Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/xYN_4x4yXSPJj2YE4KhuXseb_fA.roa
File: xYN_4x4yXSPJj2YE4KhuXseb_fA.roa (raw, json)
Hash identifier: j1RZxMJKrVmgHORCOGx1pRQ1x9gqwu8KmVyAND5IXlw=
Subject key identifier: C5:83:7F:E3:1E:32:5D:23:C9:8F:66:04:E0:A8:6E:5E:C7:9B:FD:F0
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 019363C142017B361F32C55B74C6E0B8C414
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/xYN_4x4yXSPJj2YE4KhuXseb_fA.roa
Signing time: Mon 25 Nov 2024 14:37:09 +0000
ROA not before: Mon 25 Nov 2024 14:37:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
193.24.208.0/22 maxlen: 22
194.24.160.0/24 maxlen: 24
2a00:1911::/32 maxlen: 32
2a00:1912::/32 maxlen: 32
2a09:8700::/32 maxlen: 32
2a12:5e41::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Nov 2024 20:39:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:c1:42:01:7b:36:1f:32:c5:5b:74:c6:e0:b8:c4:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Nov 25 14:37:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5837fe31e325d23c98f6604e0a86e5ec79bfdf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:11:55:4d:e5:eb:ac:f9:7c:09:28:a3:01:
e2:f1:53:0f:c9:8c:11:47:74:3f:c6:08:13:3a:a2:
50:2d:d4:dd:2f:05:20:62:13:73:a8:bb:19:02:88:
d7:b5:40:86:99:70:e4:07:24:50:ed:16:70:cd:98:
e8:fe:2b:5a:ad:83:92:77:28:cf:08:b0:e3:cb:92:
28:c5:0e:aa:81:11:b1:17:0a:6c:43:ab:c8:01:fb:
a3:27:de:13:cf:86:6f:1b:0b:36:28:f1:49:b8:66:
c3:bf:45:c9:e5:7c:50:a1:14:4a:24:e5:a4:90:4c:
74:69:21:25:9c:05:d9:13:07:25:f3:bc:e0:0b:93:
8e:2f:f0:f1:5f:19:7f:00:2b:cf:e0:6a:87:6a:0a:
5f:05:6d:47:f8:38:66:6f:fb:06:9b:6d:cf:32:1f:
ec:12:66:1b:b3:22:9a:ef:80:b6:31:38:dd:91:23:
43:41:c7:15:32:6c:91:97:e1:61:ac:e8:66:41:6b:
39:53:db:50:d2:5d:da:35:90:14:fe:24:c7:ad:01:
f5:b7:42:3b:96:9b:78:31:9a:7d:e6:06:60:d0:fa:
41:21:4c:f7:4e:e4:5d:4c:82:23:60:c4:bd:f6:7c:
30:51:5b:5b:d4:0c:73:84:20:0d:fb:ec:c3:3f:6f:
a0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:83:7F:E3:1E:32:5D:23:C9:8F:66:04:E0:A8:6E:5E:C7:9B:FD:F0
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/xYN_4x4yXSPJj2YE4KhuXseb_fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1911::-2a00:1912:ffff:ffff:ffff:ffff:ffff:ffff
2a09:8700::/32
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
3c:e4:f0:9f:3b:78:ef:69:50:13:41:71:e5:b2:43:cf:3f:a6:
d4:f6:a3:8c:ff:0e:80:18:4c:9e:42:7f:1a:7c:3c:49:9b:8c:
e4:15:e6:22:28:ec:c4:ec:d5:4e:82:4c:9b:ab:d1:9b:92:3b:
7c:b0:03:18:bc:d2:79:1b:55:e5:df:18:bc:99:27:83:a5:51:
7b:34:c4:30:c9:6c:87:f8:fa:dd:e5:70:2d:88:65:37:50:b1:
3c:19:e6:ec:c1:17:8d:02:36:89:f1:ee:f4:33:9b:08:05:61:
de:38:dc:fa:d1:ab:30:83:31:c9:ac:b1:63:83:95:b8:89:94:
37:25:09:13:81:56:9d:ff:48:ef:7e:2e:f4:5d:51:41:3d:c1:
67:b3:c8:b4:6c:d0:af:a9:56:a3:6c:1d:9a:84:a7:be:8c:02:
c2:41:f3:e8:b3:90:7e:b1:c1:69:88:57:85:7b:5d:ea:d9:b5:
97:6f:5c:b6:7d:d1:48:0a:fe:d0:a3:00:00:6d:87:0b:2c:e4:
25:f7:39:c3:03:1b:1e:9a:88:7e:3b:5f:f1:1e:e0:a9:6e:11:
1b:4e:1f:e5:4e:a3:2b:d5:c6:c7:cb:26:62:f9:c8:56:14:a9:
d8:ef:75:6e:bb:ba:03:47:72:86:5d:b5:87:93:f7:ea:c3:be:
0f:bd:30:96
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZNjwUIBezYfMsVbdMbguMQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjQxMTI1MTQzNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTgzN2ZlMzFlMzI1ZDIzYzk4ZjY2MDRlMGE4NmU1ZWM3OWJmZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldIRVU3l66z5fAkoowHi8VMPyYwR
R3Q/xggTOqJQLdTdLwUgYhNzqLsZAojXtUCGmXDkByRQ7RZwzZjo/itarYOSdyjP
CLDjy5IoxQ6qgRGxFwpsQ6vIAfujJ94Tz4ZvGws2KPFJuGbDv0XJ5XxQoRRKJOWk
kEx0aSElnAXZEwcl87zgC5OOL/DxXxl/ACvP4GqHagpfBW1H+Dhmb/sGm23PMh/s
EmYbsyKa74C2MTjdkSNDQccVMmyRl+FhrOhmQWs5U9tQ0l3aNZAU/iTHrQH1t0I7
lpt4MZp95gZg0PpBIUz3TuRdTIIjYMS99nwwUVtb1AxzhCAN++zDP2+gWQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMWDf+MeMl0jyY9mBOCobl7Hm/3wMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEveFlOXzR4NHlYU1BKajJZRTRLaHVYc2ViX2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMCQEAgACMB4wDgMFACoAGREDBQAqABkSAwUA
KgmHAAMFACoSXkEwDQYJKoZIhvcNAQELBQADggEBADzk8J87eO9pUBNBceWyQ88/
ptT2o4z/DoAYTJ5Cfxp8PEmbjOQV5iIo7MTs1U6CTJur0ZuSO3ywAxi80nkbVeXf
GLyZJ4OlUXs0xDDJbIf4+t3lcC2IZTdQsTwZ5uzBF40CNonx7vQzmwgFYd443PrR
qzCDMcmssWODlbiJlDclCROBVp3/SO9+LvRdUUE9wWezyLRs0K+pVqNsHZqEp76M
AsJB8+izkH6xwWmIV4V7XerZtZdvXLZ90UgK/tCjAABthwss5CX3OcMDGx6aiH47
X/Ee4KluERtOH+VOoyvVxsfLJmL5yFYUqdjvdW67ugNHcoZdtYeT9+rDvg+9MJY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:04:12 2025 by rpki-client