Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/nACrc5_tImFO-Af-F7P_mDnjmvw.roa
File: nACrc5_tImFO-Af-F7P_mDnjmvw.roa (raw, json)
Hash identifier: F5D9qQqV9eDtAt7qqEBoUgEUCa9gAAOdbOjcrsne+Qw=
Subject key identifier: 9C:00:AB:73:9F:ED:22:61:4E:F8:07:FE:17:B3:FF:98:39:E3:9A:FC
Certificate issuer: /CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Certificate serial: 019421B23DE856DBB54F9FFF524F141CCB7E
Authority key identifier: C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/nACrc5_tImFO-Af-F7P_mDnjmvw.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59790
IP address blocks: 5.154.233.0/24 maxlen: 24
5.183.208.0/24 maxlen: 24
91.240.40.0/22 maxlen: 22
93.92.116.0/22 maxlen: 22
94.176.100.0/22 maxlen: 22
185.35.232.0/22 maxlen: 22
185.67.120.0/24 maxlen: 24
185.107.24.0/22 maxlen: 22
185.125.36.0/22 maxlen: 22
185.224.116.0/22 maxlen: 22
193.32.11.0/24 maxlen: 24
193.124.76.0/22 maxlen: 22
193.124.144.0/21 maxlen: 21
194.135.200.0/21 maxlen: 21
195.216.136.0/22 maxlen: 22
2a04:65c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 18 Mar 2025 21:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3d:e8:56:db:b5:4f:9f:ff:52:4f:14:1c:cb:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c00ab739fed22614ef807fe17b3ff9839e39afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ef:f0:90:1b:80:67:3b:eb:56:8b:67:0e:3d:
10:a1:3c:9f:b6:8d:79:f5:8d:f5:d4:f7:a8:8e:53:
a9:08:da:9a:b5:5e:72:be:2d:bc:0c:bf:a9:69:a0:
b0:19:f0:c9:f0:9e:29:94:67:f7:74:b5:7f:9b:d1:
94:86:19:d4:29:de:e0:f0:7e:e3:03:5b:bc:7a:94:
1b:0a:25:0b:12:ed:71:f1:f2:19:62:3e:be:3c:a7:
98:9b:71:ad:37:e0:13:c3:c7:b5:e9:c2:6c:85:46:
c2:3f:cc:2f:06:e8:9c:37:98:a7:2a:8c:df:50:99:
17:0e:f7:bf:10:2c:a3:62:2c:0d:63:e3:52:c1:4f:
4b:57:0f:40:c2:5a:e0:ea:0f:26:74:f3:79:b3:b4:
45:6a:ee:e9:70:f5:6f:15:d7:91:7e:a6:5d:60:fb:
32:a5:93:4b:32:fc:41:e2:e4:91:03:e8:b3:75:bb:
d4:ad:73:dd:ce:45:89:8b:f1:65:c2:a8:b5:8b:b8:
69:45:fb:77:1c:5a:c1:6f:6b:fd:e1:7d:98:0d:03:
f8:5b:94:ce:d9:ce:0b:10:d0:17:73:01:30:84:8e:
3d:c3:c8:fb:fb:fe:9f:b7:d0:9d:94:37:bb:46:c7:
aa:cc:91:4e:20:c8:8e:81:9d:e7:a1:ff:33:f2:48:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:00:AB:73:9F:ED:22:61:4E:F8:07:FE:17:B3:FF:98:39:E3:9A:FC
X509v3 Authority Key Identifier:
keyid:C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/nACrc5_tImFO-Af-F7P_mDnjmvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.233.0/24
5.183.208.0/24
91.240.40.0/22
93.92.116.0/22
94.176.100.0/22
185.35.232.0/22
185.67.120.0/24
185.107.24.0/22
185.125.36.0/22
185.224.116.0/22
193.32.11.0/24
193.124.76.0/22
193.124.144.0/21
194.135.200.0/21
195.216.136.0/22
IPv6:
2a04:65c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:d8:31:91:d6:10:00:d4:aa:47:9f:b4:1d:ca:59:aa:2e:48:
35:de:f0:4e:be:0f:56:7a:95:11:9b:33:5f:cf:2c:b5:e6:38:
bd:c5:30:f8:11:4b:c7:c3:cd:2a:a9:3e:e2:e9:c0:3b:3a:cc:
4b:db:2b:be:ef:a8:81:db:05:18:dd:da:38:10:ba:1a:e0:ac:
f9:45:89:97:fb:e6:4a:13:b7:af:ac:2e:73:12:52:d6:8c:39:
6a:85:6e:3a:a7:e2:33:3e:cc:ac:8c:4c:45:b6:91:77:3f:3e:
fb:67:84:bb:5a:94:70:17:89:d5:8c:3b:eb:45:8d:c1:a1:26:
b4:a9:46:3c:ef:8b:ca:39:16:2d:63:df:a7:61:bd:c8:94:11:
b4:8b:20:2e:4b:11:1f:72:56:48:69:73:1d:d3:3b:bc:17:2c:
27:99:b4:de:71:35:02:15:06:84:db:85:8d:de:d3:26:d2:44:
2a:8d:72:74:e9:82:df:6b:c9:54:69:25:64:bc:4d:04:3b:98:
8d:cc:a0:80:06:d1:92:e8:a7:4c:83:12:9e:3b:d2:52:b9:f4:
af:41:d7:76:a8:d3:ef:61:2e:f6:62:87:7e:de:7e:36:aa:ee:
1a:6a:39:52:9f:89:f7:5c:9c:ed:96:a3:7b:d7:22:7b:fe:38:
c7:cd:ff:59
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQhsj3oVtu1T5//Uk8UHMt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGNhMDg1NTE3OGEwY2RkNzE5MTRiY2YyMjNhYTMxYWY2
MzY5YTQwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzAwYWI3MzlmZWQyMjYxNGVmODA3ZmUxN2IzZmY5ODM5ZTM5YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O/wkBuAZzvrVotnDj0QoTyfto15
9Y311PeojlOpCNqatV5yvi28DL+paaCwGfDJ8J4plGf3dLV/m9GUhhnUKd7g8H7j
A1u8epQbCiULEu1x8fIZYj6+PKeYm3GtN+ATw8e16cJshUbCP8wvBuicN5inKozf
UJkXDve/ECyjYiwNY+NSwU9LVw9Awlrg6g8mdPN5s7RFau7pcPVvFdeRfqZdYPsy
pZNLMvxB4uSRA+izdbvUrXPdzkWJi/Flwqi1i7hpRft3HFrBb2v94X2YDQP4W5TO
2c4LENAXcwEwhI49w8j7+/6ft9CdlDe7RseqzJFOIMiOgZ3nof8z8kjwDQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJwAq3Of7SJhTvgH/hez/5g545r8MB8GA1UdIwQY
MBaAFMdMoIVReKDN1xkUvPIjqjGvY2mkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQt
ZGVkZDM1MjkzMjMwLzEvbkFDcmM1X3RJbUZPLUFmLUY3UF9tRG5qbXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQtZGVkZDM1MjkzMjMw
LzEveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAAWa6QME
AAW30AMEAlvwKAMEAl1cdAMEAl6wZAMEArkj6AMEALlDeAMEArlrGAMEArl9JAME
ArngdAMEAMEgCwMEAsF8TAMEA8F8kAMEA8KHyAMEAsPYiDANBAIAAjAHAwUDKgRl
wDANBgkqhkiG9w0BAQsFAAOCAQEACdgxkdYQANSqR5+0HcpZqi5INd7wTr4PVnqV
EZszX88steY4vcUw+BFLx8PNKqk+4unAOzrMS9srvu+ogdsFGN3aOBC6GuCs+UWJ
l/vmShO3r6wucxJS1ow5aoVuOqfiMz7MrIxMRbaRdz8++2eEu1qUcBeJ1Yw760WN
waEmtKlGPO+LyjkWLWPfp2G9yJQRtIsgLksRH3JWSGlzHdM7vBcsJ5m03nE1AhUG
hNuFjd7TJtJEKo1ydOmC32vJVGklZLxNBDuYjcyggAbRkuinTIMSnjvSUrn0r0HX
dqjT72Eu9mKHft5+NqruGmo5Up+J91yc7Zaje9cie/44x83/WQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:10:20 2025 by rpki-client