Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/33GgSWAZMCBOl9a8QteJddJTWJE.roa
File: 33GgSWAZMCBOl9a8QteJddJTWJE.roa (raw, json)
Hash identifier: 9Kl7fID4FvcBrN21H67YY1fSZibbpd78RaNlYhkRMxg=
Subject key identifier: DF:71:A0:49:60:19:30:20:4E:97:D6:BC:42:D7:89:75:D2:53:58:91
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC794B1E34AF86F9E3D4EE1C5871AB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/33GgSWAZMCBOl9a8QteJddJTWJE.roa
Signing time: Thu 02 Jan 2025 07:48:10 +0000
ROA not before: Thu 02 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60808
IP address blocks: 185.215.246.0/24 maxlen: 24
188.253.96.0/19 maxlen: 24
193.36.73.0/24 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Feb 2025 12:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:79:4b:1e:34:af:86:f9:e3:d4:ee:1c:58:71:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df71a049601930204e97d6bc42d78975d2535891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e3:bb:c7:e7:88:dc:d4:0b:ef:ed:0d:9f:48:
c6:95:e9:99:58:bb:28:c7:91:5d:77:4a:41:4f:33:
a1:87:ea:e1:e4:d0:4e:4e:ca:99:a5:dd:fb:26:cf:
64:55:98:88:5f:c7:e9:a7:cc:78:4e:f2:ff:a7:f8:
d4:cf:ef:5a:34:8a:57:d0:c5:d0:37:ed:6c:b7:e6:
02:88:2e:fd:7e:d4:83:84:6a:66:d9:bc:12:e9:cb:
db:97:83:b5:e0:ab:16:b0:76:76:2b:00:d2:dd:00:
44:14:94:20:65:43:ca:97:de:5e:0b:56:1e:5f:fb:
15:23:29:d2:96:52:03:3d:92:10:45:90:3a:78:21:
2d:4f:61:e5:0f:a0:97:5b:e5:ad:f3:82:8c:22:c8:
c8:b3:a9:fb:61:5d:6c:fa:58:bf:30:e4:f1:94:da:
d7:88:7f:f3:14:5c:df:c3:23:9a:7a:0c:02:0e:81:
95:8a:ca:3b:c4:39:f4:ec:6b:cd:f7:e8:30:c0:49:
60:f8:2b:d9:53:49:02:7d:f8:f6:61:94:30:c9:62:
2e:c9:69:af:f7:a5:86:64:99:48:da:8e:c6:93:1f:
ed:58:fd:11:dd:3a:32:48:83:04:84:a1:80:c2:fd:
9a:79:a5:65:42:2d:b9:df:e1:88:ec:54:91:df:ac:
53:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:71:A0:49:60:19:30:20:4E:97:D6:BC:42:D7:89:75:D2:53:58:91
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/33GgSWAZMCBOl9a8QteJddJTWJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.246.0/24
188.253.96.0/19
193.36.73.0/24
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
78:37:4c:a3:51:c7:b1:8f:9e:09:2b:8f:ae:56:80:ef:e1:8e:
5f:20:a0:f6:db:dc:89:27:0f:c5:e2:ec:6e:12:3b:d0:d4:7f:
e2:c1:c1:96:4a:3c:9c:17:f0:dc:b2:de:df:59:1f:3e:18:27:
ee:e0:06:d7:a7:09:f4:64:a6:10:25:50:d5:46:11:cc:6e:6c:
35:9b:6e:fe:b1:43:66:29:06:1e:e0:3c:79:9f:76:82:72:cd:
81:bc:09:77:4c:86:e1:01:13:96:98:ef:d6:3f:04:00:77:28:
34:81:5f:dc:bf:fc:be:8e:2a:57:4a:bc:cb:b6:b3:6d:7d:7b:
37:78:05:86:61:c9:c4:ec:78:31:e1:f5:42:e0:aa:91:48:c5:
64:8a:e3:16:b4:01:8d:20:ec:e2:0d:54:4f:09:36:a6:df:1e:
88:2a:b2:46:8f:09:99:a3:52:c3:93:71:e1:30:ca:df:86:e2:
e0:93:b4:43:dd:0b:1f:3e:80:99:36:62:a2:07:94:4a:be:5c:
ef:94:8d:bb:a8:f7:84:7b:62:14:9a:cd:9b:6c:1d:43:d7:ad:
a7:00:09:32:3e:b3:2c:e0:18:7e:e4:d2:b0:67:60:71:1d:1c:
13:09:ed:2b:58:17:ea:52:a6:28:9b:0a:a7:f2:81:5f:56:35:
f2:be:58:2b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQl/HlLHjSvhvnj1O4cWHGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjcxYTA0OTYwMTkzMDIwNGU5N2Q2YmM0MmQ3ODk3NWQyNTM1ODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOO7x+eI3NQL7+0Nn0jGlemZWLso
x5Fdd0pBTzOhh+rh5NBOTsqZpd37Js9kVZiIX8fpp8x4TvL/p/jUz+9aNIpX0MXQ
N+1st+YCiC79ftSDhGpm2bwS6cvbl4O14KsWsHZ2KwDS3QBEFJQgZUPKl95eC1Ye
X/sVIynSllIDPZIQRZA6eCEtT2HlD6CXW+Wt84KMIsjIs6n7YV1s+li/MOTxlNrX
iH/zFFzfwyOaegwCDoGViso7xDn07GvN9+gwwElg+CvZU0kCffj2YZQwyWIuyWmv
96WGZJlI2o7Gkx/tWP0R3ToySIMEhKGAwv2aeaVlQi253+GI7FSR36xTAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN9xoElgGTAgTpfWvELXiXXSU1iRMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMzNHZ1NXQVpNQ0JPbDlhOFF0ZUpkZEpUV0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAudf2AwQF
vP1gAwQAwSRJMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQB4N0yj
Ucexj54JK4+uVoDv4Y5fIKD229yJJw/F4uxuEjvQ1H/iwcGWSjycF/Dcst7fWR8+
GCfu4AbXpwn0ZKYQJVDVRhHMbmw1m27+sUNmKQYe4Dx5n3aCcs2BvAl3TIbhAROW
mO/WPwQAdyg0gV/cv/y+jipXSrzLtrNtfXs3eAWGYcnE7Hgx4fVC4KqRSMVkiuMW
tAGNIOziDVRPCTam3x6IKrJGjwmZo1LDk3HhMMrfhuLgk7RD3QsfPoCZNmKiB5RK
vlzvlI27qPeEe2IUms2bbB1D162nAAkyPrMs4Bh+5NKwZ2BxHRwTCe0rWBfqUqYo
mwqn8oFfVjXyvlgr
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:46:44 2025 by rpki-client