Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dQsBPqZMKH6daF7X2f5XYU6EMvg.roa
File: dQsBPqZMKH6daF7X2f5XYU6EMvg.roa (raw, json)
Hash identifier: Ttxj5IHhlmThO1pUjygA+meVozoZQIr1J0wnK4d0fqo=
Subject key identifier: 75:0B:01:3E:A6:4C:28:7E:9D:68:5E:D7:D9:FE:57:61:4E:84:32:F8
Certificate issuer: /CN=74198f7022b9560501db448af60301fa285e9236
Certificate serial: 01942143C1F94B0D2735C174C450DF2F259A
Authority key identifier: 74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dQsBPqZMKH6daF7X2f5XYU6EMvg.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3342
IP address blocks: 92.241.192.0/20 maxlen: 20
92.241.216.0/21 maxlen: 21
157.250.160.0/20 maxlen: 20
178.72.16.0/21 maxlen: 21
185.98.96.0/22 maxlen: 22
185.157.132.0/22 maxlen: 22
185.170.132.0/22 maxlen: 22
212.237.250.0/23 maxlen: 23
2a06:b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 12 Mar 2025 08:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c1:f9:4b:0d:27:35:c1:74:c4:50:df:2f:25:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74198f7022b9560501db448af60301fa285e9236
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=750b013ea64c287e9d685ed7d9fe57614e8432f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ef:70:f9:38:20:6f:28:42:39:81:22:5a:51:
90:7e:45:58:62:de:f0:6b:4a:8e:0e:a4:1d:2f:3d:
ee:e5:73:5b:77:27:41:82:7e:a2:dd:b5:b3:54:63:
65:b2:6e:a0:76:bf:2d:16:a2:18:77:56:e1:69:da:
de:41:74:b6:11:b0:d0:d6:59:48:f1:74:09:aa:77:
24:49:f0:2a:31:bf:77:8b:25:3c:c1:69:6a:76:04:
ae:83:68:a5:db:f3:84:bc:20:c5:f8:17:a6:63:2f:
fb:6a:98:e8:bd:42:fa:f1:14:19:58:2c:42:9d:70:
cc:65:ff:95:b9:f8:8f:6d:46:ea:cf:55:44:c8:21:
a1:2b:da:56:2a:67:ac:af:d5:92:93:c3:9a:9e:cf:
5e:c0:13:67:85:3b:35:81:f3:0a:bf:a3:76:63:4a:
a9:26:04:d8:db:fb:8f:f4:6b:57:98:3b:a9:49:5e:
57:14:7b:31:d0:16:7e:05:af:d0:8c:c3:5c:b2:fb:
66:9e:2e:8f:b0:c9:d7:22:bd:f9:54:9e:06:be:0e:
1b:69:be:88:23:6e:89:62:74:1e:26:b1:98:88:3c:
52:77:79:1e:ef:49:63:8b:58:8d:3b:44:b7:83:c4:
e5:9a:02:0c:4d:ac:44:2f:f9:58:37:88:9c:8b:ba:
ee:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0B:01:3E:A6:4C:28:7E:9D:68:5E:D7:D9:FE:57:61:4E:84:32:F8
X509v3 Authority Key Identifier:
keyid:74:19:8F:70:22:B9:56:05:01:DB:44:8A:F6:03:01:FA:28:5E:92:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBmPcCK5VgUB20SK9gMB-ihekjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dQsBPqZMKH6daF7X2f5XYU6EMvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1be5e1-56b4-4c66-beab-6f163966af8b/1/dBmPcCK5VgUB20SK9gMB-ihekjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.192.0/20
92.241.216.0/21
157.250.160.0/20
178.72.16.0/21
185.98.96.0/22
185.157.132.0/22
185.170.132.0/22
212.237.250.0/23
IPv6:
2a06:b00::/29
Signature Algorithm: sha256WithRSAEncryption
85:b2:65:9c:a7:c3:2a:36:f1:42:2c:86:83:e4:a0:0c:de:6f:
a4:fd:a9:43:5e:e6:83:f7:8a:d2:db:06:7d:35:ee:37:1c:3a:
0b:8b:24:fa:a5:b1:3f:22:42:a0:2b:e4:72:18:08:0b:a1:91:
a3:6b:42:ac:fd:f6:b8:d5:a4:11:d4:ca:bf:ed:ef:cc:4b:e8:
fe:d0:13:84:a6:ed:2f:90:3b:ba:01:e0:cd:cd:80:8e:b5:8f:
0f:c4:84:02:37:8f:92:9e:fc:73:6e:e0:18:1e:92:ff:63:03:
cd:db:d1:55:47:7f:48:a3:52:2c:df:aa:9c:ed:35:65:8b:ef:
05:4f:c5:f0:e3:ef:c2:b6:44:81:79:50:3b:92:bd:c6:6f:3e:
d5:ed:4c:10:e8:2d:e3:e7:46:84:5d:d6:6c:14:c2:a9:05:23:
a9:1a:d6:98:15:8a:ce:d3:0a:51:60:04:a7:20:db:75:5f:de:
64:a5:bf:8e:48:cc:a5:a8:c9:22:a9:3a:d8:3a:08:8b:2f:d9:
8b:e0:a0:6e:ed:6e:50:e3:bb:55:2c:1a:e3:60:91:d1:a6:cb:
75:83:57:50:79:15:db:6d:51:2e:94:d5:c8:9b:17:6c:a5:87:
f8:61:0f:37:f9:d0:4c:f6:15:27:c4:17:bc:25:79:9c:ec:3f:
ef:1d:f1:b6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQhQ8H5Sw0nNcF0xFDfLyWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTk4ZjcwMjJiOTU2MDUwMWRiNDQ4YWY2MDMwMWZhMjg1
ZTkyMzYwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTBiMDEzZWE2NGMyODdlOWQ2ODVlZDdkOWZlNTc2MTRlODQzMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme9w+TggbyhCOYEiWlGQfkVYYt7w
a0qODqQdLz3u5XNbdydBgn6i3bWzVGNlsm6gdr8tFqIYd1bhadreQXS2EbDQ1llI
8XQJqnckSfAqMb93iyU8wWlqdgSug2il2/OEvCDF+BemYy/7apjovUL68RQZWCxC
nXDMZf+VufiPbUbqz1VEyCGhK9pWKmesr9WSk8Oans9ewBNnhTs1gfMKv6N2Y0qp
JgTY2/uP9GtXmDupSV5XFHsx0BZ+Ba/QjMNcsvtmni6PsMnXIr35VJ4Gvg4bab6I
I26JYnQeJrGYiDxSd3ke70lji1iNO0S3g8TlmgIMTaxEL/lYN4ici7ruMQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHULAT6mTCh+nWhe19n+V2FOhDL4MB8GA1UdIwQY
MBaAFHQZj3AiuVYFAdtEivYDAfooXpI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWIt
NmYxNjM5NjZhZjhiLzEvZFFzQlBxWk1LSDZkYUY3WDJmNVhZVTZFTXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8xYmU1ZTEtNTZiNC00YzY2LWJlYWItNmYxNjM5NjZhZjhi
LzEvZEJtUGNDSzVWZ1VCMjBTSzlnTUItaWhla2pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEXPHAAwQD
XPHYAwQEnfqgAwQDskgQAwQCuWJgAwQCuZ2EAwQCuaqEAwQB1O36MA0EAgACMAcD
BQMqBgsAMA0GCSqGSIb3DQEBCwUAA4IBAQCFsmWcp8MqNvFCLIaD5KAM3m+k/alD
XuaD94rS2wZ9Ne43HDoLiyT6pbE/IkKgK+RyGAgLoZGja0Ks/fa41aQR1Mq/7e/M
S+j+0BOEpu0vkDu6AeDNzYCOtY8PxIQCN4+SnvxzbuAYHpL/YwPN29FVR39Io1Is
36qc7TVli+8FT8Xw4+/CtkSBeVA7kr3Gbz7V7UwQ6C3j50aEXdZsFMKpBSOpGtaY
FYrO0wpRYASnINt1X95kpb+OSMylqMkiqTrYOgiLL9mL4KBu7W5Q47tVLBrjYJHR
pst1g1dQeRXbbVEulNXImxdspYf4YQ83+dBM9hUnxBe8JXmc7D/vHfG2
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:00:30 2025 by rpki-client