Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/rB9a6It_BI51LShKQfWu2z_YkjQ.roa
File: rB9a6It_BI51LShKQfWu2z_YkjQ.roa (raw, json)
Hash identifier: qUj3zw/5k5BNU4OTRP94WfAlL8VyYv94SZAd0gHdXDY=
Subject key identifier: AC:1F:5A:E8:8B:7F:04:8E:75:2D:28:4A:41:F5:AE:DB:3F:D8:92:34
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 019425FC9A80D7ECA08F5F2F4E8EB2460362
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/rB9a6It_BI51LShKQfWu2z_YkjQ.roa
Signing time: Thu 02 Jan 2025 07:48:19 +0000
ROA not before: Thu 02 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
62.233.57.0/24 maxlen: 24
82.117.252.0/23 maxlen: 23
82.117.254.0/24 maxlen: 24
82.117.255.0/24 maxlen: 24
82.118.20.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
195.211.96.0/23 maxlen: 23
195.211.98.0/23 maxlen: 23
217.12.206.0/23 maxlen: 23
2a05:9400::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Mar 2025 16:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:9a:80:d7:ec:a0:8f:5f:2f:4e:8e:b2:46:03:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 2 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac1f5ae88b7f048e752d284a41f5aedb3fd89234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ac:b2:49:20:b2:85:95:fa:b9:52:b1:86:38:
cb:43:fa:e8:8c:81:36:d2:fe:67:1b:ab:99:b8:e0:
3e:21:d7:b8:bb:c6:37:84:f3:bf:42:0b:2d:23:bf:
41:91:55:f0:01:c1:6b:e3:1e:04:1b:a9:51:63:78:
83:37:88:18:5e:24:3b:59:ba:aa:ff:2f:ea:ae:73:
33:8f:5e:90:c7:05:79:fd:0a:10:b4:af:fe:8c:02:
20:8b:5b:17:3c:bc:83:ac:11:f3:92:9f:f7:cd:89:
04:58:82:92:18:80:a5:b1:7b:43:11:de:f5:53:4a:
66:6f:ce:26:e1:98:af:4c:a5:0d:74:56:41:e4:a4:
8a:ae:99:1b:1c:8f:45:42:c9:ef:90:1f:56:32:14:
83:dc:7e:1d:a1:6a:b4:b2:66:10:92:d8:4c:24:64:
60:3a:32:3c:2f:18:86:03:2d:3d:b0:31:23:88:3d:
99:6f:2a:cf:d9:db:f6:dd:14:25:c5:a5:8f:57:78:
d6:e5:7d:9c:98:2b:1f:f1:24:8a:f8:70:c3:d4:bb:
3b:34:03:0d:a5:78:c7:40:32:90:c9:bc:ff:67:b0:
b9:af:4f:05:b4:5f:fd:86:db:f9:71:14:00:cb:6a:
47:2b:79:5d:31:5d:ee:09:2b:f0:c8:a9:7d:98:ff:
7c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1F:5A:E8:8B:7F:04:8E:75:2D:28:4A:41:F5:AE:DB:3F:D8:92:34
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/rB9a6It_BI51LShKQfWu2z_YkjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
45.90.56.0/22
62.233.57.0/24
82.117.252.0/22
82.118.20.0/22
85.90.196.0/24
195.123.232.0-195.123.247.255
195.211.96.0/22
217.12.206.0/23
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:64:cf:52:fe:a2:e8:c2:10:10:3c:ab:10:4d:1b:42:c0:b0:
3c:ac:2e:2c:82:58:e4:1d:50:e9:df:47:f1:c0:82:7d:9c:8d:
37:5b:ee:f2:ba:74:ae:9f:8d:c1:d8:29:a0:74:a6:72:da:b4:
15:c2:f6:27:5c:93:4b:83:e7:ed:be:cd:cf:2e:d1:69:11:d0:
69:ee:c3:a2:6f:5c:cd:e2:2e:a6:17:4a:fb:28:33:d1:b2:00:
47:15:76:de:41:6b:eb:d6:92:d9:f3:cc:7e:9e:ed:19:b2:c0:
06:11:21:5f:18:72:a1:41:93:f1:36:ab:19:78:03:34:37:88:
00:ac:62:bf:19:47:35:3c:70:a5:d9:76:8a:37:38:5d:6c:38:
15:01:52:1d:81:27:30:e5:92:a1:75:57:51:50:b4:04:53:50:
c9:59:9f:d2:93:ba:74:95:9f:27:c1:f6:5e:d6:40:a5:6a:c6:
ef:0b:72:39:0d:e5:9b:a0:a2:62:8d:e7:b4:61:69:bd:d9:e8:
d0:ec:7b:f5:b4:bf:4f:b0:da:c4:03:74:3c:8f:9c:a4:7c:91:
e5:85:95:00:54:8f:57:cc:fb:f2:0f:83:8f:38:10:64:64:53:
d9:03:e1:20:c1:97:9b:44:0d:46:48:c5:7a:ce:99:0f:e7:62:
55:6f:91:12
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZQl/JqA1+ygj18vTo6yRgNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwMTAyMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFmNWFlODhiN2YwNDhlNzUyZDI4NGE0MWY1YWVkYjNmZDg5MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06yySSCyhZX6uVKxhjjLQ/rojIE2
0v5nG6uZuOA+Ide4u8Y3hPO/QgstI79BkVXwAcFr4x4EG6lRY3iDN4gYXiQ7Wbqq
/y/qrnMzj16QxwV5/QoQtK/+jAIgi1sXPLyDrBHzkp/3zYkEWIKSGIClsXtDEd71
U0pmb84m4ZivTKUNdFZB5KSKrpkbHI9FQsnvkB9WMhSD3H4doWq0smYQkthMJGRg
OjI8LxiGAy09sDEjiD2ZbyrP2dv23RQlxaWPV3jW5X2cmCsf8SSK+HDD1Ls7NAMN
pXjHQDKQybz/Z7C5r08FtF/9htv5cRQAy2pHK3ldMV3uCSvwyKl9mP98SwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFKwfWuiLfwSOdS0oSkH1rts/2JI0MB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvckI5YTZJdF9CSTUxTFNoS1FmV3Uyel9Za2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBEBAIAATA+AwQCBSKwAwQC
LVo4AwQAPuk5AwQCUnX8AwQCUnYUAwQAVVrEMAwDBAPDe+gDBAPDe/ADBALD02AD
BAHZDM4wJQQCAAIwHzANAwQCKgWUAwUAKgWUBjAOAwUGKhJvwAMFACoSb8IwDQYJ
KoZIhvcNAQELBQADggEBAHVkz1L+oujCEBA8qxBNG0LAsDysLiyCWOQdUOnfR/HA
gn2cjTdb7vK6dK6fjcHYKaB0pnLatBXC9idck0uD5+2+zc8u0WkR0Gnuw6JvXM3i
LqYXSvsoM9GyAEcVdt5Ba+vWktnzzH6e7RmywAYRIV8YcqFBk/E2qxl4AzQ3iACs
Yr8ZRzU8cKXZdoo3OF1sOBUBUh2BJzDlkqF1V1FQtARTUMlZn9KTunSVnyfB9l7W
QKVqxu8LcjkN5ZugomKN57Rhab3Z6NDse/W0v0+w2sQDdDyPnKR8keWFlQBUj1fM
+/IPg484EGRkU9kD4SDBl5tEDUZIxXrOmQ/nYlVvkRI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:19:22 2025 by rpki-client