Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/xpTjGvaDmrE51vBsvZPkhJnSBAA.roa
File: xpTjGvaDmrE51vBsvZPkhJnSBAA.roa (raw, json)
Hash identifier: zPC2S238OrSTlovYBC2pTJz8g2QgXZ75DzJUT+2Pm+4=
Subject key identifier: C6:94:E3:1A:F6:83:9A:B1:39:D6:F0:6C:BD:93:E4:84:99:D2:04:00
Certificate issuer: /CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Certificate serial: 019421445795ED550A4514923C6C6E3DBABE
Authority key identifier: E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/xpTjGvaDmrE51vBsvZPkhJnSBAA.roa
Signing time: Wed 01 Jan 2025 09:48:34 +0000
ROA not before: Wed 01 Jan 2025 09:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34941
IP address blocks: 85.118.200.0/21 maxlen: 21
185.112.136.0/23 maxlen: 23
2a06:6180::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 04 Feb 2025 22:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:57:95:ed:55:0a:45:14:92:3c:6c:6e:3d:ba:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Validity
Not Before: Jan 1 09:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c694e31af6839ab139d6f06cbd93e48499d20400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a5:57:d4:fc:7a:e6:72:b8:bd:e6:d5:2c:3e:
09:15:61:ad:39:0e:e6:90:01:3e:0c:17:69:d0:dc:
04:eb:1a:2e:6a:f6:02:8d:40:35:30:6e:9e:d2:84:
34:37:87:c0:22:b2:28:04:2e:3b:d8:d8:12:08:3d:
39:eb:13:66:c8:17:c2:c4:ec:01:51:ee:a6:1a:0c:
4f:ff:70:47:53:ef:48:86:f5:60:ad:bc:6a:00:d6:
10:db:13:22:c2:5b:b5:2f:23:ea:e2:c8:f7:5b:94:
fa:1f:75:af:71:c9:6f:2b:af:b6:5c:37:19:6b:40:
c3:e3:45:b6:4b:7b:06:c2:07:03:d9:94:58:3f:0a:
9c:c0:70:cf:09:36:19:1c:14:9e:5d:ae:4f:13:cd:
aa:e3:5a:7f:90:12:d2:09:90:1c:c6:a9:75:9e:08:
e2:f5:16:00:1a:d9:0c:c8:50:1b:ac:e2:f6:d3:d7:
63:df:6c:7d:9b:b6:af:2e:7e:fa:c1:86:bf:fd:38:
0b:51:19:93:7a:77:09:d5:5a:5c:2e:64:ac:a5:4b:
98:3a:86:2f:e5:23:1e:85:29:77:2a:33:84:d1:d7:
43:11:ff:cc:0a:20:ff:63:05:52:90:4f:97:1b:5d:
93:bb:74:0b:26:81:a2:0a:3e:ee:c1:e8:50:55:e0:
07:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:94:E3:1A:F6:83:9A:B1:39:D6:F0:6C:BD:93:E4:84:99:D2:04:00
X509v3 Authority Key Identifier:
keyid:E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/xpTjGvaDmrE51vBsvZPkhJnSBAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.200.0/21
185.112.136.0/23
IPv6:
2a06:6180::/29
Signature Algorithm: sha256WithRSAEncryption
21:36:3c:e1:44:a1:07:d1:93:8b:91:d1:84:e5:24:24:b6:94:
2c:3f:0f:16:a0:ab:17:bb:ee:03:c5:52:5f:4d:20:fc:3d:56:
0c:34:f8:df:0f:fa:09:a5:ee:1e:98:c6:77:44:00:8f:03:8e:
1b:04:f9:e4:bd:89:7d:ab:26:4a:4e:04:5e:ac:d2:9d:fd:df:
fb:bc:89:6d:bc:60:0b:89:86:07:76:eb:0c:36:84:e5:93:b5:
cc:37:64:97:d5:a5:5d:53:36:17:1b:2e:aa:60:ea:6c:8c:77:
13:93:6d:3d:d8:3b:93:a8:22:8e:72:47:4e:b0:3a:d4:d9:f9:
3e:ee:b6:02:ca:52:bc:95:51:e9:75:93:30:a3:85:cf:f7:8e:
1e:44:4d:36:08:13:37:59:80:a0:81:1a:65:6c:a8:0a:6f:34:
bd:71:9c:19:7f:70:83:93:ea:ad:33:9c:8a:bb:5c:95:e5:39:
d5:31:be:d3:84:50:e9:f7:5d:b6:b8:ad:dd:cc:11:4e:22:3c:
2e:bc:f7:29:bc:38:ce:12:e3:43:20:5f:b2:2b:1f:6a:85:15:
8c:25:b1:ea:c2:ea:26:05:51:1c:55:d7:89:5b:40:ae:e6:b5:
f4:f2:83:c1:4c:9c:0d:3c:dd:7b:86:d5:8b:c3:6e:92:0e:52:
9a:d0:ae:fd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhRFeV7VUKRRSSPGxuPbq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNzc1MzhkZWMyZWZjZDJmMTFjYzYzNzE5N2QxZDlhNmZk
YWU5ZDkwHhcNMjUwMTAxMDk0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjk0ZTMxYWY2ODM5YWIxMzlkNmYwNmNiZDkzZTQ4NDk5ZDIwNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KVX1Px65nK4vebVLD4JFWGtOQ7m
kAE+DBdp0NwE6xouavYCjUA1MG6e0oQ0N4fAIrIoBC472NgSCD056xNmyBfCxOwB
Ue6mGgxP/3BHU+9IhvVgrbxqANYQ2xMiwlu1LyPq4sj3W5T6H3WvcclvK6+2XDcZ
a0DD40W2S3sGwgcD2ZRYPwqcwHDPCTYZHBSeXa5PE82q41p/kBLSCZAcxql1ngji
9RYAGtkMyFAbrOL209dj32x9m7avLn76wYa//TgLURmTencJ1VpcLmSspUuYOoYv
5SMehSl3KjOE0ddDEf/MCiD/YwVSkE+XG12Tu3QLJoGiCj7uwehQVeAHXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMaU4xr2g5qxOdbwbL2T5ISZ0gQAMB8GA1UdIwQY
MBaAFOJ3U43sLvzS8RzGNxl9HZpv2unZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWIt
ODJlZTJkMmI0Mjg5LzEveHBUakd2YURtckU1MXZCc3ZaUGtoSm5TQkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWItODJlZTJkMmI0Mjg5
LzEvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXbIAwQB
uXCIMA0EAgACMAcDBQMqBmGAMA0GCSqGSIb3DQEBCwUAA4IBAQAhNjzhRKEH0ZOL
kdGE5SQktpQsPw8WoKsXu+4DxVJfTSD8PVYMNPjfD/oJpe4emMZ3RACPA44bBPnk
vYl9qyZKTgRerNKd/d/7vIltvGALiYYHdusMNoTlk7XMN2SX1aVdUzYXGy6qYOps
jHcTk2092DuTqCKOckdOsDrU2fk+7rYCylK8lVHpdZMwo4XP944eRE02CBM3WYCg
gRplbKgKbzS9cZwZf3CDk+qtM5yKu1yV5TnVMb7ThFDp9122uK3dzBFOIjwuvPcp
vDjOEuNDIF+yKx9qhRWMJbHqwuomBVEcVdeJW0Cu5rX08oPBTJwNPN17htWLw26S
DlKa0K79
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:57 2025 by rpki-client