Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IgBM4FdJ73yz6EwG6lDglBZA9hE.roa
File: IgBM4FdJ73yz6EwG6lDglBZA9hE.roa (raw, json)
Hash identifier: v/6FxiNPkhxvuzZfezlg9g8eS1xvksaOK1MjBTNWPGg=
Subject key identifier: 22:00:4C:E0:57:49:EF:7C:B3:E8:4C:06:EA:50:E0:94:16:40:F6:11
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019548F12C5C7EED1A64A2B47B578D7F29EF
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IgBM4FdJ73yz6EwG6lDglBZA9hE.roa
Signing time: Thu 27 Feb 2025 19:45:19 +0000
ROA not before: Thu 27 Feb 2025 19:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 84.51.232.0/24 maxlen: 24
92.51.234.0/24 maxlen: 24
92.51.235.0/24 maxlen: 24
92.51.255.0/24 maxlen: 24
103.210.196.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
155.2.180.0/24 maxlen: 24
155.2.181.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
192.140.220.0/24 maxlen: 24
192.140.221.0/24 maxlen: 24
203.188.165.0/24 maxlen: 24
203.188.181.0/24 maxlen: 24
213.254.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 09:05:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:f1:2c:5c:7e:ed:1a:64:a2:b4:7b:57:8d:7f:29:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 27 19:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22004ce05749ef7cb3e84c06ea50e0941640f611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:94:67:7c:62:96:e0:f1:b1:97:27:a9:cf:da:
ce:e0:8e:38:ed:98:8d:44:9f:57:cd:0f:ce:9e:87:
27:f7:c5:df:eb:72:5b:d1:ee:39:63:b1:14:fa:cf:
08:3e:91:39:7e:92:f9:12:2c:88:c5:25:91:2a:ed:
14:50:75:1c:4c:64:bb:91:f6:3a:84:c0:96:a8:74:
52:ac:a2:75:f8:ba:27:b8:5a:73:a3:ed:87:5d:f4:
46:39:fe:72:ea:a1:c8:74:8c:ce:72:0a:cd:b6:27:
2c:68:6a:c8:f9:fe:84:41:a2:9b:fd:f3:21:ce:f3:
99:6f:bb:e7:16:47:e4:59:99:c4:7f:82:67:9f:b8:
57:fa:c7:0a:f8:f6:47:04:ba:95:24:46:27:55:16:
37:e0:1b:bb:f0:e2:50:c6:27:d6:12:06:2f:63:76:
b1:b8:6f:f9:15:4e:f7:39:ca:f5:a7:7d:27:06:46:
16:c2:c9:19:dc:ad:8d:b1:b1:ce:75:7e:2c:95:3b:
ab:58:74:70:fc:d3:d4:79:87:cf:8f:46:6f:ec:e2:
0e:e2:02:a7:b0:02:7d:e8:89:cf:4f:4e:92:ec:16:
12:62:75:08:ce:ae:14:56:0e:04:a6:61:0f:34:54:
48:b2:7f:a6:07:35:1b:d4:c8:94:98:cf:52:71:72:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:00:4C:E0:57:49:EF:7C:B3:E8:4C:06:EA:50:E0:94:16:40:F6:11
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/IgBM4FdJ73yz6EwG6lDglBZA9hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.51.232.0/24
92.51.234.0/23
92.51.255.0/24
103.210.196.0/24
107.150.166.0/24
155.2.180.0/23
185.161.111.0/24
192.140.220.0/23
203.188.165.0/24
203.188.181.0/24
213.254.160.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:d1:3f:11:ec:fa:c2:67:e9:da:64:fe:1d:8e:bb:d0:83:1c:
f5:92:a5:1d:2b:c3:df:fb:af:b9:94:8b:c3:3a:07:43:2e:c9:
c2:aa:46:b6:ec:c1:94:92:05:31:8b:98:53:bf:c5:c5:6e:9e:
fc:79:6e:77:e1:8b:7f:ef:e9:f6:a3:6a:45:37:65:fd:23:dd:
42:6b:28:39:66:0d:fe:9a:c4:da:e7:ab:b5:73:4c:fc:11:68:
4f:e8:7f:31:6e:d3:b5:59:d3:9c:31:80:7e:29:94:fb:3a:6c:
75:5c:67:d1:7e:86:c0:8f:f8:29:ec:53:4a:f5:7e:e7:3a:17:
f3:2d:df:15:dd:de:7c:e2:7c:04:8f:73:f3:45:11:80:cf:f0:
64:d9:76:bc:0e:c4:d5:19:99:53:51:14:20:ca:30:95:cd:21:
33:a6:2e:07:0b:5f:94:a4:c1:b6:ea:5d:fc:0a:56:f0:9d:17:
84:08:09:db:6c:e5:0d:8e:50:93:83:de:3e:07:45:91:f2:fb:
62:0e:ad:03:d6:d2:2d:61:ac:b5:4c:14:5e:7e:5d:c6:11:cc:
47:3f:fc:46:01:f6:ba:79:80:9e:ec:91:1e:7f:52:45:5c:52:
85:b3:df:e1:04:8a:57:98:bb:11:a3:e7:90:53:2e:7c:7b:8c:
d6:67:b4:17
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZVI8Sxcfu0aZKK0e1eNfynvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI3MTk0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjAwNGNlMDU3NDllZjdjYjNlODRjMDZlYTUwZTA5NDE2NDBmNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpRnfGKW4PGxlyepz9rO4I447ZiN
RJ9XzQ/Onocn98Xf63Jb0e45Y7EU+s8IPpE5fpL5EiyIxSWRKu0UUHUcTGS7kfY6
hMCWqHRSrKJ1+LonuFpzo+2HXfRGOf5y6qHIdIzOcgrNticsaGrI+f6EQaKb/fMh
zvOZb7vnFkfkWZnEf4Jnn7hX+scK+PZHBLqVJEYnVRY34Bu78OJQxifWEgYvY3ax
uG/5FU73Ocr1p30nBkYWwskZ3K2NsbHOdX4slTurWHRw/NPUeYfPj0Zv7OIO4gKn
sAJ96InPT06S7BYSYnUIzq4UVg4EpmEPNFRIsn+mBzUb1MiUmM9ScXIHWwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCIATOBXSe98s+hMBupQ4JQWQPYRMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSWdCTTRGZEo3M3l6NkV3RzZsRGdsQlpBOWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVDPoAwQB
XDPqAwQAXDP/AwQAZ9LEAwQAa5amAwQBmwK0AwQAuaFvAwQBwIzcAwQAy7ylAwQA
y7y1AwQA1f6gMA0GCSqGSIb3DQEBCwUAA4IBAQDE0T8R7PrCZ+naZP4djrvQgxz1
kqUdK8Pf+6+5lIvDOgdDLsnCqka27MGUkgUxi5hTv8XFbp78eW534Yt/7+n2o2pF
N2X9I91Cayg5Zg3+msTa56u1c0z8EWhP6H8xbtO1WdOcMYB+KZT7Omx1XGfRfobA
j/gp7FNK9X7nOhfzLd8V3d584nwEj3PzRRGAz/Bk2Xa8DsTVGZlTURQgyjCVzSEz
pi4HC1+UpMG26l38ClbwnReECAnbbOUNjlCTg94+B0WR8vtiDq0D1tItYay1TBRe
fl3GEcxHP/xGAfa6eYCe7JEef1JFXFKFs9/hBIpXmLsRo+eQUy58e4zWZ7QX
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:46:58 2025 by rpki-client