Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/4P_0jxU94VpaJtNg4zu8lmS79WE.roa
File: 4P_0jxU94VpaJtNg4zu8lmS79WE.roa (raw, json)
Hash identifier: kXc8ITNx8srIZOwp4LNf0yIzhIEwSalI5BmTEiUg3bw=
Subject key identifier: E0:FF:F4:8F:15:3D:E1:5A:5A:26:D3:60:E3:3B:BC:96:64:BB:F5:61
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01953789F493D4014A92D41D21AAAC87F052
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/4P_0jxU94VpaJtNg4zu8lmS79WE.roa
Signing time: Mon 24 Feb 2025 10:39:02 +0000
ROA not before: Mon 24 Feb 2025 10:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 14.102.53.0/24 maxlen: 24
14.102.60.0/24 maxlen: 24
92.51.236.0/24 maxlen: 24
92.51.237.0/24 maxlen: 24
103.125.76.0/24 maxlen: 24
192.140.222.0/24 maxlen: 24
192.140.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 16:46:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:89:f4:93:d4:01:4a:92:d4:1d:21:aa:ac:87:f0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 24 10:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0fff48f153de15a5a26d360e33bbc9664bbf561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:14:48:da:cf:17:11:90:c9:6e:6f:9d:61:c4:
91:0d:f5:30:9c:e9:51:83:d0:21:f9:ef:5b:e2:23:
5e:90:f8:47:10:de:fc:f4:6d:1e:b5:32:de:ed:e5:
f7:9c:2b:21:ca:97:28:25:bf:e8:e4:9b:9c:9a:32:
af:92:98:1c:4a:41:27:bc:b6:88:17:a0:2e:aa:3d:
eb:56:b9:ef:c9:ae:dd:47:ae:1d:9c:dc:a4:66:0b:
31:5a:3c:9f:b3:0a:9b:71:18:81:e4:f4:5b:a9:2f:
45:30:24:9d:7f:ad:9d:f8:bb:6a:20:aa:9c:36:c6:
00:a7:3e:6e:4b:e6:09:f0:f9:ec:f9:b3:ef:97:90:
76:f7:18:c5:67:b9:f8:58:e5:df:26:f0:74:fa:2f:
1c:f0:32:4b:71:83:e6:9a:d3:a7:5b:ae:2b:65:48:
1f:12:0b:e1:84:7a:94:cb:4d:0d:e9:8c:9e:7e:6e:
9a:7a:8a:b4:bf:ea:4a:03:f5:9b:a3:0f:0e:ad:49:
e3:98:cc:1d:53:44:73:cf:71:06:25:d6:d7:2b:2f:
ea:10:c6:be:96:1d:5b:15:39:d7:89:07:f7:4f:d2:
88:10:87:54:0b:a2:8b:6b:40:56:7f:52:5d:33:0c:
f5:72:17:33:85:7c:e9:35:97:42:e7:a9:fb:70:25:
a6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FF:F4:8F:15:3D:E1:5A:5A:26:D3:60:E3:3B:BC:96:64:BB:F5:61
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/4P_0jxU94VpaJtNg4zu8lmS79WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.53.0/24
14.102.60.0/24
92.51.236.0/23
103.125.76.0/24
192.140.222.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:2f:ea:df:70:91:38:0c:43:dd:58:45:a9:b3:fb:73:f5:13:
84:fb:08:45:2b:cc:53:dc:14:34:21:3c:a3:86:66:20:30:c0:
71:24:d5:bf:c5:5a:94:21:f3:48:3b:1a:7a:7f:39:90:82:d2:
06:3c:10:de:1d:13:c1:8b:60:ff:99:c4:71:21:af:98:8e:85:
fa:ce:e7:62:00:da:61:6c:38:e9:97:bc:2e:f4:81:11:74:9f:
6f:5e:46:8f:98:42:ba:4f:c0:3d:e2:cd:92:e7:5d:38:0f:9f:
b4:d3:08:68:5e:8b:ea:8b:26:89:d0:66:ca:4c:8f:67:e6:cb:
2f:ae:1e:8f:8f:c1:c5:25:2f:26:95:a7:96:f6:be:c0:e7:84:
b8:26:2a:9f:27:55:bc:3b:ea:a0:77:ad:06:69:2d:f2:34:b6:
e7:44:90:fa:f1:15:e7:04:5e:68:a4:5c:55:9c:7a:f6:1c:25:
ea:59:f7:22:3e:ac:a5:41:28:04:a8:e2:e5:f2:25:4d:01:16:
e9:3e:4d:5d:13:c3:73:de:da:a9:4a:be:4b:01:9d:2a:23:45:
4a:e2:53:71:91:13:ae:b7:78:ee:47:18:e1:d3:65:a1:dc:53:
67:75:6c:76:18:3f:ac:66:86:3a:d2:aa:51:82:83:f7:61:37:
9b:a5:0c:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZU3ifST1AFKktQdIaqsh/BSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI0MTAzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZmZjQ4ZjE1M2RlMTVhNWEyNmQzNjBlMzNiYmM5NjY0YmJmNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRRI2s8XEZDJbm+dYcSRDfUwnOlR
g9Ah+e9b4iNekPhHEN789G0etTLe7eX3nCshypcoJb/o5JucmjKvkpgcSkEnvLaI
F6Auqj3rVrnvya7dR64dnNykZgsxWjyfswqbcRiB5PRbqS9FMCSdf62d+LtqIKqc
NsYApz5uS+YJ8Pns+bPvl5B29xjFZ7n4WOXfJvB0+i8c8DJLcYPmmtOnW64rZUgf
EgvhhHqUy00N6Yyefm6aeoq0v+pKA/Wbow8OrUnjmMwdU0Rzz3EGJdbXKy/qEMa+
lh1bFTnXiQf3T9KIEIdUC6KLa0BWf1JdMwz1chczhXzpNZdC56n7cCWmzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOD/9I8VPeFaWibTYOM7vJZku/VhMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvNFBfMGp4VTk0VnBhSnROZzR6dThsbVM3OVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQADmY1AwQA
DmY8AwQBXDPsAwQAZ31MAwQBwIzeMA0GCSqGSIb3DQEBCwUAA4IBAQCdL+rfcJE4
DEPdWEWps/tz9ROE+whFK8xT3BQ0ITyjhmYgMMBxJNW/xVqUIfNIOxp6fzmQgtIG
PBDeHRPBi2D/mcRxIa+YjoX6zudiANphbDjpl7wu9IERdJ9vXkaPmEK6T8A94s2S
5104D5+00whoXovqiyaJ0GbKTI9n5ssvrh6Pj8HFJS8mlaeW9r7A54S4JiqfJ1W8
O+qgd60GaS3yNLbnRJD68RXnBF5opFxVnHr2HCXqWfciPqylQSgEqOLl8iVNARbp
Pk1dE8Nz3tqpSr5LAZ0qI0VK4lNxkROut3juRxjh02Wh3FNndWx2GD+sZoY60qpR
goP3YTebpQxS
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:02:45 2025 by rpki-client