Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xSGe_gZReOPm15SPkVl30YWv4Sg.roa
File: xSGe_gZReOPm15SPkVl30YWv4Sg.roa (raw, json)
Hash identifier: 4Zyu7cNmn1MS7kAlaA97gQWOfIQLZwtqgyBxq2FnVM4=
Subject key identifier: C5:21:9E:FE:06:51:78:E3:E6:D7:94:8F:91:59:77:D1:85:AF:E1:28
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019427473AE114E11162EE7C05D487BD8761
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xSGe_gZReOPm15SPkVl30YWv4Sg.roa
Signing time: Thu 02 Jan 2025 13:49:27 +0000
ROA not before: Thu 02 Jan 2025 13:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215645
IP address blocks: 160.20.109.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:37:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:3a:e1:14:e1:11:62:ee:7c:05:d4:87:bd:87:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 2 13:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5219efe065178e3e6d7948f915977d185afe128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:31:69:8c:a5:01:2b:f9:2a:0b:45:57:f2:e8:
b9:8a:b4:df:20:2e:8a:8a:f1:3f:74:77:40:e9:e6:
37:d3:50:4e:89:2d:55:78:68:0f:8a:50:65:07:cc:
27:fb:87:11:c1:aa:11:fa:00:16:d5:77:22:97:e6:
ff:fd:f0:4a:ee:8d:43:6f:9b:62:72:d7:ca:dc:5b:
a5:e3:ba:3e:70:8f:87:ff:41:52:9d:50:a3:d7:57:
ff:e8:41:b4:4a:38:f9:d0:62:1a:fe:9a:32:3a:cb:
eb:8a:4a:a0:da:98:62:02:6d:be:3d:e4:c5:cf:92:
48:7b:bc:e6:5c:95:f2:bf:1a:11:51:73:0b:9d:63:
d9:89:94:0f:3b:b1:f1:a4:2a:26:0f:d4:14:53:4d:
7f:13:cf:49:f9:3d:c9:f5:d4:79:35:fb:af:2c:82:
b9:1d:6e:08:10:57:f7:77:a8:cb:67:fe:c8:16:2d:
7b:9e:64:e5:fc:33:0d:d1:69:a3:9a:fa:e2:3b:6d:
a6:f2:59:5e:65:9e:a0:ff:08:d9:3e:be:ad:c5:bd:
e1:54:10:c2:a6:d7:fc:61:95:d9:18:e7:ce:c4:0d:
92:34:69:23:ec:fe:16:93:ab:e8:a8:f6:58:35:f2:
60:bb:9e:f2:f9:3d:45:a0:7a:8b:2f:dd:2f:e6:07:
46:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:21:9E:FE:06:51:78:E3:E6:D7:94:8F:91:59:77:D1:85:AF:E1:28
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xSGe_gZReOPm15SPkVl30YWv4Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.109.0/24
185.243.181.0/24
185.254.28.0/24
Signature Algorithm: sha256WithRSAEncryption
17:3e:6a:ed:e3:b1:55:5e:80:4b:8a:ea:de:14:41:42:99:82:
c8:9b:04:06:55:60:4f:05:55:ed:5d:bc:af:08:e9:e3:d4:08:
50:50:d2:b3:de:4d:92:b2:bc:20:0d:36:41:93:bd:d8:d6:43:
6e:bc:d1:57:b2:cc:d5:6a:49:99:29:96:d8:3c:f6:9c:be:bf:
c2:3f:93:12:d7:37:bf:cc:cb:76:cf:ad:66:ed:86:a3:35:79:
dd:4f:4c:05:d8:ac:57:ef:82:49:9d:d4:6e:8f:66:22:7d:26:
4e:57:ad:e2:eb:60:50:e2:e9:7a:a0:3c:4d:09:4f:97:0c:f3:
78:80:3c:2f:ee:f0:a7:79:61:7a:19:5d:4b:3d:a6:d4:12:af:
ef:0b:6d:3f:88:4f:1a:08:83:3f:e9:91:d0:7e:fa:22:79:b3:
d2:bf:c3:a3:47:bc:8d:1b:87:08:54:f5:49:a3:a9:8e:e3:d8:
e1:9e:a7:44:df:f5:bc:c9:5c:06:ef:5b:9c:5c:82:e9:12:0e:
71:14:31:a7:74:0d:0a:60:15:e2:d5:ff:61:1e:c5:b6:7d:21:
1a:db:ec:a9:43:8c:09:53:6a:c9:54:4d:f5:36:66:5e:44:d0:
ee:1e:65:33:d5:d4:5d:aa:f0:84:c7:39:a8:2d:4d:c6:37:49:
75:87:27:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnRzrhFOERYu58BdSHvYdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMTAyMTM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIxOWVmZTA2NTE3OGUzZTZkNzk0OGY5MTU5NzdkMTg1YWZlMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzFpjKUBK/kqC0VX8ui5irTfIC6K
ivE/dHdA6eY301BOiS1VeGgPilBlB8wn+4cRwaoR+gAW1Xcil+b//fBK7o1Db5ti
ctfK3Ful47o+cI+H/0FSnVCj11f/6EG0Sjj50GIa/poyOsvrikqg2phiAm2+PeTF
z5JIe7zmXJXyvxoRUXMLnWPZiZQPO7HxpComD9QUU01/E89J+T3J9dR5NfuvLIK5
HW4IEFf3d6jLZ/7IFi17nmTl/DMN0WmjmvriO22m8lleZZ6g/wjZPr6txb3hVBDC
ptf8YZXZGOfOxA2SNGkj7P4Wk6voqPZYNfJgu57y+T1FoHqLL90v5gdGxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMUhnv4GUXjj5teUj5FZd9GFr+EoMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEveFNHZV9nWlJlT1BtMTVTUGtWbDMwWVd2NFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAoBRtAwQA
ufO1AwQAuf4cMA0GCSqGSIb3DQEBCwUAA4IBAQAXPmrt47FVXoBLiureFEFCmYLI
mwQGVWBPBVXtXbyvCOnj1AhQUNKz3k2SsrwgDTZBk73Y1kNuvNFXsszVakmZKZbY
PPacvr/CP5MS1ze/zMt2z61m7YajNXndT0wF2KxX74JJndRuj2YifSZOV63i62BQ
4ul6oDxNCU+XDPN4gDwv7vCneWF6GV1LPabUEq/vC20/iE8aCIM/6ZHQfvoiebPS
v8OjR7yNG4cIVPVJo6mO49jhnqdE3/W8yVwG71ucXILpEg5xFDGndA0KYBXi1f9h
HsW2fSEa2+ypQ4wJU2rJVE31NmZeRNDuHmUz1dRdqvCExzmoLU3GN0l1hyfr
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:00 2025 by rpki-client