Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/_sm2m7HXLOFMJtQFYiQTdltnYyw.roa
File: _sm2m7HXLOFMJtQFYiQTdltnYyw.roa (raw, json)
Hash identifier: bdWMPGWYYW3VStGDnwCgRQzKgga9YJbZgij1HEELEmY=
Subject key identifier: FE:C9:B6:9B:B1:D7:2C:E1:4C:26:D4:05:62:24:13:76:5B:67:63:2C
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 0194221F4159BAE12E589E651F4799AC9EF6
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/_sm2m7HXLOFMJtQFYiQTdltnYyw.roa
Signing time: Wed 01 Jan 2025 13:47:41 +0000
ROA not before: Wed 01 Jan 2025 13:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20552
IP address blocks: 91.216.30.0/24 maxlen: 24
164.40.240.0/21 maxlen: 21
164.40.240.0/24 maxlen: 24
164.40.241.0/24 maxlen: 24
164.40.242.0/24 maxlen: 24
164.40.243.0/24 maxlen: 24
164.40.244.0/24 maxlen: 24
164.40.245.0/24 maxlen: 24
164.40.246.0/24 maxlen: 24
164.40.247.0/24 maxlen: 24
185.24.200.0/22 maxlen: 22
185.52.168.0/22 maxlen: 24
185.52.169.0/24 maxlen: 24
185.52.170.0/24 maxlen: 24
185.52.171.0/24 maxlen: 24
185.119.12.0/22 maxlen: 22
185.119.12.0/24 maxlen: 24
185.119.13.0/24 maxlen: 24
185.119.14.0/24 maxlen: 24
185.119.15.0/24 maxlen: 24
217.168.128.0/20 maxlen: 20
217.168.129.0/24 maxlen: 24
217.168.141.0/24 maxlen: 24
2a02:d88::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 11:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:41:59:ba:e1:2e:58:9e:65:1f:47:99:ac:9e:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 13:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fec9b69bb1d72ce14c26d405622413765b67632c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:63:64:ce:d4:c4:4d:a2:ff:47:eb:23:5d:fe:
81:54:aa:4c:49:e3:4d:9d:3b:24:8c:59:51:c6:09:
48:42:7d:4a:88:7e:8a:a6:e3:1e:db:e5:21:29:06:
89:3d:2e:dd:53:19:42:f2:6a:f0:71:ba:42:75:e9:
de:fa:08:56:59:9d:cf:a6:5f:4a:ca:91:01:23:d2:
c5:17:82:fd:5a:d5:de:4e:bd:19:94:8c:e2:79:f6:
17:90:b0:b6:44:01:92:a1:60:20:63:93:25:04:94:
b2:bc:5c:16:d6:19:af:0e:b7:bd:d4:ff:58:97:b4:
01:44:88:25:25:b9:89:6d:c6:98:70:6c:4d:c1:af:
fe:95:39:fd:92:b7:c3:05:ac:70:df:70:23:5f:69:
c4:3d:c0:6a:15:04:55:23:24:98:86:7f:08:b0:31:
cb:a6:05:5a:56:ca:be:64:8b:2e:4d:d6:5b:db:a1:
a0:1b:92:96:e1:f0:a2:c7:67:46:94:29:6f:1c:72:
f7:5a:24:30:14:9a:47:e6:0b:48:0e:a1:6d:1e:3e:
c2:b6:de:ae:bc:ec:92:4b:ed:a2:6f:01:e5:63:d6:
34:cf:0a:c7:6c:0f:8b:24:13:30:06:3d:7f:ba:5c:
a8:9b:05:4d:2e:f2:42:57:b7:eb:73:2c:b4:f3:9b:
66:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C9:B6:9B:B1:D7:2C:E1:4C:26:D4:05:62:24:13:76:5B:67:63:2C
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/_sm2m7HXLOFMJtQFYiQTdltnYyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.30.0/24
164.40.240.0/21
185.24.200.0/22
185.52.168.0/22
185.119.12.0/22
217.168.128.0/20
IPv6:
2a02:d88::/32
Signature Algorithm: sha256WithRSAEncryption
94:b4:11:85:0e:d5:ce:da:90:e9:fc:27:27:7e:a6:10:95:32:
29:34:1d:b5:02:dc:f1:6f:80:76:e7:7f:fc:27:39:1c:a8:60:
4c:9c:1b:b6:98:5b:57:08:fc:53:d2:8a:29:3e:19:a0:4b:5a:
06:25:50:a8:c0:11:4e:12:01:75:6d:be:59:39:02:bf:d8:dd:
c7:6e:c6:95:38:dd:6c:7e:20:1c:12:7d:00:27:25:81:0d:c5:
d8:be:18:b8:36:3a:f6:24:ad:9a:6a:92:cc:53:b0:e9:d5:87:
34:94:b5:ef:aa:63:2f:69:16:0c:39:37:e4:00:a3:b8:f1:9f:
d5:a9:69:b4:0a:5a:d1:e0:a8:2e:2a:24:30:a7:23:e9:08:91:
b1:0f:e4:0b:62:6a:b9:2f:03:10:7c:04:1b:08:d3:23:b6:02:
e4:ca:ee:86:a1:26:07:73:f1:72:b3:7b:72:39:41:a2:74:a9:
cb:ee:2a:e4:c2:58:23:33:64:26:13:6d:df:11:3a:bd:47:39:
ad:7d:27:12:f8:c2:38:fa:67:60:45:75:ca:b9:bc:72:35:e7:
e8:d7:32:75:f5:7e:f2:fa:bb:cc:f2:42:51:1e:7c:e2:c1:8d:
75:4d:dc:da:39:58:53:6e:5b:13:d7:cd:1b:03:cb:10:d7:35:
a7:82:58:2e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQiH0FZuuEuWJ5lH0eZrJ72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjUwMTAxMTM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWM5YjY5YmIxZDcyY2UxNGMyNmQ0MDU2MjI0MTM3NjViNjc2MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2NkztTETaL/R+sjXf6BVKpMSeNN
nTskjFlRxglIQn1KiH6KpuMe2+UhKQaJPS7dUxlC8mrwcbpCdene+ghWWZ3Ppl9K
ypEBI9LFF4L9WtXeTr0ZlIziefYXkLC2RAGSoWAgY5MlBJSyvFwW1hmvDre91P9Y
l7QBRIglJbmJbcaYcGxNwa/+lTn9krfDBaxw33AjX2nEPcBqFQRVIySYhn8IsDHL
pgVaVsq+ZIsuTdZb26GgG5KW4fCix2dGlClvHHL3WiQwFJpH5gtIDqFtHj7Ctt6u
vOySS+2ibwHlY9Y0zwrHbA+LJBMwBj1/ulyomwVNLvJCV7frcyy085tm5wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFP7Jtpux1yzhTCbUBWIkE3ZbZ2MsMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvX3NtMm03SFhMT0ZNSnRRRllpUVRkbHRuWXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9geAwQD
pCjwAwQCuRjIAwQCuTSoAwQCuXcMAwQE2aiAMA0EAgACMAcDBQAqAg2IMA0GCSqG
SIb3DQEBCwUAA4IBAQCUtBGFDtXO2pDp/CcnfqYQlTIpNB21Atzxb4B253/8Jzkc
qGBMnBu2mFtXCPxT0oopPhmgS1oGJVCowBFOEgF1bb5ZOQK/2N3HbsaVON1sfiAc
En0AJyWBDcXYvhi4Njr2JK2aapLMU7Dp1Yc0lLXvqmMvaRYMOTfkAKO48Z/VqWm0
ClrR4KguKiQwpyPpCJGxD+QLYmq5LwMQfAQbCNMjtgLkyu6GoSYHc/Fys3tyOUGi
dKnL7irkwlgjM2QmE23fETq9RzmtfScS+MI4+mdgRXXKubxyNefo1zJ19X7y+rvM
8kJRHnziwY11TdzaOVhTblsT180bA8sQ1zWnglgu
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:34:32 2025 by rpki-client