Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/tVwkJ9QySiHcIKbQHMF9UlfEaYc.roa
File: tVwkJ9QySiHcIKbQHMF9UlfEaYc.roa (raw, json)
Hash identifier: lbjxzyw4rt4eoZdzzxcx8UoKdGLWNrQ928PupoB3Ams=
Subject key identifier: B5:5C:24:27:D4:32:4A:21:DC:20:A6:D0:1C:C1:7D:52:57:C4:69:87
Certificate issuer: /CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Certificate serial: 018CC94D5A6EA912D868C3C6702B573EC551
Authority key identifier: 97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/tVwkJ9QySiHcIKbQHMF9UlfEaYc.roa
Signing time: Tue 02 Jan 2024 08:32:18 +0000
ROA not before: Tue 02 Jan 2024 08:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50964
IP address blocks: 194.59.39.0/24 maxlen: 24
194.76.38.0/24 maxlen: 24
194.0.93.0/24 maxlen: 24
194.76.39.0/24 maxlen: 24
194.0.94.0/24 maxlen: 24
194.0.95.0/24 maxlen: 24
194.0.92.0/24 maxlen: 24
194.0.92.0/22 maxlen: 22
194.76.38.0/23 maxlen: 23
194.59.38.0/24 maxlen: 24
194.59.36.0/24 maxlen: 24
194.59.36.0/22 maxlen: 22
194.59.37.0/24 maxlen: 24
91.205.76.0/22 maxlen: 22
195.189.92.0/22 maxlen: 22
195.189.92.0/24 maxlen: 24
195.189.93.0/24 maxlen: 24
195.189.94.0/24 maxlen: 24
195.189.95.0/24 maxlen: 24
194.127.180.0/24 maxlen: 24
2001:67c:2dac::/48 maxlen: 48
2001:67c:2da8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:5a:6e:a9:12:d8:68:c3:c6:70:2b:57:3e:c5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9770bf2375d59ba81a9955c07a2f0a23264b61a8
Validity
Not Before: Jan 2 08:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b55c2427d4324a21dc20a6d01cc17d5257c46987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ef:cb:b5:16:51:a0:2b:68:91:2b:fd:60:dc:
72:e3:f6:b9:68:6d:ce:01:8e:e5:3e:d2:3a:27:c0:
a2:66:cb:bd:e8:6c:c8:bb:2f:d2:d8:05:ae:db:71:
db:fb:1d:a5:89:ba:7d:48:f6:4c:06:a3:a1:07:36:
a4:c9:a8:f9:66:a6:bd:40:ff:26:1c:bc:c7:6a:c0:
60:85:68:54:90:b9:12:2b:f0:e5:ec:d5:48:f4:35:
4c:4b:a3:74:0a:c3:af:de:0a:ee:df:15:42:4f:09:
9c:05:07:7b:35:8a:5d:fa:82:a8:d7:60:44:e8:ec:
21:78:0a:fd:f8:e3:ff:ad:69:a7:ff:f2:16:00:29:
c3:83:d3:0b:82:6c:ce:66:78:64:d2:4c:f5:03:80:
e8:cc:f8:31:45:00:32:73:99:c8:b3:5f:1f:35:b2:
6f:73:84:02:9b:b8:7c:1d:38:cf:35:9b:8f:6d:04:
4b:18:4d:b4:28:aa:83:54:9a:26:65:05:7c:71:79:
58:ab:97:c5:55:29:c2:3d:c9:c2:f5:4b:37:36:6f:
45:f0:18:4e:64:0f:4b:cc:10:bb:a2:c7:c6:85:94:
50:36:52:10:3a:2b:59:21:ba:92:05:35:ff:58:2d:
b9:44:c2:b1:97:f5:3a:a8:a8:b1:88:60:b1:59:89:
80:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5C:24:27:D4:32:4A:21:DC:20:A6:D0:1C:C1:7D:52:57:C4:69:87
X509v3 Authority Key Identifier:
keyid:97:70:BF:23:75:D5:9B:A8:1A:99:55:C0:7A:2F:0A:23:26:4B:61:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3C_I3XVm6gamVXAei8KIyZLYag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/tVwkJ9QySiHcIKbQHMF9UlfEaYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/beef2f-ec5a-49ff-975b-8d34f557822a/1/l3C_I3XVm6gamVXAei8KIyZLYag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.76.0/22
194.0.92.0/22
194.59.36.0/22
194.76.38.0/23
194.127.180.0/24
195.189.92.0/22
IPv6:
2001:67c:2da8::/48
2001:67c:2dac::/48
Signature Algorithm: sha256WithRSAEncryption
7e:b7:2f:ce:43:1f:78:c7:68:c4:be:88:31:a3:4e:a9:0b:f2:
83:a2:ba:48:bf:63:3a:79:2f:be:11:47:94:11:ab:c5:a4:eb:
5d:3b:a2:71:47:85:49:84:6c:d4:d5:a2:67:59:49:04:6d:60:
22:1f:25:bd:17:4c:9e:2e:84:dc:22:a7:9e:a8:3d:7d:c1:05:
97:93:8d:81:b4:03:00:eb:17:63:c9:63:65:9e:ba:6a:07:87:
70:dd:34:4e:72:f3:b5:57:76:b8:30:9b:b7:c1:15:ec:f1:7c:
07:6b:46:f2:b5:10:77:bd:ab:ff:01:49:6b:03:86:8e:72:5c:
66:f7:16:59:e1:8c:17:0d:d2:96:a5:a4:6a:5b:8c:d1:18:68:
b3:66:5d:70:6c:ac:9d:bc:62:b5:24:f9:aa:17:e4:f0:77:43:
b4:02:f4:e3:4d:b1:c2:df:42:c3:30:91:42:92:a4:40:a9:65:
bf:65:1c:88:08:c0:d0:89:17:c1:dd:3a:02:f5:19:6c:fd:2c:
3f:e3:aa:30:19:8e:94:3e:1a:0d:fa:5b:b5:cc:7d:2d:6d:bf:
a7:92:b8:93:7f:cf:77:6d:c4:ea:dc:0d:21:31:68:27:67:ab:
41:45:75:4d:59:f9:59:ea:20:4c:1d:40:d1:7d:ed:0a:0d:2a:
67:6d:d5:79
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzJTVpuqRLYaMPGcCtXPsVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NzBiZjIzNzVkNTliYTgxYTk5NTVjMDdhMmYwYTIzMjY0
YjYxYTgwHhcNMjQwMTAyMDgzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTVjMjQyN2Q0MzI0YTIxZGMyMGE2ZDAxY2MxN2Q1MjU3YzQ2OTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+/LtRZRoCtokSv9YNxy4/a5aG3O
AY7lPtI6J8CiZsu96GzIuy/S2AWu23Hb+x2libp9SPZMBqOhBzakyaj5Zqa9QP8m
HLzHasBghWhUkLkSK/Dl7NVI9DVMS6N0CsOv3gru3xVCTwmcBQd7NYpd+oKo12BE
6OwheAr9+OP/rWmn//IWACnDg9MLgmzOZnhk0kz1A4DozPgxRQAyc5nIs18fNbJv
c4QCm7h8HTjPNZuPbQRLGE20KKqDVJomZQV8cXlYq5fFVSnCPcnC9Us3Nm9F8BhO
ZA9LzBC7osfGhZRQNlIQOitZIbqSBTX/WC25RMKxl/U6qKixiGCxWYmADQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLVcJCfUMkoh3CCm0BzBfVJXxGmHMB8GA1UdIwQY
MBaAFJdwvyN11ZuoGplVwHovCiMmS2GoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWIt
OGQzNGY1NTc4MjJhLzEvdFZ3a0o5UXlTaUhjSUtiUUhNRjlVbGZFYVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iZWVmMmYtZWM1YS00OWZmLTk3NWItOGQzNGY1NTc4MjJh
LzEvbDNDX0kzWFZtNmdhbVZYQWVpOEtJeVpMWWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQCW81MAwQC
wgBcAwQCwjskAwQBwkwmAwQAwn+0AwQCw71cMBgEAgACMBIDBwAgAQZ8LagDBwAg
AQZ8LawwDQYJKoZIhvcNAQELBQADggEBAH63L85DH3jHaMS+iDGjTqkL8oOiuki/
Yzp5L74RR5QRq8Wk6107onFHhUmEbNTVomdZSQRtYCIfJb0XTJ4uhNwip56oPX3B
BZeTjYG0AwDrF2PJY2WeumoHh3DdNE5y87VXdrgwm7fBFezxfAdrRvK1EHe9q/8B
SWsDho5yXGb3FlnhjBcN0palpGpbjNEYaLNmXXBsrJ28YrUk+aoX5PB3Q7QC9ONN
scLfQsMwkUKSpECpZb9lHIgIwNCJF8HdOgL1GWz9LD/jqjAZjpQ+Gg36W7XMfS1t
v6eSuJN/z3dtxOrcDSExaCdnq0FFdU1Z+VnqIEwdQNF97QoNKmdt1Xk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:48 2025 by rpki-client