Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/raVSK1SqSE3__MbjaC9q6D80P0I.roa
File: raVSK1SqSE3__MbjaC9q6D80P0I.roa (raw, json)
Hash identifier: 6//IzMXN8lRJiWooLLsLpApnbQ25pPLDh/yMCRNJ59s=
Subject key identifier: AD:A5:52:2B:54:AA:48:4D:FF:FC:C6:E3:68:2F:6A:E8:3F:34:3F:42
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018FAAD51647AC3962CD1B53BB01B7F368EC
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/raVSK1SqSE3__MbjaC9q6D80P0I.roa
Signing time: Fri 24 May 2024 13:40:42 +0000
ROA not before: Fri 24 May 2024 13:40:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 37.0.10.0/23 maxlen: 24
85.202.168.0/22 maxlen: 24
195.226.205.0/24 maxlen: 24
213.249.73.0/24 maxlen: 24
213.249.74.0/23 maxlen: 24
213.249.76.0/22 maxlen: 24
213.249.81.0/24 maxlen: 24
213.249.82.0/23 maxlen: 24
213.249.84.0/22 maxlen: 24
213.249.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 05:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:d5:16:47:ac:39:62:cd:1b:53:bb:01:b7:f3:68:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: May 24 13:40:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ada5522b54aa484dfffcc6e3682f6ae83f343f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0d:73:df:09:7d:96:41:7c:b2:db:2f:27:e8:
90:3f:12:94:9a:80:44:4a:4e:04:a0:9f:e9:ec:b5:
db:c0:7f:b0:33:9e:bd:37:43:9a:94:11:cb:62:8b:
38:82:25:72:d4:d1:aa:0f:a9:e9:0e:70:0e:b2:5a:
f7:bb:4a:22:77:8a:fe:33:40:dc:23:59:23:f8:d9:
7d:96:1e:4b:6d:9b:db:87:7c:10:0c:f3:6c:1c:cf:
77:01:58:31:3c:36:04:10:7f:fe:2e:2f:80:22:20:
ce:d5:01:b0:14:52:f8:f6:ca:91:3d:76:35:86:14:
40:40:a9:71:28:a3:31:9b:63:d4:92:34:cc:20:83:
4e:c5:48:56:e3:1d:06:a9:f9:24:99:21:7f:e7:11:
d9:d9:88:e2:39:0c:d5:10:af:86:a5:ea:6e:ca:49:
dd:c7:37:b3:8e:1c:03:bc:52:5f:48:50:b1:18:92:
74:e2:d3:a6:1b:bf:d6:52:83:bb:c1:c9:5f:da:97:
d6:86:1e:fc:71:dc:12:e4:36:72:80:74:70:7d:51:
1c:1c:ec:c2:64:72:dc:ff:b0:50:a9:5a:54:cc:15:
b0:a1:99:95:29:5c:51:c5:c9:60:ef:20:b2:25:86:
ad:3c:af:ed:79:43:3f:33:98:db:b9:a5:4e:ea:18:
03:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A5:52:2B:54:AA:48:4D:FF:FC:C6:E3:68:2F:6A:E8:3F:34:3F:42
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/raVSK1SqSE3__MbjaC9q6D80P0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.10.0/23
85.202.168.0/22
195.226.205.0/24
213.249.73.0-213.249.79.255
213.249.81.0-213.249.91.255
Signature Algorithm: sha256WithRSAEncryption
7d:63:ca:72:a8:de:80:5f:8a:f1:d0:fe:95:04:f0:38:66:31:
dd:79:ca:3f:dd:b3:41:9b:54:ca:09:0a:32:d5:e0:56:f9:85:
88:8f:92:d1:11:bd:3e:f3:01:93:86:67:9f:50:4d:db:bd:26:
31:5b:98:eb:e6:9b:83:fe:59:19:f2:39:29:8e:84:ac:89:7f:
1c:20:33:4d:73:e7:25:88:d6:51:ac:7a:40:a4:17:d8:bb:65:
86:6f:48:7f:dc:73:e1:3e:fd:e8:e4:9b:0a:b7:ac:e0:62:51:
7b:72:0e:43:02:d4:ec:c8:9c:85:9c:ae:5f:37:54:b4:c9:bc:
72:b9:be:c7:e1:b4:3b:d7:c5:8a:6f:09:d9:cc:98:c1:0e:25:
cf:b7:87:ce:97:6d:d6:b5:01:42:21:22:b7:44:6c:57:3f:b9:
b2:39:d1:21:88:58:a8:a0:ac:05:fb:ff:7a:2b:6b:64:4a:68:
ac:0b:c6:af:b6:88:c2:e3:5c:4c:cc:f2:92:76:2a:28:25:21:
4e:a8:4f:b5:b3:ef:e1:cc:5b:cd:24:ae:3e:05:13:c8:9d:0c:
68:86:b1:f5:96:35:94:dc:50:50:6a:03:42:0a:96:dc:16:26:
17:82:be:4c:79:fc:d1:52:fb:48:e1:6b:a7:f2:91:4e:54:df:
7c:aa:40:05
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY+q1RZHrDlizRtTuwG382jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjQwNTI0MTM0MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE1NTIyYjU0YWE0ODRkZmZmY2M2ZTM2ODJmNmFlODNmMzQzZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg1z3wl9lkF8stsvJ+iQPxKUmoBE
Sk4EoJ/p7LXbwH+wM569N0OalBHLYos4giVy1NGqD6npDnAOslr3u0oid4r+M0Dc
I1kj+Nl9lh5LbZvbh3wQDPNsHM93AVgxPDYEEH/+Li+AIiDO1QGwFFL49sqRPXY1
hhRAQKlxKKMxm2PUkjTMIINOxUhW4x0GqfkkmSF/5xHZ2YjiOQzVEK+Gpepuyknd
xzezjhwDvFJfSFCxGJJ04tOmG7/WUoO7wclf2pfWhh78cdwS5DZygHRwfVEcHOzC
ZHLc/7BQqVpUzBWwoZmVKVxRxclg7yCyJYatPK/teUM/M5jbuaVO6hgDwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFK2lUitUqkhN//zG42gvaug/ND9CMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvcmFWU0sxU3FTRTNfX01iamFDOXE2RDgwUDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBJQAKAwQC
VcqoAwQAw+LNMAwDBADV+UkDBATV+UAwDAMEANX5UQMEAtX5WDANBgkqhkiG9w0B
AQsFAAOCAQEAfWPKcqjegF+K8dD+lQTwOGYx3XnKP92zQZtUygkKMtXgVvmFiI+S
0RG9PvMBk4Znn1BN270mMVuY6+abg/5ZGfI5KY6ErIl/HCAzTXPnJYjWUax6QKQX
2Ltlhm9If9xz4T796OSbCres4GJRe3IOQwLU7MichZyuXzdUtMm8crm+x+G0O9fF
im8J2cyYwQ4lz7eHzpdt1rUBQiEit0RsVz+5sjnRIYhYqKCsBfv/eitrZEporAvG
r7aIwuNcTMzyknYqKCUhTqhPtbPv4cxbzSSuPgUTyJ0MaIax9ZY1lNxQUGoDQgqW
3BYmF4K+THn80VL7SOFrp/KRTlTffKpABQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:36 2025 by rpki-client