Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/bTgC3gMtHzJnV8bZ0Vk1BRMozFM.roa
File: bTgC3gMtHzJnV8bZ0Vk1BRMozFM.roa (raw, json)
Hash identifier: aylVQXSX1uDZzNns+mji4m8k91IQB0UauZ9FgQk1o0I=
Subject key identifier: 6D:38:02:DE:03:2D:1F:32:67:57:C6:D9:D1:59:35:05:13:28:CC:53
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 01942067B93D75745896E60009B4348E70AE
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/bTgC3gMtHzJnV8bZ0Vk1BRMozFM.roa
Signing time: Wed 01 Jan 2025 05:47:36 +0000
ROA not before: Wed 01 Jan 2025 05:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 91.239.119.0/24 maxlen: 24
185.253.76.0/24 maxlen: 24
185.253.77.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
185.253.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:b9:3d:75:74:58:96:e6:00:09:b4:34:8e:70:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d3802de032d1f326757c6d9d15935051328cc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:18:a9:f8:05:ac:e3:94:cd:4b:97:b7:ed:d8:
54:5e:42:c8:96:f5:ef:54:e4:a1:28:b4:3b:40:f5:
3b:22:ca:5c:1a:00:f1:6e:02:3d:05:50:25:11:27:
fd:e6:40:04:a1:68:6a:a4:8f:d4:3a:d2:55:ed:8e:
bb:41:ad:28:13:5d:ab:8c:ca:04:d6:be:1c:e4:98:
8f:d9:78:b7:6e:27:6d:4d:f9:73:d9:e9:25:cb:08:
44:04:a8:d4:4b:91:91:20:8a:22:0c:85:c1:64:e7:
c3:e1:79:e8:be:8a:ec:60:8b:ce:8f:2f:1b:84:0b:
20:77:25:06:f9:02:49:4d:83:28:10:b6:ce:0f:79:
3f:d8:44:36:c8:df:63:c9:57:4d:ad:52:a9:64:ad:
7e:e9:9e:fb:43:b0:64:2d:ef:22:23:9a:d5:0d:97:
a1:18:73:5b:98:ed:86:24:51:7b:ae:47:d2:6e:91:
af:2f:42:11:3c:2a:aa:94:cc:2e:d7:6c:e6:65:03:
93:8a:69:31:e3:51:94:da:60:24:3b:3f:ab:8a:1d:
48:3c:f2:3d:48:90:10:69:4c:41:23:c8:79:a0:f4:
d0:13:0b:2e:25:f0:40:d4:cf:f6:69:15:eb:c2:75:
c6:43:6c:5e:20:de:64:84:ba:7a:35:c4:5f:f9:d2:
e2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:38:02:DE:03:2D:1F:32:67:57:C6:D9:D1:59:35:05:13:28:CC:53
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/bTgC3gMtHzJnV8bZ0Vk1BRMozFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.119.0/24
185.253.76.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:30:cb:ae:c6:87:24:00:34:47:78:42:f0:b2:eb:4e:c7:82:
e8:7c:07:0a:aa:54:7d:00:51:62:4f:8c:c7:46:b6:ae:b7:77:
ca:d7:b2:09:c7:68:4d:8e:b6:29:f2:93:48:4e:34:66:46:2a:
7a:8a:99:e6:7a:7f:b1:8c:79:23:f6:40:86:f3:85:f2:cc:6f:
86:0c:11:a1:92:94:ba:87:dd:c7:f0:82:01:ad:b6:56:76:d8:
25:a2:af:c2:01:43:fa:3d:0e:d3:b1:b3:34:17:ae:98:38:3c:
6a:58:9e:ae:fa:d6:b1:87:27:c9:97:bc:83:5b:b0:ce:55:3a:
e4:eb:16:28:7e:53:a8:05:94:db:12:7b:72:59:67:ad:7b:6b:
16:f4:cb:d4:09:e2:8f:ae:fe:fc:e9:07:12:9a:79:f6:12:e9:
9a:57:ae:e0:1c:d7:cd:62:a1:b6:a3:ab:fb:fe:0e:04:6a:1a:
f1:b1:cf:62:ec:f6:04:f6:67:71:00:eb:38:3d:cc:b3:54:73:
18:2a:50:d1:b3:17:da:dd:ad:15:5e:1c:29:95:fb:ee:9c:37:
0c:cf:ff:37:d7:de:43:cf:f9:3e:61:a3:51:26:8d:f8:62:2e:
df:d7:97:9a:84:e5:b3:40:b6:5a:17:76:fd:70:4e:99:4a:1c:
a4:ca:81:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQgZ7k9dXRYluYACbQ0jnCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDM4MDJkZTAzMmQxZjMyNjc1N2M2ZDlkMTU5MzUwNTEzMjhjYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rip+AWs45TNS5e37dhUXkLIlvXv
VOShKLQ7QPU7IspcGgDxbgI9BVAlESf95kAEoWhqpI/UOtJV7Y67Qa0oE12rjMoE
1r4c5JiP2Xi3bidtTflz2eklywhEBKjUS5GRIIoiDIXBZOfD4XnovorsYIvOjy8b
hAsgdyUG+QJJTYMoELbOD3k/2EQ2yN9jyVdNrVKpZK1+6Z77Q7BkLe8iI5rVDZeh
GHNbmO2GJFF7rkfSbpGvL0IRPCqqlMwu12zmZQOTimkx41GU2mAkOz+rih1IPPI9
SJAQaUxBI8h5oPTQEwsuJfBA1M/2aRXrwnXGQ2xeIN5khLp6NcRf+dLibwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG04At4DLR8yZ1fG2dFZNQUTKMxTMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvYlRnQzNnTXRIekpuVjhiWjBWazFCUk1vekZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+93AwQC
uf1MMA0GCSqGSIb3DQEBCwUAA4IBAQBrMMuuxockADRHeELwsutOx4LofAcKqlR9
AFFiT4zHRraut3fK17IJx2hNjrYp8pNITjRmRip6ipnmen+xjHkj9kCG84XyzG+G
DBGhkpS6h93H8IIBrbZWdtgloq/CAUP6PQ7TsbM0F66YODxqWJ6u+taxhyfJl7yD
W7DOVTrk6xYoflOoBZTbEntyWWete2sW9MvUCeKPrv786QcSmnn2EumaV67gHNfN
YqG2o6v7/g4Eahrxsc9i7PYE9mdxAOs4PcyzVHMYKlDRsxfa3a0VXhwplfvunDcM
z/83195Dz/k+YaNRJo34Yi7f15eahOWzQLZaF3b9cE6ZShykyoFm
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:04:09 2025 by rpki-client