEKn2OpFtAsINtZu04MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvQXBablJCUU0ySVFxZlk2a1cwQ3dnMjFtN1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCUPtsAwQD
nY/4MAwDBAGynRIDBAWynQADBAOynSgwDAMEAbKuagMEAbKubAMEAdm1/DANBgkq
hkiG9w0BAQsFAAOCAQEAFVmyKLZu913EEkAg5Hx+QhZxo+Yp6/Yzykpeb+968234
Hwhqi4/V4VY3Hcwv0YYdKw2FsgNvDeEuxDk2jWsKsh+j5awNl+777TU8PZ+X+VIu
OpjNlaGwv/0PFXMJ0m/rDG/GPpmTepEsVxbQmA0grd++GcmTiiEHW386LO0NEQhl
JFgEfdDzSyPzf21HVPg73gLKMr2bAVoWsu7+jy8smTvtjx02krdNDyfzzC4Bn/8F
KcWvR0xnLhCnpq1mzbjx+l6PMcUhCuSsferJ7WvQieEp/qnsK1UY+1V+U4uBqe1M
JdLY8HTidrRYg5cw5jMN6eKFxNBOWCHU5mO2qkYUhg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:58:37 2025 by rpki-client