Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/qFwe_x-IDgYLdyVQnwoKUg8EILA.roa
File: qFwe_x-IDgYLdyVQnwoKUg8EILA.roa (raw, json)
Hash identifier: gKeosK61RM3/AYX0O4vK7KNHo4IS75UpHBrR+Kfuxj8=
Subject key identifier: A8:5C:1E:FF:1F:88:0E:06:0B:77:25:50:9F:0A:0A:52:0F:04:20:B0
Certificate issuer: /CN=c5ba51c07148843d400805b40335e72d324265f1
Certificate serial: 019411949A02265E27710BD6B99AE305C2C8
Authority key identifier: C5:BA:51:C0:71:48:84:3D:40:08:05:B4:03:35:E7:2D:32:42:65:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xbpRwHFIhD1ACAW0AzXnLTJCZfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/qFwe_x-IDgYLdyVQnwoKUg8EILA.roa
Signing time: Sun 29 Dec 2024 08:42:18 +0000
ROA not before: Sun 29 Dec 2024 08:42:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199987
IP address blocks: 185.40.35.0/24 maxlen: 24
2a01:4ba0::/29 maxlen: 29
2a01:4ba0::/48 maxlen: 48
2a01:4ba0:1::/48 maxlen: 48
2a01:4ba0:2::/48 maxlen: 48
2a01:4ba0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:94:9a:02:26:5e:27:71:0b:d6:b9:9a:e3:05:c2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5ba51c07148843d400805b40335e72d324265f1
Validity
Not Before: Dec 29 08:42:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a85c1eff1f880e060b7725509f0a0a520f0420b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f4:6b:ee:ef:c7:63:54:96:b5:55:06:04:6b:
6a:84:25:5f:07:61:35:25:bd:f9:17:eb:10:6f:ee:
3f:7e:be:e3:25:34:25:51:1c:59:d1:e5:c7:87:69:
0a:80:12:73:af:ae:ba:b1:9d:02:63:4d:1a:83:dd:
48:2d:9f:69:d3:08:68:b6:3b:79:ba:42:7b:d6:b6:
84:f3:74:3b:d9:12:2a:19:31:e8:30:ba:37:6d:9f:
b0:b6:d1:f1:5a:eb:69:36:76:90:24:5f:f9:a7:ed:
b3:b1:94:33:a9:be:04:1b:6f:47:0d:ba:7b:c7:6d:
e8:7c:b3:1d:b8:fe:25:a5:56:fd:c0:86:f2:7b:89:
29:c8:4d:f3:0d:ab:8e:ed:52:14:0e:fb:ea:f2:be:
19:f2:eb:b4:9e:a4:93:ec:d6:3e:bd:e0:77:49:e4:
23:29:20:da:fd:71:0f:07:1f:3e:47:db:75:ec:29:
e3:35:a8:b9:9d:ee:69:c5:76:d1:39:5f:26:eb:4a:
b3:00:c9:33:27:2c:84:c7:17:ef:26:dc:ac:7c:45:
73:48:31:93:d1:20:ee:b2:e5:20:27:6f:bc:99:5c:
d1:4b:81:0c:49:be:77:0e:f2:19:c6:f0:10:2d:59:
74:f4:68:b5:7e:ae:f3:44:00:43:b6:4f:e8:24:d9:
ae:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5C:1E:FF:1F:88:0E:06:0B:77:25:50:9F:0A:0A:52:0F:04:20:B0
X509v3 Authority Key Identifier:
keyid:C5:BA:51:C0:71:48:84:3D:40:08:05:B4:03:35:E7:2D:32:42:65:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbpRwHFIhD1ACAW0AzXnLTJCZfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/qFwe_x-IDgYLdyVQnwoKUg8EILA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/db63b5-1f96-4f00-865a-9ff5c1a3b0e0/1/xbpRwHFIhD1ACAW0AzXnLTJCZfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.35.0/24
IPv6:
2a01:4ba0::/29
Signature Algorithm: sha256WithRSAEncryption
52:4e:f1:0f:8d:e0:b8:a3:d4:47:7d:16:15:fc:d2:5f:bd:1d:
ac:7a:89:f4:3e:be:6e:3e:ed:37:f7:45:6b:ee:ed:c3:27:ed:
6a:08:95:f6:76:44:b5:9b:d0:29:71:d1:ed:d2:89:7c:46:59:
a9:35:f5:07:e8:54:bf:d8:60:9d:db:6f:4f:0c:67:69:68:a9:
f8:78:c0:69:26:bd:24:ef:d6:dd:c8:6d:dd:d9:da:c2:97:dd:
53:45:6b:8c:38:f3:97:6b:7c:45:3c:38:7c:d3:5e:3b:16:92:
20:67:f7:02:ca:3c:1a:2a:7c:3b:e5:e0:23:23:6e:9c:45:30:
e3:5f:d7:3a:9b:8f:17:12:35:2e:83:f5:14:4c:4d:45:96:d8:
fd:1a:a6:53:7a:8b:81:e7:ce:07:11:5c:5f:52:21:4f:12:25:
f5:45:e6:4f:a4:74:96:af:75:ba:44:e1:da:1f:88:5b:9c:7d:
9a:0c:e5:8f:6e:28:e1:12:c6:30:d4:b0:16:69:0e:21:67:55:
ee:46:ec:28:0b:6e:fa:36:d2:21:43:7a:3c:64:54:7e:9a:05:
b0:2f:36:b3:f4:33:a0:07:57:17:3d:8f:4c:b4:62:63:f4:b3:
ed:b3:0b:26:d9:2e:27:4f:df:8a:7d:c3:eb:83:7c:1e:58:70:
10:eb:a1:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQRlJoCJl4ncQvWuZrjBcLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YmE1MWMwNzE0ODg0M2Q0MDA4MDViNDAzMzVlNzJkMzI0
MjY1ZjEwHhcNMjQxMjI5MDg0MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODVjMWVmZjFmODgwZTA2MGI3NzI1NTA5ZjBhMGE1MjBmMDQyMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/Rr7u/HY1SWtVUGBGtqhCVfB2E1
Jb35F+sQb+4/fr7jJTQlURxZ0eXHh2kKgBJzr666sZ0CY00ag91ILZ9p0whotjt5
ukJ71raE83Q72RIqGTHoMLo3bZ+wttHxWutpNnaQJF/5p+2zsZQzqb4EG29HDbp7
x23ofLMduP4lpVb9wIbye4kpyE3zDauO7VIUDvvq8r4Z8uu0nqST7NY+veB3SeQj
KSDa/XEPBx8+R9t17CnjNai5ne5pxXbROV8m60qzAMkzJyyExxfvJtysfEVzSDGT
0SDusuUgJ2+8mVzRS4EMSb53DvIZxvAQLVl09Gi1fq7zRABDtk/oJNmuhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKhcHv8fiA4GC3clUJ8KClIPBCCwMB8GA1UdIwQY
MBaAFMW6UcBxSIQ9QAgFtAM15y0yQmXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGJwUndIRkloRDFBQ0FXMEF6WG5MVEpDWmZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kYjYzYjUtMWY5Ni00ZjAwLTg2NWEt
OWZmNWMxYTNiMGUwLzEvcUZ3ZV94LUlEZ1lMZHlWUW53b0tVZzhFSUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kYjYzYjUtMWY5Ni00ZjAwLTg2NWEtOWZmNWMxYTNiMGUw
LzEveGJwUndIRkloRDFBQ0FXMEF6WG5MVEpDWmZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSgjMA0E
AgACMAcDBQMqAUugMA0GCSqGSIb3DQEBCwUAA4IBAQBSTvEPjeC4o9RHfRYV/NJf
vR2seon0Pr5uPu0390Vr7u3DJ+1qCJX2dkS1m9ApcdHt0ol8RlmpNfUH6FS/2GCd
229PDGdpaKn4eMBpJr0k79bdyG3d2drCl91TRWuMOPOXa3xFPDh80147FpIgZ/cC
yjwaKnw75eAjI26cRTDjX9c6m48XEjUug/UUTE1Fltj9GqZTeouB584HEVxfUiFP
EiX1ReZPpHSWr3W6ROHaH4hbnH2aDOWPbijhEsYw1LAWaQ4hZ1XuRuwoC276NtIh
Q3o8ZFR+mgWwLzaz9DOgB1cXPY9MtGJj9LPtswsm2S4nT9+KfcPrg3weWHAQ66Ff
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:34:03 2025 by rpki-client