Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/b1LALp9SBNFAhdgVfZrDsmuoQEY.roa
File: b1LALp9SBNFAhdgVfZrDsmuoQEY.roa (raw, json)
Hash identifier: ACP3NLutTv8BHg4ln+aJA7SrAoY5TSD3O9XL2uHX6Pg=
Subject key identifier: 6F:52:C0:2E:9F:52:04:D1:40:85:D8:15:7D:9A:C3:B2:6B:A8:40:46
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 01961FC75C04ECCC637480E90FB80DCF8455
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/b1LALp9SBNFAhdgVfZrDsmuoQEY.roa
Signing time: Thu 10 Apr 2025 12:58:01 +0000
ROA not before: Thu 10 Apr 2025 12:58:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8391
IP address blocks: 185.119.138.0/23 maxlen: 24
194.77.54.0/23 maxlen: 23
195.138.32.0/20 maxlen: 24
195.138.54.0/24 maxlen: 24
195.138.56.0/21 maxlen: 24
195.253.0.0/16 maxlen: 24
195.253.6.0/24 maxlen: 24
195.253.96.0/19 maxlen: 24
2a01:5b0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Apr 2025 11:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:c7:5c:04:ec:cc:63:74:80:e9:0f:b8:0d:cf:84:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Apr 10 12:58:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f52c02e9f5204d14085d8157d9ac3b26ba84046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ed:96:30:90:d5:d5:a7:af:3d:3d:8e:22:8f:
33:55:0d:aa:f8:dd:6d:fd:5b:10:d9:96:ac:76:29:
4a:e4:af:8c:e5:22:f0:d3:47:f5:51:a4:89:c4:5e:
c8:ae:52:8f:a7:62:fa:3d:ed:1f:5b:94:0e:9b:d3:
18:45:98:1e:5c:99:6b:09:71:f1:a1:3a:5c:04:af:
ec:62:53:75:bb:19:58:c8:fb:4b:83:f7:e4:90:a8:
b8:9c:9b:b0:9e:43:7c:ec:35:3f:ee:89:5f:a6:8d:
de:15:64:bb:7c:1f:48:25:2a:c9:3a:ce:9f:1d:e8:
eb:89:9c:84:c7:2d:d2:e2:a8:37:9c:7e:9b:21:5d:
75:6e:70:e0:3f:47:36:0a:06:52:9b:8a:73:44:eb:
70:ed:52:57:3a:fa:e0:ba:8c:9b:9b:27:89:ba:6f:
a0:5d:8d:28:8f:34:59:84:46:8c:db:a2:3e:97:1a:
36:ae:05:56:99:8b:e4:43:c1:f3:dd:4e:bb:3a:b4:
c2:8c:07:1c:ed:b5:cb:b8:3d:ac:0c:9c:e0:c7:7f:
ec:a0:52:39:50:c8:ae:b2:6e:6c:00:5e:2c:08:84:
b6:6e:ce:ee:2d:2e:82:81:ed:c7:a6:9d:ca:e5:b2:
17:2e:69:a2:d9:49:0f:1e:fc:8d:90:ea:71:17:d8:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:52:C0:2E:9F:52:04:D1:40:85:D8:15:7D:9A:C3:B2:6B:A8:40:46
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/b1LALp9SBNFAhdgVfZrDsmuoQEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.138.0/23
194.77.54.0/23
195.138.32.0/20
195.138.54.0/24
195.138.56.0/21
195.253.0.0/16
IPv6:
2a01:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
38:a6:8a:03:fd:55:99:93:96:c4:e6:e5:28:f1:07:d7:b1:ab:
ff:9d:f9:24:99:15:25:25:58:be:fd:27:2b:32:48:89:52:db:
c8:db:76:e6:04:b9:66:d4:63:7d:e2:24:d4:1f:df:ce:4a:79:
74:fe:88:7c:db:46:2e:94:50:0b:6f:47:3c:1f:02:c6:a1:0a:
35:62:09:35:d2:ce:e1:2e:c9:c6:03:66:43:81:cf:5a:87:21:
47:a2:b3:58:fb:06:75:46:d9:de:44:95:a7:2b:1c:3a:9c:fa:
7e:df:40:f3:37:9c:b0:f0:12:75:03:f8:8b:d2:91:22:8a:c4:
ff:c2:a8:f5:ee:60:6f:92:1b:8e:ae:cb:af:81:30:bf:61:ca:
6f:ca:61:1d:9f:e6:a4:6a:d4:3e:6b:54:8b:b4:ac:1d:d8:d8:
6a:39:73:aa:c1:a6:56:d3:89:5e:ff:44:07:bc:72:18:4c:74:
ac:5d:2c:84:5b:69:19:2d:34:f2:1c:14:cb:6b:4a:15:33:37:
07:65:2b:9b:d0:b9:6c:48:28:24:b5:c5:05:ba:d0:a6:bb:6f:
e3:b9:05:89:18:5d:b5:47:16:f7:a8:50:a9:f5:dc:7f:1b:a7:
89:00:7e:75:37:6b:59:e1:4a:ff:28:6e:13:7c:11:c7:1c:d1:
c6:82:19:a9
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZYfx1wE7MxjdIDpD7gNz4RVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwNDEwMTI1ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjUyYzAyZTlmNTIwNGQxNDA4NWQ4MTU3ZDlhYzNiMjZiYTg0MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+2WMJDV1aevPT2OIo8zVQ2q+N1t
/VsQ2ZasdilK5K+M5SLw00f1UaSJxF7IrlKPp2L6Pe0fW5QOm9MYRZgeXJlrCXHx
oTpcBK/sYlN1uxlYyPtLg/fkkKi4nJuwnkN87DU/7olfpo3eFWS7fB9IJSrJOs6f
HejriZyExy3S4qg3nH6bIV11bnDgP0c2CgZSm4pzROtw7VJXOvrguoybmyeJum+g
XY0ojzRZhEaM26I+lxo2rgVWmYvkQ8Hz3U67OrTCjAcc7bXLuD2sDJzgx3/soFI5
UMiusm5sAF4sCIS2bs7uLS6Cge3Hpp3K5bIXLmmi2UkPHvyNkOpxF9hPhwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFG9SwC6fUgTRQIXYFX2aw7JrqEBGMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvYjFMQUxwOVNCTkZBaGRnVmZackRzbXVvUUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQBuXeKAwQB
wk02AwQEw4ogAwQAw4o2AwQDw4o4AwMAw/0wDQQCAAIwBwMFACoBBbAwDQYJKoZI
hvcNAQELBQADggEBADimigP9VZmTlsTm5SjxB9exq/+d+SSZFSUlWL79JysySIlS
28jbduYEuWbUY33iJNQf385KeXT+iHzbRi6UUAtvRzwfAsahCjViCTXSzuEuycYD
ZkOBz1qHIUeis1j7BnVG2d5ElacrHDqc+n7fQPM3nLDwEnUD+IvSkSKKxP/CqPXu
YG+SG46uy6+BML9hym/KYR2f5qRq1D5rVIu0rB3Y2Go5c6rBplbTiV7/RAe8chhM
dKxdLIRbaRktNPIcFMtrShUzNwdlK5vQuWxIKCS1xQW60Ka7b+O5BYkYXbVHFveo
UKn13H8bp4kAfnU3a1nhSv8obhN8Eccc0caCGak=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:52 2025 by rpki-client