Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CXNo5NHD9sDfZEQAHZIMxi9t-js.roa
File: CXNo5NHD9sDfZEQAHZIMxi9t-js.roa (raw, json)
Hash identifier: XLbTgCmj6h9qzhrvq/SzZIm54Noz+p2YAMHJjbP9qxQ=
Subject key identifier: 09:73:68:E4:D1:C3:F6:C0:DF:64:44:00:1D:92:0C:C6:2F:6D:FA:3B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019562D76D7F5D1F05F4523785DD3CDC0FAB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CXNo5NHD9sDfZEQAHZIMxi9t-js.roa
Signing time: Tue 04 Mar 2025 20:27:20 +0000
ROA not before: Tue 04 Mar 2025 20:27:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59642
IP address blocks: 84.32.101.0/24 maxlen: 24
84.32.102.0/24 maxlen: 24
84.32.184.0/22 maxlen: 24
84.32.188.0/22 maxlen: 22
88.216.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 10:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:d7:6d:7f:5d:1f:05:f4:52:37:85:dd:3c:dc:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 4 20:27:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097368e4d1c3f6c0df6444001d920cc62f6dfa3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:59:61:a5:fb:05:46:de:60:6f:1b:08:82:da:
23:1b:55:7e:8c:9a:d4:d0:d8:bc:9d:92:be:d7:82:
49:e7:2f:a4:6b:5a:b5:21:28:67:ba:fd:47:f4:00:
c6:68:a8:18:7d:91:18:46:d2:5f:71:a9:c7:a9:b7:
11:eb:06:e6:63:02:30:a1:f8:22:39:80:cf:dc:6a:
91:40:0f:2a:dc:40:af:9f:13:69:b8:16:b6:b5:28:
f3:b5:a9:7d:e6:35:cc:d8:87:b9:24:c2:3a:97:5b:
14:ce:80:47:db:e5:e0:49:7d:55:c5:18:44:a0:6c:
8c:ad:01:66:9a:25:a7:f1:1c:0b:01:d8:d3:01:1e:
da:96:8d:20:09:76:96:b3:dc:68:06:0a:72:3a:fb:
ed:0a:99:e0:ee:40:57:8f:a5:a4:38:ea:0d:e1:85:
fb:11:c4:55:9b:ff:ba:12:ed:bf:da:15:38:b2:84:
39:07:7c:07:82:07:52:7d:b4:1a:74:5e:2b:ed:29:
47:f1:13:f1:40:f9:4e:c6:c7:10:96:b3:5f:a1:01:
4a:b2:d1:38:4b:e4:85:6b:b8:5f:2b:84:03:87:e1:
1f:96:36:a1:25:dc:2d:6d:5a:f1:44:45:40:e7:7d:
68:be:93:43:b6:11:a8:4d:99:fe:98:03:78:ac:cd:
2c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:73:68:E4:D1:C3:F6:C0:DF:64:44:00:1D:92:0C:C6:2F:6D:FA:3B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CXNo5NHD9sDfZEQAHZIMxi9t-js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.101.0-84.32.102.255
84.32.184.0/21
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
31:be:d8:9a:10:a0:09:46:d4:9b:69:52:f7:44:23:b2:28:c7:
c5:bd:e4:ba:62:00:a6:a1:53:b0:d0:6c:f0:f0:db:37:31:22:
3f:a7:34:e6:01:8b:8a:7d:74:14:96:e9:28:0e:1a:0f:2e:d9:
4a:f9:c3:bc:ef:dc:c0:94:2c:09:57:68:38:73:8e:71:5c:e1:
cd:cc:45:da:eb:5e:0c:2c:75:39:48:40:ff:28:55:d2:ed:22:
02:88:b4:ac:6d:87:85:6d:27:76:a5:5c:a9:99:3d:00:2d:39:
ff:18:fd:b0:aa:fe:ec:92:9f:67:25:4a:eb:52:9a:70:13:67:
82:87:af:35:90:ff:69:6e:93:e2:5e:ff:98:15:05:4c:1c:c0:
f1:39:3e:d3:18:13:3f:58:96:fd:00:ca:3f:ba:1b:e2:18:79:
7e:8c:f2:c8:ef:7c:15:17:70:b4:5b:76:52:f5:f3:ca:8d:8c:
a1:65:f9:12:26:15:df:db:28:10:ff:ce:c6:ea:5a:e7:21:f7:
2f:b4:95:ec:c0:a5:b7:9d:ac:91:1e:51:95:d8:48:0d:fb:22:
d0:34:f9:5d:6e:fb:d0:51:e8:38:36:98:1c:62:84:36:de:3e:
b3:2f:9a:da:61:24:a1:29:7b:b6:1f:1f:01:6d:a6:7e:ce:15:
99:b3:39:55
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZVi121/XR8F9FI3hd083A+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzA0MjAyNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTczNjhlNGQxYzNmNmMwZGY2NDQ0MDAxZDkyMGNjNjJmNmRmYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VlhpfsFRt5gbxsIgtojG1V+jJrU
0Ni8nZK+14JJ5y+ka1q1IShnuv1H9ADGaKgYfZEYRtJfcanHqbcR6wbmYwIwofgi
OYDP3GqRQA8q3ECvnxNpuBa2tSjztal95jXM2Ie5JMI6l1sUzoBH2+XgSX1VxRhE
oGyMrQFmmiWn8RwLAdjTAR7alo0gCXaWs9xoBgpyOvvtCpng7kBXj6WkOOoN4YX7
EcRVm/+6Eu2/2hU4soQ5B3wHggdSfbQadF4r7SlH8RPxQPlOxscQlrNfoQFKstE4
S+SFa7hfK4QDh+EfljahJdwtbVrxREVA531ovpNDthGoTZn+mAN4rM0sSwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAlzaOTRw/bA32REAB2SDMYvbfo7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ1hObzVOSEQ5c0RmWkVRQUhaSU14aTl0LWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABUIGUD
BABUIGYDBANUILgDBABY2LswDQYJKoZIhvcNAQELBQADggEBADG+2JoQoAlG1Jtp
UvdEI7Iox8W95LpiAKahU7DQbPDw2zcxIj+nNOYBi4p9dBSW6SgOGg8u2Ur5w7zv
3MCULAlXaDhzjnFc4c3MRdrrXgwsdTlIQP8oVdLtIgKItKxth4VtJ3alXKmZPQAt
Of8Y/bCq/uySn2clSutSmnATZ4KHrzWQ/2luk+Je/5gVBUwcwPE5PtMYEz9Ylv0A
yj+6G+IYeX6M8sjvfBUXcLRbdlL188qNjKFl+RImFd/bKBD/zsbqWuch9y+0lezA
pbedrJEeUZXYSA37ItA0+V1u+9BR6Dg2mBxihDbePrMvmtphJKEpe7YfHwFtpn7O
FZmzOVU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:29:18 2025 by rpki-client