Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d75869-ae0d-446d-93ed-00a0a328bb73/1/RS5RhDV8jsEknnt4G1RX5y_Nn5s.roa
File: RS5RhDV8jsEknnt4G1RX5y_Nn5s.roa (raw, json)
Hash identifier: HKk0g0JjgwZRrkLkLDbdIg7VZ+9HWNg4g7FJMvH5Qaw=
Subject key identifier: 45:2E:51:84:35:7C:8E:C1:24:9E:7B:78:1B:54:57:E7:2F:CD:9F:9B
Certificate issuer: /CN=fdc1f25ca57f33fd84d26660e82305856d4ff54e
Certificate serial: 018CC7275D694310B8FE445B68D5CAB6EE6D
Authority key identifier: FD:C1:F2:5C:A5:7F:33:FD:84:D2:66:60:E8:23:05:85:6D:4F:F5:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cHyXKV_M_2E0mZg6CMFhW1P9U4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/d75869-ae0d-446d-93ed-00a0a328bb73/1/RS5RhDV8jsEknnt4G1RX5y_Nn5s.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49229
IP address blocks: 185.34.232.0/22 maxlen: 24
89.39.166.0/24 maxlen: 24
195.88.236.0/23 maxlen: 24
185.12.192.0/22 maxlen: 24
185.29.172.0/22 maxlen: 24
91.226.181.0/24 maxlen: 24
2a04:6041::/32 maxlen: 32
2a04:6040::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5d:69:43:10:b8:fe:44:5b:68:d5:ca:b6:ee:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc1f25ca57f33fd84d26660e82305856d4ff54e
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=452e5184357c8ec1249e7b781b5457e72fcd9f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0c:42:1c:73:7a:df:00:2b:00:7a:8c:17:28:
66:ed:4b:0e:6b:38:a7:53:4b:3d:9e:65:9c:60:a9:
71:1f:3e:39:4d:f4:16:18:65:cf:d3:17:bc:13:9b:
3f:98:c9:39:c9:a8:76:45:51:c4:5e:3d:3b:c5:0c:
31:4a:41:49:aa:20:42:f0:3b:f5:87:85:61:62:45:
82:77:03:c9:e0:51:b8:e8:81:cb:bb:4f:ca:7d:e9:
80:f0:79:e5:2b:dd:4e:6c:f9:a6:f7:15:a6:50:c7:
81:de:1d:41:47:49:16:f6:cf:60:80:8b:9c:e4:5b:
dc:23:fd:69:0e:71:54:b6:c3:89:4c:97:ff:4a:97:
9f:4a:02:58:d8:fa:77:3f:b2:f1:59:f6:68:7e:de:
aa:7b:f9:b5:f4:7d:c4:7d:02:0e:74:db:9a:ff:23:
01:5e:68:3e:cb:b2:05:dc:60:42:82:d2:e1:60:19:
0b:1f:eb:8f:bc:80:92:6c:fc:ff:da:fb:80:b9:d2:
6d:61:8c:21:77:55:c9:48:20:81:63:b1:df:4c:9d:
66:e0:a7:61:a4:ff:fc:e0:a7:c3:7b:22:95:fc:4f:
bb:02:7b:08:2d:d3:7e:dd:e0:7b:2f:cf:5b:b5:e0:
24:08:2c:04:91:fc:40:6b:8b:37:0a:b5:4d:50:be:
71:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2E:51:84:35:7C:8E:C1:24:9E:7B:78:1B:54:57:E7:2F:CD:9F:9B
X509v3 Authority Key Identifier:
keyid:FD:C1:F2:5C:A5:7F:33:FD:84:D2:66:60:E8:23:05:85:6D:4F:F5:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cHyXKV_M_2E0mZg6CMFhW1P9U4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d75869-ae0d-446d-93ed-00a0a328bb73/1/RS5RhDV8jsEknnt4G1RX5y_Nn5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d75869-ae0d-446d-93ed-00a0a328bb73/1/_cHyXKV_M_2E0mZg6CMFhW1P9U4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.166.0/24
91.226.181.0/24
185.12.192.0/22
185.29.172.0/22
185.34.232.0/22
195.88.236.0/23
IPv6:
2a04:6040::/31
Signature Algorithm: sha256WithRSAEncryption
b8:3c:27:95:7c:37:84:0a:b6:58:11:57:f9:27:7d:4d:93:bb:
06:99:fd:12:6e:03:00:6d:10:9e:17:fb:9c:8d:9e:0a:1d:c3:
9f:26:6c:45:13:66:4e:b3:08:0e:13:15:22:15:24:5d:a0:a7:
fd:a2:0b:57:cd:85:bc:d6:a5:93:c7:38:69:2f:11:d4:24:66:
e9:15:85:60:af:71:e9:d0:76:56:30:ae:4b:97:26:58:70:96:
95:c1:71:e3:05:1d:62:24:0d:c0:7e:ce:39:3e:a8:45:65:63:
ad:b8:5a:c6:b7:a5:65:14:24:49:86:55:32:12:bc:7d:98:7e:
92:49:fb:21:2d:84:f1:93:56:2c:39:1d:59:5e:fd:06:3d:9c:
7a:cd:5d:f6:0d:2e:83:d7:fe:b6:7a:9e:dc:2b:7b:2d:68:01:
d3:36:33:f1:f3:a1:4c:bc:8e:60:0d:14:88:40:91:82:68:f9:
61:76:82:94:04:db:4d:9e:44:33:4f:6f:26:15:b3:c1:57:d4:
85:be:72:f9:d9:1c:2f:c0:b6:0a:b8:bb:0b:d6:bb:25:bb:da:
07:20:de:87:a6:9f:af:e7:b6:dc:ad:20:4c:12:2e:9e:2a:57:
53:ea:38:cd:98:82:f6:e0:0f:eb:29:ff:a1:f0:b4:d3:ad:65:
ba:7b:9a:23
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHJ11pQxC4/kRbaNXKtu5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYzFmMjVjYTU3ZjMzZmQ4NGQyNjY2MGU4MjMwNTg1NmQ0
ZmY1NGUwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJlNTE4NDM1N2M4ZWMxMjQ5ZTdiNzgxYjU0NTdlNzJmY2Q5ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAxCHHN63wArAHqMFyhm7UsOazin
U0s9nmWcYKlxHz45TfQWGGXP0xe8E5s/mMk5yah2RVHEXj07xQwxSkFJqiBC8Dv1
h4VhYkWCdwPJ4FG46IHLu0/KfemA8HnlK91ObPmm9xWmUMeB3h1BR0kW9s9ggIuc
5FvcI/1pDnFUtsOJTJf/SpefSgJY2Pp3P7LxWfZoft6qe/m19H3EfQIOdNua/yMB
Xmg+y7IF3GBCgtLhYBkLH+uPvICSbPz/2vuAudJtYYwhd1XJSCCBY7HfTJ1m4Kdh
pP/84KfDeyKV/E+7AnsILdN+3eB7L89bteAkCCwEkfxAa4s3CrVNUL5xPwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEUuUYQ1fI7BJJ57eBtUV+cvzZ+bMB8GA1UdIwQY
MBaAFP3B8lylfzP9hNJmYOgjBYVtT/VOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2NIeVhLVl9NXzJFMG1aZzZDTUZoVzFQOVU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNzU4NjktYWUwZC00NDZkLTkzZWQt
MDBhMGEzMjhiYjczLzEvUlM1UmhEVjhqc0Vrbm50NEcxUlg1eV9ObjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNzU4NjktYWUwZC00NDZkLTkzZWQtMDBhMGEzMjhiYjcz
LzEvX2NIeVhLVl9NXzJFMG1aZzZDTUZoVzFQOVU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAWSemAwQA
W+K1AwQCuQzAAwQCuR2sAwQCuSLoAwQBw1jsMA0EAgACMAcDBQEqBGBAMA0GCSqG
SIb3DQEBCwUAA4IBAQC4PCeVfDeECrZYEVf5J31Nk7sGmf0SbgMAbRCeF/ucjZ4K
HcOfJmxFE2ZOswgOExUiFSRdoKf9ogtXzYW81qWTxzhpLxHUJGbpFYVgr3Hp0HZW
MK5LlyZYcJaVwXHjBR1iJA3Afs45PqhFZWOtuFrGt6VlFCRJhlUyErx9mH6SSfsh
LYTxk1YsOR1ZXv0GPZx6zV32DS6D1/62ep7cK3staAHTNjPx86FMvI5gDRSIQJGC
aPlhdoKUBNtNnkQzT28mFbPBV9SFvnL52RwvwLYKuLsL1rslu9oHIN6Hpp+v57bc
rSBMEi6eKldT6jjNmIL24A/rKf+h8LTTrWW6e5oj
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:38:44 2025 by rpki-client