Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/CSuPg2oTZVHU-UIPOasaF_1kGtE.roa
File: CSuPg2oTZVHU-UIPOasaF_1kGtE.roa (raw, json)
Hash identifier: vdj6Id8VaOAvY4t8nqwQLeNFxtr1xKQ3VARpCTv20LY=
Subject key identifier: 09:2B:8F:83:6A:13:65:51:D4:F9:42:0F:39:AB:1A:17:FD:64:1A:D1
Certificate issuer: /CN=9248f131b1e1207fb49082b0e0642fd1a63e1aa6
Certificate serial: 01968834E71BB94AB0E40B9340CCE0377FF0
Authority key identifier: 92:48:F1:31:B1:E1:20:7F:B4:90:82:B0:E0:64:2F:D1:A6:3E:1A:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kkjxMbHhIH-0kIKw4GQv0aY-GqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/CSuPg2oTZVHU-UIPOasaF_1kGtE.roa
Signing time: Wed 30 Apr 2025 19:38:10 +0000
ROA not before: Wed 30 Apr 2025 19:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30286
IP address blocks: 185.32.240.0/22 maxlen: 24
185.32.240.0/23 maxlen: 24
185.32.241.0/24 maxlen: 24
185.32.242.0/23 maxlen: 24
185.32.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 20:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:34:e7:1b:b9:4a:b0:e4:0b:93:40:cc:e0:37:7f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9248f131b1e1207fb49082b0e0642fd1a63e1aa6
Validity
Not Before: Apr 30 19:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=092b8f836a136551d4f9420f39ab1a17fd641ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:36:e5:9b:f9:e2:61:e1:41:3b:31:63:9e:51:
f1:18:f0:0e:c5:20:54:63:eb:57:43:3a:32:ad:0a:
29:3e:72:0a:89:8b:00:24:c5:09:5a:0a:ba:d0:b1:
be:ab:3f:22:ec:50:99:f2:1c:e6:a2:ef:a7:23:33:
5a:d7:40:2e:46:ce:39:d1:f9:27:4b:ac:14:ec:7c:
98:8c:9d:7d:18:44:8f:1e:ed:75:13:7a:65:55:8c:
61:f6:c2:9f:be:aa:a2:30:1e:a3:c9:79:db:17:8e:
cc:5a:90:b9:15:8e:ef:01:83:1c:66:0c:45:2f:2a:
18:b2:2b:32:06:dc:45:98:12:3b:e8:9c:1a:c4:2c:
4e:b4:11:66:70:f4:6a:51:13:ac:5f:91:88:5b:a0:
de:04:67:6b:80:dd:73:f6:23:10:10:50:7e:ae:2e:
e3:01:e0:72:c3:ab:4b:a6:b8:47:4b:34:01:e3:28:
25:a6:eb:fd:cc:ec:18:f6:66:a7:c8:ad:55:1c:56:
c6:1a:e0:28:6b:cb:f3:24:7e:e8:63:49:4c:04:bc:
aa:a9:f5:4a:97:c5:4a:84:7e:55:d4:7a:45:9e:c5:
ad:30:4e:c6:fb:4d:3d:56:e1:ce:bf:fb:23:82:b8:
fc:d7:3d:b0:55:0a:df:09:70:67:88:f2:e9:af:90:
ea:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2B:8F:83:6A:13:65:51:D4:F9:42:0F:39:AB:1A:17:FD:64:1A:D1
X509v3 Authority Key Identifier:
keyid:92:48:F1:31:B1:E1:20:7F:B4:90:82:B0:E0:64:2F:D1:A6:3E:1A:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kkjxMbHhIH-0kIKw4GQv0aY-GqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/CSuPg2oTZVHU-UIPOasaF_1kGtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/77535f-473b-43d3-af43-e481751d684f/1/kkjxMbHhIH-0kIKw4GQv0aY-GqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.240.0/22
Signature Algorithm: sha256WithRSAEncryption
18:b1:b5:61:46:cf:f2:46:b0:4e:af:3d:4e:15:5d:e2:5d:70:
23:c9:3c:00:2e:3e:b5:e6:99:1c:e0:4a:73:62:1a:45:94:d2:
5e:10:e9:9f:99:8c:63:e2:c7:01:a2:f3:6f:5f:b1:ff:0e:65:
48:4d:f0:e8:a1:a3:18:13:7a:dc:9a:ad:bf:aa:45:f0:0f:e5:
41:0e:c1:64:7c:d9:a6:c2:66:c3:37:52:d4:f7:2a:31:d3:7b:
40:1a:8e:cc:e2:5d:88:32:0c:17:e2:64:60:5f:3c:e5:12:fd:
77:f3:7f:51:5e:44:34:06:be:c1:13:19:8a:8c:20:68:6b:4c:
d9:db:39:f0:05:40:1f:fc:90:3b:28:8e:40:57:14:00:ef:71:
e8:9b:b9:8a:a4:c8:96:84:e2:9d:ee:f3:16:6d:8f:02:09:73:
57:16:18:c9:30:1a:16:94:2c:64:b0:b0:af:88:28:75:ab:21:
74:e7:d1:b0:f5:43:1c:04:5b:ac:e8:d3:57:74:a5:0b:3a:df:
dc:0b:39:b1:66:f6:21:f7:6f:36:c6:9f:0f:43:51:9c:98:8c:
af:67:83:74:91:4e:41:c1:30:fe:49:9b:3b:05:38:92:57:23:
dc:68:cb:50:2e:63:18:00:b7:c7:c8:70:a0:b4:7c:4c:ea:a5:
84:68:1b:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaINOcbuUqw5AuTQMzgN3/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNDhmMTMxYjFlMTIwN2ZiNDkwODJiMGUwNjQyZmQxYTYz
ZTFhYTYwHhcNMjUwNDMwMTkzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTJiOGY4MzZhMTM2NTUxZDRmOTQyMGYzOWFiMWExN2ZkNjQxYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTblm/niYeFBOzFjnlHxGPAOxSBU
Y+tXQzoyrQopPnIKiYsAJMUJWgq60LG+qz8i7FCZ8hzmou+nIzNa10AuRs450fkn
S6wU7HyYjJ19GESPHu11E3plVYxh9sKfvqqiMB6jyXnbF47MWpC5FY7vAYMcZgxF
LyoYsisyBtxFmBI76JwaxCxOtBFmcPRqUROsX5GIW6DeBGdrgN1z9iMQEFB+ri7j
AeByw6tLprhHSzQB4yglpuv9zOwY9manyK1VHFbGGuAoa8vzJH7oY0lMBLyqqfVK
l8VKhH5V1HpFnsWtME7G+009VuHOv/sjgrj81z2wVQrfCXBniPLpr5DqHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkrj4NqE2VR1PlCDzmrGhf9ZBrRMB8GA1UdIwQY
MBaAFJJI8TGx4SB/tJCCsOBkL9GmPhqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2tqeE1iSGhJSC0wa0lLdzRHUXYwYVktR3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83NzUzNWYtNDczYi00M2QzLWFmNDMt
ZTQ4MTc1MWQ2ODRmLzEvQ1N1UGcyb1RaVkhVLVVJUE9hc2FGXzFrR3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83NzUzNWYtNDczYi00M2QzLWFmNDMtZTQ4MTc1MWQ2ODRm
LzEva2tqeE1iSGhJSC0wa0lLdzRHUXYwYVktR3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSDwMA0G
CSqGSIb3DQEBCwUAA4IBAQAYsbVhRs/yRrBOrz1OFV3iXXAjyTwALj615pkc4Epz
YhpFlNJeEOmfmYxj4scBovNvX7H/DmVITfDooaMYE3rcmq2/qkXwD+VBDsFkfNmm
wmbDN1LU9yox03tAGo7M4l2IMgwX4mRgXzzlEv13839RXkQ0Br7BExmKjCBoa0zZ
2znwBUAf/JA7KI5AVxQA73Hom7mKpMiWhOKd7vMWbY8CCXNXFhjJMBoWlCxksLCv
iCh1qyF059Gw9UMcBFus6NNXdKULOt/cCzmxZvYh9282xp8PQ1GcmIyvZ4N0kU5B
wTD+SZs7BTiSVyPcaMtQLmMYALfHyHCgtHxM6qWEaBuR
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:57:41 2025 by rpki-client