Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/c3ds6d4f3d2bUzF1J6aOJ1_dOy0.roa
File: c3ds6d4f3d2bUzF1J6aOJ1_dOy0.roa (raw, json)
Hash identifier: M8MQ1nYEUemcYuT96xe0d/69h4Lq3y2ift6A+qkvwdE=
Subject key identifier: 73:77:6C:E9:DE:1F:DD:DD:9B:53:31:75:27:A6:8E:27:5F:DD:3B:2D
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 0192AEFB4B0042B6017EF662382DD66A374E
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/c3ds6d4f3d2bUzF1J6aOJ1_dOy0.roa
Signing time: Mon 21 Oct 2024 12:09:17 +0000
ROA not before: Mon 21 Oct 2024 12:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12541
IP address blocks: 84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
176.98.220.0/22 maxlen: 24
185.66.60.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
212.49.128.0/18 maxlen: 24
212.49.189.0/24 maxlen: 24
2a0d:59c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:fb:4b:00:42:b6:01:7e:f6:62:38:2d:d6:6a:37:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 21 12:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73776ce9de1fdddd9b53317527a68e275fdd3b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b4:f2:87:6d:bf:74:2b:99:4f:5e:b1:9a:3b:
8b:68:da:cf:6d:a2:1b:6b:d4:02:22:71:f1:10:20:
2f:40:9e:1d:5e:95:af:61:da:f6:72:19:6d:f5:56:
af:3b:6d:1d:b4:ca:e6:d7:37:83:e3:69:8b:96:8a:
e7:b7:b1:da:03:3e:ee:5c:e6:f1:e4:5a:36:b8:b1:
15:0d:8f:38:e0:6f:b8:8f:df:b8:f1:81:e0:dd:2f:
c9:bd:a8:c1:a8:dc:56:28:6c:65:2c:17:31:ae:da:
6a:39:40:44:68:7d:5d:ad:f2:e0:48:c9:f6:ac:8e:
fd:e0:bd:2d:63:48:6a:06:f9:30:b8:a0:e8:09:7d:
11:53:14:53:31:ed:e5:37:0f:ea:00:2f:b0:0e:71:
d1:a5:60:58:16:cb:43:20:ab:55:33:d2:45:fa:b5:
1d:e5:28:7e:21:15:d5:34:62:18:32:4e:18:00:bb:
ab:aa:13:9b:c6:31:b6:0c:60:85:ea:ba:0e:8c:44:
6c:d7:29:f3:a9:f3:9f:75:77:11:d0:6a:79:ce:31:
63:6f:25:4e:0f:5e:f0:b3:66:46:68:c8:0e:3d:a7:
60:7a:70:71:4b:e8:e7:0f:3c:b4:88:30:0f:b3:a4:
eb:10:56:d4:c2:2e:0d:72:7d:ac:4f:8d:35:42:72:
ec:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:77:6C:E9:DE:1F:DD:DD:9B:53:31:75:27:A6:8E:27:5F:DD:3B:2D
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/c3ds6d4f3d2bUzF1J6aOJ1_dOy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.0.0/19
92.60.160.0/20
176.98.220.0/22
185.66.60.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
212.49.128.0/18
IPv6:
2a0d:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:1d:5f:6e:dc:07:05:57:e7:a6:a3:8e:4c:39:7a:d7:8a:3f:
e0:cc:27:5d:ba:12:6d:bf:8e:31:d5:22:e6:a7:30:8f:16:6c:
65:76:a1:36:04:48:af:d7:b2:d5:36:08:3a:6f:15:e9:c1:ad:
30:6c:b7:9c:29:b1:cb:cf:43:9f:05:3f:e2:e3:e4:56:5f:93:
e2:fb:03:b3:c1:c5:9f:a0:1f:ca:c4:79:07:62:bf:09:e8:ac:
64:10:8f:e8:a4:90:2d:9a:5c:81:06:4a:6b:35:ce:c4:d3:1f:
c5:ee:d5:b9:a8:cb:80:4a:87:e5:e8:e8:43:ae:7d:9f:3b:f4:
b8:a3:b5:f4:c6:7d:ab:92:3c:f9:8b:c1:28:ba:2f:16:96:ab:
d0:09:d4:a7:3b:f7:86:a4:33:06:f1:08:4e:b5:ab:79:5a:5d:
57:a4:5b:d1:e3:5e:ae:46:ca:30:ec:74:2d:d0:0f:be:42:b0:
55:cb:cd:04:f1:ea:93:ec:81:0b:bb:9f:8b:6c:1b:4f:e5:df:
6a:79:72:a0:3f:84:d0:56:ef:10:5b:a4:4c:99:b4:fd:59:76:
ce:17:de:1b:90:02:53:e0:6d:5c:ac:27:3e:4b:04:a8:2d:ad:
b2:63:ac:48:0a:b9:22:40:ca:0c:d8:c9:8f:59:4e:2f:39:0d:
ee:e6:af:8c
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZKu+0sAQrYBfvZiOC3WajdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDIxMTIwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzc3NmNlOWRlMWZkZGRkOWI1MzMxNzUyN2E2OGUyNzVmZGQzYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrTyh22/dCuZT16xmjuLaNrPbaIb
a9QCInHxECAvQJ4dXpWvYdr2chlt9VavO20dtMrm1zeD42mLlornt7HaAz7uXObx
5Fo2uLEVDY844G+4j9+48YHg3S/JvajBqNxWKGxlLBcxrtpqOUBEaH1drfLgSMn2
rI794L0tY0hqBvkwuKDoCX0RUxRTMe3lNw/qAC+wDnHRpWBYFstDIKtVM9JF+rUd
5Sh+IRXVNGIYMk4YALurqhObxjG2DGCF6roOjERs1ynzqfOfdXcR0Gp5zjFjbyVO
D17ws2ZGaMgOPadgenBxS+jnDzy0iDAPs6TrEFbUwi4Ncn2sT401QnLsyQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFHN3bOneH93dm1MxdSemjidf3TstMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvYzNkczZkNGYzZDJiVXpGMUo2YU9KMV9kT3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQFVBIAAwQE
XDygAwQCsGLcAwQCuUI8AwQCuZHgAwQCuZtAAwQCua0sAwQCubu0AwQCueBMAwQC
wSLwAwQG1DGAMA0EAgACMAcDBQMqDVnAMA0GCSqGSIb3DQEBCwUAA4IBAQAqHV9u
3AcFV+emo45MOXrXij/gzCdduhJtv44x1SLmpzCPFmxldqE2BEiv17LVNgg6bxXp
wa0wbLecKbHLz0OfBT/i4+RWX5Pi+wOzwcWfoB/KxHkHYr8J6KxkEI/opJAtmlyB
BkprNc7E0x/F7tW5qMuASofl6OhDrn2fO/S4o7X0xn2rkjz5i8Eoui8WlqvQCdSn
O/eGpDMG8QhOtat5Wl1XpFvR416uRsow7HQt0A++QrBVy80E8eqT7IELu5+LbBtP
5d9qeXKgP4TQVu8QW6RMmbT9WXbOF94bkAJT4G1crCc+SwSoLa2yY6xICrkiQMoM
2MmPWU4vOQ3u5q+M
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:15:13 2025 by rpki-client