Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/XbJubPLDz52fjWDooVxzhc_yILo.roa
File: XbJubPLDz52fjWDooVxzhc_yILo.roa (raw, json)
Hash identifier: tukiRr19dfeFlRJg89UCX83Fg1bJpdFBeeUJ8mp+f7s=
Subject key identifier: 5D:B2:6E:6C:F2:C3:CF:9D:9F:8D:60:E8:A1:5C:73:85:CF:F2:20:BA
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019353C3F0ACE192FC227A5AE71864C4C8F7
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/XbJubPLDz52fjWDooVxzhc_yILo.roa
Signing time: Fri 22 Nov 2024 12:06:10 +0000
ROA not before: Fri 22 Nov 2024 12:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 168.199.169.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.235.0/24 maxlen: 24
168.199.245.0/24 maxlen: 24
185.101.255.0/24 maxlen: 24
185.171.255.0/24 maxlen: 24
185.226.204.0/24 maxlen: 24
185.226.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:c3:f0:ac:e1:92:fc:22:7a:5a:e7:18:64:c4:c8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Nov 22 12:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5db26e6cf2c3cf9d9f8d60e8a15c7385cff220ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:e9:c3:98:e3:df:8d:52:14:f0:c9:c8:17:
ea:9f:85:ec:7f:2c:7b:44:21:67:68:56:2d:d7:7e:
9d:80:d7:27:d5:b6:b0:5d:42:c6:c3:8d:9a:12:46:
50:5d:38:ac:ee:f9:2a:1a:52:40:e9:1b:f1:ea:b4:
9b:b1:5c:60:f0:66:57:95:35:d7:2e:5b:db:01:7f:
10:3e:a5:6e:10:49:71:c2:27:13:39:d1:19:ee:e6:
a9:3d:d0:4b:50:9f:f9:c8:ff:af:02:4f:91:58:31:
c2:a4:d0:eb:2a:09:80:b6:be:e3:a8:cd:84:da:ac:
40:3d:32:77:03:6a:5a:08:d6:ee:be:94:26:f4:39:
e7:75:78:51:eb:f5:0f:d4:f2:40:f9:1b:c0:53:a4:
65:1e:0c:30:45:f8:6a:bb:6c:37:00:df:46:b7:a7:
d1:fd:49:b7:a4:c0:5b:56:84:37:fc:6a:ed:93:2c:
dd:f6:e3:6a:96:e4:70:b7:3c:6b:8b:e7:dc:39:10:
d2:d3:b6:b6:30:2d:bd:67:93:81:71:e8:24:fd:d6:
d4:9f:31:ec:b1:16:48:39:ee:09:26:95:50:19:19:
2e:df:da:90:dc:94:43:1e:b4:a7:80:59:3d:fb:8c:
7f:3c:8a:44:e4:a4:d1:38:51:62:de:8b:e0:c3:cd:
bc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B2:6E:6C:F2:C3:CF:9D:9F:8D:60:E8:A1:5C:73:85:CF:F2:20:BA
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/XbJubPLDz52fjWDooVxzhc_yILo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.169.0/24
168.199.234.0/23
168.199.245.0/24
185.101.255.0/24
185.171.255.0/24
185.226.204.0/24
185.226.207.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:da:19:95:f6:e7:6e:1e:62:b4:5a:cb:55:83:ff:97:b7:29:
70:94:60:90:ed:7d:21:27:83:c3:6c:b8:d8:6b:d0:f3:22:45:
79:46:6d:65:fa:ac:d7:c5:ff:e7:db:6d:d5:8c:fb:19:53:8f:
d1:4b:95:3a:68:7e:fd:9c:52:e5:55:5e:fc:ca:82:16:46:7c:
bc:fe:38:db:96:33:cc:00:78:76:67:45:cb:a4:40:9a:32:b2:
c3:d6:21:63:da:ca:17:96:7a:c2:ef:93:7a:de:2d:89:f4:10:
60:b0:af:e5:3e:3d:ec:89:f6:4a:b1:3b:d9:ca:98:dc:f9:1d:
3a:75:89:6d:78:df:04:81:26:7f:df:51:ad:ce:b8:b1:da:d2:
e0:39:27:82:bd:79:0b:e5:f7:da:23:20:07:bc:42:12:ae:84:
14:40:c2:cc:61:b4:6d:14:e9:60:33:2d:5b:23:12:d1:b9:f9:
5c:9c:dc:c5:09:cc:12:75:77:b3:ad:d0:56:19:78:f3:27:e6:
de:d7:b0:3d:51:e3:54:f6:fa:a9:be:41:bb:ef:a5:59:48:69:
6a:72:39:7d:1a:3c:f1:07:96:f6:0c:90:3f:bd:ed:f9:22:8c:
be:8d:12:c7:dd:53:ef:83:de:07:9d:47:9e:1e:87:e3:20:35:
41:5b:a1:0d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNTw/Cs4ZL8Inpa5xhkxMj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQxMTIyMTIwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGIyNmU2Y2YyYzNjZjlkOWY4ZDYwZThhMTVjNzM4NWNmZjIyMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+Hpw5jj341SFPDJyBfqn4Xsfyx7
RCFnaFYt136dgNcn1bawXULGw42aEkZQXTis7vkqGlJA6Rvx6rSbsVxg8GZXlTXX
LlvbAX8QPqVuEElxwicTOdEZ7uapPdBLUJ/5yP+vAk+RWDHCpNDrKgmAtr7jqM2E
2qxAPTJ3A2paCNbuvpQm9DnndXhR6/UP1PJA+RvAU6RlHgwwRfhqu2w3AN9Gt6fR
/Um3pMBbVoQ3/Grtkyzd9uNqluRwtzxri+fcORDS07a2MC29Z5OBcegk/dbUnzHs
sRZIOe4JJpVQGRku39qQ3JRDHrSngFk9+4x/PIpE5KTROFFi3ovgw828AQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF2ybmzyw8+dn41g6KFcc4XP8iC6MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvWGJKdWJQTER6NTJmaldEb29WeHpoY195SUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAqMepAwQB
qMfqAwQAqMf1AwQAuWX/AwQAuav/AwQAueLMAwQAueLPMA0GCSqGSIb3DQEBCwUA
A4IBAQAb2hmV9uduHmK0WstVg/+XtylwlGCQ7X0hJ4PDbLjYa9DzIkV5Rm1l+qzX
xf/n223VjPsZU4/RS5U6aH79nFLlVV78yoIWRny8/jjbljPMAHh2Z0XLpECaMrLD
1iFj2soXlnrC75N63i2J9BBgsK/lPj3sifZKsTvZypjc+R06dYlteN8EgSZ/31Gt
zrix2tLgOSeCvXkL5ffaIyAHvEISroQUQMLMYbRtFOlgMy1bIxLRuflcnNzFCcwS
dXezrdBWGXjzJ+be17A9UeNU9vqpvkG776VZSGlqcjl9GjzxB5b2DJA/ve35Ioy+
jRLH3VPvg94HnUeeHofjIDVBW6EN
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:26:18 2025 by rpki-client