Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9PXBGYncpSqlieIahPsS-GCB4gQ.roa
File: 9PXBGYncpSqlieIahPsS-GCB4gQ.roa (raw, json)
Hash identifier: U9EZGSImrkPJeE/FvdZiNjn2KNMGUU7BgwAUG1xk2Fs=
Subject key identifier: F4:F5:C1:19:89:DC:A5:2A:A5:89:E2:1A:84:FB:12:F8:60:81:E2:04
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC845FAEC252FC460DFBF615CF9018
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9PXBGYncpSqlieIahPsS-GCB4gQ.roa
Signing time: Thu 02 Jan 2025 07:48:13 +0000
ROA not before: Thu 02 Jan 2025 07:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213122
IP address blocks: 45.139.6.0/23 maxlen: 24
178.173.236.0/22 maxlen: 24
178.173.242.0/23 maxlen: 24
178.173.244.0/22 maxlen: 24
188.253.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Feb 2025 12:26:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:84:5f:ae:c2:52:fc:46:0d:fb:f6:15:cf:90:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4f5c11989dca52aa589e21a84fb12f86081e204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:b8:83:11:d2:3d:7f:8c:64:e5:30:f3:ea:
06:8a:88:1b:5e:42:0d:8e:06:32:01:a0:e0:d4:10:
fe:3e:b9:60:3d:aa:d1:68:dc:06:3b:c1:00:69:b1:
7e:20:77:f4:b1:59:79:fb:c0:8b:9e:11:4d:23:c9:
a2:a1:c0:76:83:bf:13:ae:52:79:93:dc:72:6b:0c:
58:8a:ea:2b:3e:30:0a:3c:16:98:ed:b8:f8:e6:b5:
39:96:1c:20:c4:d9:83:98:81:12:e2:eb:41:1b:33:
7d:ac:9d:e8:dd:35:70:e3:fc:1d:c5:aa:69:d4:f1:
ea:58:dc:c7:24:11:24:22:21:8f:de:aa:75:65:8e:
50:13:16:5b:68:bc:d1:5f:94:32:c4:09:e9:bc:ef:
f5:91:79:7c:ac:87:5f:0f:82:38:1d:1c:39:ae:85:
7d:56:48:d9:f5:be:6c:5b:f0:c3:37:68:e7:38:5f:
01:23:d9:bf:e5:ec:42:05:e8:96:16:ac:90:ae:e4:
a6:e7:df:57:f3:6b:c8:62:8b:6f:bf:15:26:eb:aa:
68:73:a9:fa:f1:3d:1d:26:b8:b9:8a:f5:2d:f0:0d:
5d:9a:ec:10:55:2c:90:73:51:9f:29:04:f4:df:14:
e9:e9:73:f6:d8:32:33:98:3f:a1:4c:1e:e2:24:1e:
e7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F5:C1:19:89:DC:A5:2A:A5:89:E2:1A:84:FB:12:F8:60:81:E2:04
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9PXBGYncpSqlieIahPsS-GCB4gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
178.173.236.0/22
178.173.242.0-178.173.247.255
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
12:f2:08:0d:39:57:61:23:be:16:2d:1e:6a:52:cb:8a:34:e9:
4e:d6:1c:66:ed:07:f8:9b:82:a7:21:ce:ed:de:5d:a8:7d:d8:
cf:ab:f8:2c:3f:20:14:c6:45:5c:97:4d:bc:68:f2:b3:21:bd:
12:96:34:4d:a0:98:08:80:e2:18:f9:06:8b:da:f3:86:e2:f1:
f9:2d:1c:a3:85:ee:c6:ea:32:bb:c8:e2:a9:b6:60:1b:12:77:
1e:33:24:76:d4:c7:1e:29:23:9b:69:0a:29:23:ad:d4:10:56:
48:98:ae:9c:39:76:c0:51:ae:ea:73:7e:6d:21:b4:bf:30:72:
59:04:b4:61:44:52:f9:98:18:fc:c3:84:98:42:cd:a2:0d:bf:
f2:5e:96:9c:c4:2f:e9:cb:fe:6e:4e:9d:2d:74:55:17:95:4b:
26:79:a3:b7:45:7d:b4:a0:f7:f0:55:47:55:03:d1:60:34:af:
dc:7d:2a:14:f8:d8:41:19:bc:9c:3c:ec:b1:6f:0f:d1:a0:a6:
5b:c6:19:8e:e9:94:a3:34:88:bb:0f:af:f0:89:89:7e:27:92:
23:69:ff:f8:3f:ff:11:d3:bd:61:20:e3:36:f9:70:46:7f:ab:
f7:fd:8e:19:89:5f:8a:d9:83:91:d3:0d:21:04:fd:6b:dc:1e:
12:3b:cd:69
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/IRfrsJS/EYN+/YVz5AYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY1YzExOTg5ZGNhNTJhYTU4OWUyMWE4NGZiMTJmODYwODFlMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh24gxHSPX+MZOUw8+oGiogbXkIN
jgYyAaDg1BD+PrlgParRaNwGO8EAabF+IHf0sVl5+8CLnhFNI8miocB2g78TrlJ5
k9xyawxYiuorPjAKPBaY7bj45rU5lhwgxNmDmIES4utBGzN9rJ3o3TVw4/wdxapp
1PHqWNzHJBEkIiGP3qp1ZY5QExZbaLzRX5QyxAnpvO/1kXl8rIdfD4I4HRw5roV9
VkjZ9b5sW/DDN2jnOF8BI9m/5exCBeiWFqyQruSm599X82vIYotvvxUm66poc6n6
8T0dJri5ivUt8A1dmuwQVSyQc1GfKQT03xTp6XP22DIzmD+hTB7iJB7nVwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPT1wRmJ3KUqpYniGoT7EvhggeIEMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvOVBYQkdZbmNwU3FsaWVJYWhQc1MtR0NCNGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLYsGAwQC
sq3sMAwDBAGyrfIDBAOyrfADBAK8/RwwDQYJKoZIhvcNAQELBQADggEBABLyCA05
V2EjvhYtHmpSy4o06U7WHGbtB/ibgqchzu3eXah92M+r+Cw/IBTGRVyXTbxo8rMh
vRKWNE2gmAiA4hj5Bova84bi8fktHKOF7sbqMrvI4qm2YBsSdx4zJHbUxx4pI5tp
CikjrdQQVkiYrpw5dsBRrupzfm0htL8wclkEtGFEUvmYGPzDhJhCzaINv/JelpzE
L+nL/m5OnS10VReVSyZ5o7dFfbSg9/BVR1UD0WA0r9x9KhT42EEZvJw87LFvD9Gg
plvGGY7plKM0iLsPr/CJiX4nkiNp//g//xHTvWEg4zb5cEZ/q/f9jhmJX4rZg5HT
DSEE/WvcHhI7zWk=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:53:09 2025 by rpki-client