Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/40frbBozrIxaBS2X_RxEpd-Z4vY.roa
File: 40frbBozrIxaBS2X_RxEpd-Z4vY.roa (raw, json)
Hash identifier: c5aGrP1e/WgoKf9dsoGpcyf1RCFkCmX506JCyvUqIdc=
Subject key identifier: E3:47:EB:6C:1A:33:AC:8C:5A:05:2D:97:FD:1C:44:A5:DF:99:E2:F6
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019565BC1983F14714AF2CDB6B6122A7C0AA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/40frbBozrIxaBS2X_RxEpd-Z4vY.roa
Signing time: Wed 05 Mar 2025 09:56:20 +0000
ROA not before: Wed 05 Mar 2025 09:56:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214998
IP address blocks: 85.202.203.0/24 maxlen: 24
93.88.204.0/22 maxlen: 24
194.50.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 11:58:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:bc:19:83:f1:47:14:af:2c:db:6b:61:22:a7:c0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 5 09:56:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e347eb6c1a33ac8c5a052d97fd1c44a5df99e2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0a:e4:45:70:dc:ca:5a:f9:f3:d8:10:bb:cc:
ce:61:ef:7e:d7:bf:8e:e2:39:aa:f9:6b:87:ba:e2:
2e:7c:a4:d1:e0:7c:bb:02:de:05:10:e5:ef:3f:0c:
51:a8:22:6b:fe:3c:e0:bb:0d:90:2e:04:2f:91:ed:
80:f7:1a:04:b9:6a:77:6d:53:77:bf:82:1e:84:54:
57:0c:f3:71:24:b4:5a:64:18:ae:bf:42:80:2f:e0:
a2:e8:bf:02:f8:ff:48:d5:1b:5f:39:37:11:e3:a5:
c1:a9:43:59:5e:cc:58:09:5b:f6:6c:0e:a9:fb:e9:
68:db:74:7f:f9:f1:9d:7f:fb:d0:d9:c6:6e:66:92:
8e:3a:51:c7:d7:a9:b0:42:89:6c:97:ae:fa:de:76:
27:b0:09:b1:d4:e7:6d:30:b4:d5:db:ce:12:64:1a:
7e:3e:08:26:5e:74:42:07:08:52:4e:fe:37:e9:d6:
2d:23:44:95:9c:1c:d8:92:71:f1:5a:06:42:36:2d:
d9:44:04:25:70:e1:ad:1d:87:f6:ea:59:87:03:bc:
72:34:a9:1e:05:9e:33:a0:dd:6e:99:70:65:90:e4:
e8:21:77:17:c5:9b:0a:75:aa:5b:21:af:63:af:21:
fd:0f:08:93:e3:c0:2d:ff:30:d2:8c:8e:0f:32:6f:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:47:EB:6C:1A:33:AC:8C:5A:05:2D:97:FD:1C:44:A5:DF:99:E2:F6
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/40frbBozrIxaBS2X_RxEpd-Z4vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.203.0/24
93.88.204.0/22
194.50.94.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:36:9a:22:07:e7:76:40:87:c2:80:e4:2a:0c:a1:da:28:2d:
53:11:f5:80:5a:03:db:e2:cb:79:84:cd:83:07:4f:90:e7:51:
c8:1b:a6:2c:9a:af:af:66:b2:f3:d4:d1:08:91:1a:f4:28:66:
f5:0b:d8:94:e3:4f:60:41:9a:3e:9a:c7:6c:7b:1e:b1:fb:05:
ff:37:2e:14:46:ac:aa:4e:1f:4f:ee:ad:b1:db:97:c2:6f:17:
a9:01:3c:b5:35:31:e0:01:39:59:bc:ea:ff:8f:37:2e:de:85:
1e:0f:48:72:cc:dc:28:33:6a:8e:8b:ad:b0:cb:0c:6e:8e:82:
9d:f5:d3:4e:3a:b4:6a:65:2f:75:fb:04:fc:e6:ba:b2:b8:e2:
cc:56:93:14:2d:32:80:b9:77:b7:cd:a7:6e:28:62:5c:08:b4:
63:72:d5:e0:7c:37:9a:14:fc:89:ce:63:37:70:79:71:8e:c5:
29:82:17:80:7c:5f:ff:bb:bf:45:33:27:4b:ab:f2:90:fb:3f:
ff:d7:2d:59:d2:11:cc:9b:ed:79:32:ac:84:ab:e7:e1:21:c3:
f3:c6:7f:27:48:3d:bd:96:89:cd:64:0a:77:8c:e2:3f:b8:0d:
bb:24:8e:62:57:a0:9a:1d:94:5a:cf:8b:f3:13:8f:b8:3f:06:
d9:20:9a:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVlvBmD8UcUryzba2Eip8CqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzA1MDk1NjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ3ZWI2YzFhMzNhYzhjNWEwNTJkOTdmZDFjNDRhNWRmOTllMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wrkRXDcylr589gQu8zOYe9+17+O
4jmq+WuHuuIufKTR4Hy7At4FEOXvPwxRqCJr/jzguw2QLgQvke2A9xoEuWp3bVN3
v4IehFRXDPNxJLRaZBiuv0KAL+Ci6L8C+P9I1RtfOTcR46XBqUNZXsxYCVv2bA6p
++lo23R/+fGdf/vQ2cZuZpKOOlHH16mwQolsl6763nYnsAmx1OdtMLTV284SZBp+
PggmXnRCBwhSTv436dYtI0SVnBzYknHxWgZCNi3ZRAQlcOGtHYf26lmHA7xyNKke
BZ4zoN1umXBlkOToIXcXxZsKdapbIa9jryH9DwiT48At/zDSjI4PMm8QqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFONH62waM6yMWgUtl/0cRKXfmeL2MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNDBmcmJCb3pySXhhQlMyWF9SeEVwZC1aNHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcrLAwQC
XVjMAwQAwjJeMA0GCSqGSIb3DQEBCwUAA4IBAQB8NpoiB+d2QIfCgOQqDKHaKC1T
EfWAWgPb4st5hM2DB0+Q51HIG6Ysmq+vZrLz1NEIkRr0KGb1C9iU409gQZo+msds
ex6x+wX/Ny4URqyqTh9P7q2x25fCbxepATy1NTHgATlZvOr/jzcu3oUeD0hyzNwo
M2qOi62wywxujoKd9dNOOrRqZS91+wT85rqyuOLMVpMULTKAuXe3zaduKGJcCLRj
ctXgfDeaFPyJzmM3cHlxjsUpgheAfF//u79FMydLq/KQ+z//1y1Z0hHMm+15MqyE
q+fhIcPzxn8nSD29lonNZAp3jOI/uA27JI5iV6CaHZRaz4vzE4+4PwbZIJqL
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:43:09 2025 by rpki-client