Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/_aivQztwebD9EMp9hBGTsKsk8SM.roa
File: _aivQztwebD9EMp9hBGTsKsk8SM.roa (raw, json)
Hash identifier: vnWgacBcaJcWYbae7VwWQQvB7k/1Gvr1AQTyLFvTbzk=
Subject key identifier: FD:A8:AF:43:3B:70:79:B0:FD:10:CA:7D:84:11:93:B0:AB:24:F1:23
Certificate issuer: /CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Certificate serial: 019565FE0061CD96FC12AA28C1B20BA664F3
Authority key identifier: C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/_aivQztwebD9EMp9hBGTsKsk8SM.roa
Signing time: Wed 05 Mar 2025 11:08:19 +0000
ROA not before: Wed 05 Mar 2025 11:08:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34594
IP address blocks: 5.39.128.0/19 maxlen: 19
5.43.160.0/19 maxlen: 19
37.60.128.0/21 maxlen: 21
37.205.96.0/20 maxlen: 20
80.80.48.0/20 maxlen: 24
85.114.32.0/19 maxlen: 19
85.114.32.0/20 maxlen: 20
85.114.33.0/24 maxlen: 24
89.17.0.0/19 maxlen: 19
89.201.128.0/17 maxlen: 17
89.201.175.0/24 maxlen: 24
95.178.128.0/17 maxlen: 17
151.252.208.0/21 maxlen: 21
151.252.224.0/19 maxlen: 19
151.252.224.0/20 maxlen: 20
176.222.32.0/20 maxlen: 20
185.18.60.0/22 maxlen: 22
2a02:ac8::/32 maxlen: 32
2a03:6100::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Mar 2025 14:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:fe:00:61:cd:96:fc:12:aa:28:c1:b2:0b:a6:64:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c24d5bd3ceeaab0786ce151a3178dadc107bf280
Validity
Not Before: Mar 5 11:08:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fda8af433b7079b0fd10ca7d841193b0ab24f123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b5:bb:d5:42:30:d9:7e:14:7b:59:82:92:b9:
f6:aa:52:9a:f9:b7:4a:9b:51:e5:51:fe:e6:49:78:
07:34:b9:59:65:4c:1f:5f:09:59:3e:53:22:8d:89:
75:04:c2:b1:51:5c:50:21:95:0a:5a:81:6e:21:c1:
bb:35:be:84:1b:35:6a:d2:d9:f0:e1:bd:4b:19:dc:
c6:c6:91:a7:78:a5:c0:13:af:69:35:df:e7:fa:81:
b6:ad:0f:56:f4:52:c5:53:21:40:f8:13:bd:f6:c2:
a4:30:d9:76:55:d0:f6:d4:d1:84:f9:a7:90:b0:67:
94:ef:c2:3a:56:86:4c:8a:92:0f:8a:e1:1b:83:a5:
cc:de:62:8c:63:72:a1:cb:12:34:e6:f9:8f:5e:0c:
11:4c:e1:e9:ba:9c:46:9f:5b:ba:80:48:c2:d2:c7:
ab:ee:a8:94:2d:cb:22:98:12:76:00:3e:13:3e:a5:
90:ee:db:e1:e0:db:15:75:aa:36:ac:05:30:16:ba:
65:5f:c9:bd:3a:97:a6:f5:df:35:37:74:8c:4c:c0:
0e:98:dd:24:3a:8d:f2:fa:b8:4c:87:8e:5c:cc:79:
79:c2:cd:58:5f:a3:6f:b8:06:e4:3d:68:00:7e:29:
f2:fb:91:38:e3:20:b8:bc:be:cc:d9:19:53:0c:15:
81:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A8:AF:43:3B:70:79:B0:FD:10:CA:7D:84:11:93:B0:AB:24:F1:23
X509v3 Authority Key Identifier:
keyid:C2:4D:5B:D3:CE:EA:AB:07:86:CE:15:1A:31:78:DA:DC:10:7B:F2:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wk1b087qqweGzhUaMXja3BB78oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/_aivQztwebD9EMp9hBGTsKsk8SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9e16c1-310f-410c-b341-41d82329f26d/1/wk1b087qqweGzhUaMXja3BB78oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.128.0/19
5.43.160.0/19
37.60.128.0/21
37.205.96.0/20
80.80.48.0/20
85.114.32.0/19
89.17.0.0/19
89.201.128.0/17
95.178.128.0/17
151.252.208.0/21
151.252.224.0/19
176.222.32.0/20
185.18.60.0/22
IPv6:
2a02:ac8::/32
2a03:6100::/32
Signature Algorithm: sha256WithRSAEncryption
a5:83:04:de:4c:12:f1:1b:3b:ed:60:af:ea:37:34:52:91:37:
d0:e4:30:05:4f:f9:d0:9d:16:2b:9b:37:20:f0:17:0e:d9:7e:
ad:58:b8:5e:e6:df:c3:ae:fe:1c:6b:5f:f1:b7:29:b7:5c:96:
2c:0b:aa:6c:29:42:84:5d:8a:f5:06:c8:02:4f:fa:96:64:73:
2d:b3:de:32:c2:20:68:48:e2:e4:f8:64:b8:4c:8e:6c:19:2c:
ba:b2:77:bd:3c:44:67:d9:ee:9b:41:a2:a7:6a:b5:21:77:ae:
fa:fa:0a:63:96:c1:23:98:14:45:54:2e:9b:4f:d8:a8:3d:40:
52:d9:9a:45:92:56:78:bc:cf:84:d4:0b:5c:9f:6c:5c:ac:12:
16:8f:cd:3e:67:b8:56:f8:c4:08:06:ad:47:d0:34:80:1d:95:
45:fa:e0:ec:d4:c9:14:e9:0c:83:fe:1e:cd:56:14:5d:6a:54:
3c:1f:84:76:e8:ee:47:bc:92:c5:46:6a:78:5e:26:90:d8:4b:
7f:5a:fc:2b:da:a8:31:d6:d5:d0:6c:1f:4c:ce:f2:87:40:3d:
94:ae:d4:68:88:9e:4c:9b:84:4d:75:3e:ba:e1:bb:3a:fb:c4:
14:6a:06:9e:5c:7f:27:2d:96:76:61:5b:7c:09:d1:d3:00:d1:
6d:87:82:b4
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZVl/gBhzZb8EqoowbILpmTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNGQ1YmQzY2VlYWFiMDc4NmNlMTUxYTMxNzhkYWRjMTA3
YmYyODAwHhcNMjUwMzA1MTEwODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE4YWY0MzNiNzA3OWIwZmQxMGNhN2Q4NDExOTNiMGFiMjRmMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbW71UIw2X4Ue1mCkrn2qlKa+bdK
m1HlUf7mSXgHNLlZZUwfXwlZPlMijYl1BMKxUVxQIZUKWoFuIcG7Nb6EGzVq0tnw
4b1LGdzGxpGneKXAE69pNd/n+oG2rQ9W9FLFUyFA+BO99sKkMNl2VdD21NGE+aeQ
sGeU78I6VoZMipIPiuEbg6XM3mKMY3KhyxI05vmPXgwRTOHpupxGn1u6gEjC0ser
7qiULcsimBJ2AD4TPqWQ7tvh4NsVdao2rAUwFrplX8m9Opem9d81N3SMTMAOmN0k
Oo3y+rhMh45czHl5ws1YX6NvuAbkPWgAfiny+5E44yC4vL7M2RlTDBWBVQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFP2or0M7cHmw/RDKfYQRk7CrJPEjMB8GA1UdIwQY
MBaAFMJNW9PO6qsHhs4VGjF42twQe/KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEt
NDFkODIzMjlmMjZkLzEvX2FpdlF6dHdlYkQ5RU1wOWhCR1RzS3NrOFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZTE2YzEtMzEwZi00MTBjLWIzNDEtNDFkODIzMjlmMjZk
LzEvd2sxYjA4N3Fxd2VHemhVYU1YamEzQkI3OG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQFBSeAAwQF
BSugAwQDJTyAAwQEJc1gAwQEUFAwAwQFVXIgAwQFWREAAwQHWcmAAwQHX7KAAwQD
l/zQAwQFl/zgAwQEsN4gAwQCuRI8MBQEAgACMA4DBQAqAgrIAwUAKgNhADANBgkq
hkiG9w0BAQsFAAOCAQEApYME3kwS8Rs77WCv6jc0UpE30OQwBU/50J0WK5s3IPAX
Dtl+rVi4Xubfw67+HGtf8bcpt1yWLAuqbClChF2K9QbIAk/6lmRzLbPeMsIgaEji
5PhkuEyObBksurJ3vTxEZ9num0Gip2q1IXeu+voKY5bBI5gURVQum0/YqD1AUtma
RZJWeLzPhNQLXJ9sXKwSFo/NPme4VvjECAatR9A0gB2VRfrg7NTJFOkMg/4ezVYU
XWpUPB+EdujuR7ySxUZqeF4mkNhLf1r8K9qoMdbV0GwfTM7yh0A9lK7UaIieTJuE
TXU+uuG7OvvEFGoGnlx/Jy2WdmFbfAnR0wDRbYeCtA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:40:17 2025 by rpki-client