Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/dXSjvy5HQkZ7Nf-QARHgBBsPU8Q.roa
File: dXSjvy5HQkZ7Nf-QARHgBBsPU8Q.roa (raw, json)
Hash identifier: i0NOVy4Cv7cB6selixDKCvU/1mJX9TVT8RjSYCqMHWI=
Subject key identifier: 75:74:A3:BF:2E:47:42:46:7B:35:FF:90:01:11:E0:04:1B:0F:53:C4
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 018CC3B6EF7308E1EFA5FC74751B994E631F
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/dXSjvy5HQkZ7Nf-QARHgBBsPU8Q.roa
Signing time: Mon 01 Jan 2024 06:29:55 +0000
ROA not before: Mon 01 Jan 2024 06:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47524
IP address blocks: 176.240.0.0/16 maxlen: 24
185.26.68.0/22 maxlen: 24
185.26.68.0/24 maxlen: 24
185.26.69.0/24 maxlen: 24
185.26.70.0/24 maxlen: 24
185.26.71.0/24 maxlen: 24
94.55.96.0/22 maxlen: 24
94.55.112.0/22 maxlen: 24
94.55.116.0/22 maxlen: 24
94.55.124.0/23 maxlen: 24
94.55.120.0/23 maxlen: 24
94.55.122.0/23 maxlen: 24
94.55.127.0/24 maxlen: 24
94.55.126.0/24 maxlen: 24
24.133.0.0/16 maxlen: 24
94.55.64.0/20 maxlen: 24
94.55.80.0/21 maxlen: 24
94.55.88.0/22 maxlen: 24
94.54.0.0/15 maxlen: 24
46.196.0.0/15 maxlen: 24
24.133.152.0/22 maxlen: 24
24.133.156.0/22 maxlen: 24
178.233.0.0/16 maxlen: 24
2a00:1d58::/36 maxlen: 36
2a00:1d58::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ef:73:08:e1:ef:a5:fc:74:75:1b:99:4e:63:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 06:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7574a3bf2e4742467b35ff900111e0041b0f53c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2f:16:84:17:c2:61:1b:9b:1b:38:fc:55:36:
69:28:f7:f0:38:18:83:a5:bc:d0:ec:41:d8:d5:02:
64:fe:58:09:bb:e9:ed:46:84:7c:68:db:a5:f3:2d:
84:04:ab:70:3c:5b:a2:d5:e6:c1:bb:b3:07:af:30:
e3:94:8d:20:11:1d:f0:86:96:b1:33:80:6e:d9:01:
60:10:23:70:6e:8a:bb:66:e2:37:d7:92:a5:a5:f1:
60:62:4a:7e:97:24:70:fc:fb:8a:6e:8c:7d:99:cf:
08:c1:da:91:8f:9e:ad:d9:4a:53:de:0f:64:fb:58:
ae:53:ce:30:86:41:5f:9d:d0:c1:96:ac:d9:85:ec:
9e:a0:11:ef:83:ca:f8:89:73:5b:9c:9f:30:8b:63:
b8:8d:cb:50:ea:af:b3:f3:a7:b3:a8:e1:a9:4c:74:
89:a3:ac:1b:21:60:3f:4f:01:c2:3b:2c:06:b9:7e:
f5:12:1d:af:a2:41:eb:8e:c4:14:30:83:de:70:d6:
cd:8e:0b:6a:e5:40:31:5a:8c:7c:b6:a2:7f:0d:ad:
d6:c0:4e:a1:fa:2b:df:0a:8f:4c:12:7d:ed:6e:7b:
77:0b:50:c0:8b:6e:50:8e:06:e8:1f:ce:dd:dd:04:
8b:73:e8:f0:00:c5:2e:32:ed:75:ed:a4:4d:8a:76:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:74:A3:BF:2E:47:42:46:7B:35:FF:90:01:11:E0:04:1B:0F:53:C4
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/dXSjvy5HQkZ7Nf-QARHgBBsPU8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.133.0.0/16
46.196.0.0/15
94.54.0.0/15
176.240.0.0/16
178.233.0.0/16
185.26.68.0/22
IPv6:
2a00:1d58::/29
Signature Algorithm: sha256WithRSAEncryption
11:b2:0b:97:11:a1:96:6c:2a:27:75:05:4c:4b:a2:ab:3f:95:
3d:36:1c:54:08:ba:46:d3:19:92:06:7f:d0:ba:4e:f3:29:b4:
70:c8:2d:30:0b:5b:41:fc:d4:20:aa:ef:b5:b5:19:33:fd:0b:
73:73:b1:31:62:f3:10:29:0f:c0:a0:40:3e:04:61:ac:3c:79:
ec:8e:47:78:29:3d:dd:11:10:7f:fc:4b:a9:97:d3:2f:5d:b2:
5a:42:f8:3d:d3:67:15:b2:c8:9a:ab:71:c1:6c:84:82:7f:91:
14:8d:6e:f9:ae:ea:ac:ad:81:d1:96:78:e5:e0:d7:8b:97:37:
83:0b:61:0b:1c:9e:63:ab:4e:da:c9:43:7d:1e:6d:4a:6f:65:
bd:44:ba:5d:51:66:bd:76:29:8d:3c:84:74:12:2d:dd:09:68:
6b:1a:02:56:d8:d0:ef:e9:50:12:f3:42:28:4e:2e:ec:ea:67:
33:0a:9d:3c:25:f9:f0:71:6d:f6:1a:83:2d:a0:22:dd:92:ef:
93:82:8e:ee:f7:8b:df:c8:b5:40:cc:79:5a:47:d0:9a:b4:30:
3d:ae:4a:0e:4c:18:ef:db:0c:a3:b2:0b:06:25:0a:f3:21:28:
9f:de:0d:23:c3:6c:80:fc:ae:49:38:0b:4f:d2:0c:4c:eb:fd:
66:e3:2d:61
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDtu9zCOHvpfx0dRuZTmMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjQwMTAxMDYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc0YTNiZjJlNDc0MjQ2N2IzNWZmOTAwMTExZTAwNDFiMGY1M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki8WhBfCYRubGzj8VTZpKPfwOBiD
pbzQ7EHY1QJk/lgJu+ntRoR8aNul8y2EBKtwPFui1ebBu7MHrzDjlI0gER3whpax
M4Bu2QFgECNwboq7ZuI315KlpfFgYkp+lyRw/PuKbox9mc8IwdqRj56t2UpT3g9k
+1iuU84whkFfndDBlqzZheyeoBHvg8r4iXNbnJ8wi2O4jctQ6q+z86ezqOGpTHSJ
o6wbIWA/TwHCOywGuX71Eh2vokHrjsQUMIPecNbNjgtq5UAxWox8tqJ/Da3WwE6h
+ivfCo9MEn3tbnt3C1DAi25QjgboH87d3QSLc+jwAMUuMu117aRNinZ/5wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHV0o78uR0JGezX/kAER4AQbD1PEMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvZFhTanZ5NUhRa1o3TmYtUUFSSGdCQnNQVThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMAGIUDAwEu
xAMDAV42AwMAsPADAwCy6QMEArkaRDANBAIAAjAHAwUDKgAdWDANBgkqhkiG9w0B
AQsFAAOCAQEAEbILlxGhlmwqJ3UFTEuiqz+VPTYcVAi6RtMZkgZ/0LpO8ym0cMgt
MAtbQfzUIKrvtbUZM/0Lc3OxMWLzECkPwKBAPgRhrDx57I5HeCk93REQf/xLqZfT
L12yWkL4PdNnFbLImqtxwWyEgn+RFI1u+a7qrK2B0ZZ45eDXi5c3gwthCxyeY6tO
2slDfR5tSm9lvUS6XVFmvXYpjTyEdBIt3QloaxoCVtjQ7+lQEvNCKE4u7OpnMwqd
PCX58HFt9hqDLaAi3ZLvk4KO7veL38i1QMx5WkfQmrQwPa5KDkwY79sMo7ILBiUK
8yEon94NI8NsgPyuSTgLT9IMTOv9ZuMtYQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:45:20 2025 by rpki-client