Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Xb3-yB8xNSK06bOhcBWrCpLRQC4.roa
File: Xb3-yB8xNSK06bOhcBWrCpLRQC4.roa (raw, json)
Hash identifier: vxYl9qp2c/2yr3+UrTqnYtnkSIQqOP+PDDfQPSFYDrg=
Subject key identifier: 5D:BD:FE:C8:1F:31:35:22:B4:E9:B3:A1:70:15:AB:0A:92:D1:40:2E
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0194B2773E2D3999908792BC073E90923784
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Xb3-yB8xNSK06bOhcBWrCpLRQC4.roa
Signing time: Wed 29 Jan 2025 14:29:06 +0000
ROA not before: Wed 29 Jan 2025 14:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.0.0/22 maxlen: 24
193.232.2.0/24 maxlen: 24
193.232.4.0/23 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.8.0/21 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.22.0/23 maxlen: 24
193.232.24.0/21 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.208.0/23 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
194.85.208.0/23 maxlen: 24
194.85.212.0/23 maxlen: 24
194.85.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 14:23:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:77:3e:2d:39:99:90:87:92:bc:07:3e:90:92:37:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 29 14:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dbdfec81f313522b4e9b3a17015ab0a92d1402e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c8:9e:58:02:84:0a:44:17:15:a6:97:6b:47:
c1:4b:ec:f0:69:29:99:61:ab:5b:d6:99:ec:be:3e:
f5:97:17:20:c6:82:e3:4f:1b:64:0e:8c:b1:4a:ee:
37:0c:2f:aa:5a:6c:d8:6a:9d:83:67:1d:06:70:0a:
5c:55:9b:ef:dd:5d:18:0f:f9:34:89:d6:83:3f:9d:
64:b4:8a:82:c6:4b:61:88:c0:87:c1:6c:f1:44:79:
e1:4f:ca:42:c5:b2:f4:56:6c:2e:90:fa:1e:6d:f2:
3a:0a:8e:86:05:c8:66:df:a9:10:7b:8a:32:09:4a:
e8:89:d0:67:51:08:76:a7:74:a0:05:50:15:8a:8f:
c1:37:f7:e7:7d:23:10:7c:d5:12:54:41:56:8b:f5:
5e:9b:16:e9:16:1b:88:1e:9c:9c:ee:f2:31:60:c8:
62:79:6b:33:d4:6f:ac:5c:00:ed:f6:fa:78:9e:bd:
74:5b:16:f7:f2:c2:7d:80:e9:5b:09:07:d1:29:bd:
68:73:b0:a6:aa:44:c5:10:e3:18:17:e3:31:b4:84:
90:10:f2:aa:52:f5:00:00:cb:81:10:14:5e:7e:ee:
0a:bf:fb:e8:d3:3e:17:b6:68:39:3f:8d:70:71:35:
d5:2c:30:8b:71:24:3a:0b:d6:6a:43:01:02:08:44:
48:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BD:FE:C8:1F:31:35:22:B4:E9:B3:A1:70:15:AB:0A:92:D1:40:2E
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Xb3-yB8xNSK06bOhcBWrCpLRQC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.0.0-193.232.6.255
193.232.8.0/21
193.232.17.0/24
193.232.19.0/24
193.232.22.0-193.232.31.255
193.232.192.0-193.232.197.255
193.232.207.0-193.232.209.255
193.232.212.0/24
193.232.218.0/23
194.85.208.0/23
194.85.212.0/23
Signature Algorithm: sha256WithRSAEncryption
58:54:db:05:ab:9c:f7:03:94:31:69:67:51:a2:53:fe:75:ab:
4d:fa:a0:26:58:77:81:61:72:b9:f5:86:98:c0:96:13:83:eb:
66:d3:92:70:a3:cc:76:0e:90:7c:6a:5a:36:44:18:80:43:94:
ec:e4:b1:3b:a3:cb:fe:57:e2:a7:22:e9:70:42:58:d6:1a:46:
92:e0:bd:fc:64:c6:5c:64:ed:27:a0:15:78:52:6b:4e:87:3d:
ee:82:4b:6d:99:c0:b3:76:9f:4f:3f:a7:b1:97:1d:90:0c:2a:
8a:33:d8:e1:c2:90:81:82:72:54:7f:fc:80:ce:e3:2b:05:5a:
c7:20:eb:73:15:ba:fc:6e:f5:09:18:4c:56:f7:f8:d0:be:bd:
30:d4:26:04:62:6c:fd:65:7c:9f:66:78:ee:08:4a:cd:7a:aa:
30:e4:08:f0:3b:e5:e4:5b:0f:95:72:5d:e9:4c:fa:b6:35:0b:
3e:5d:65:65:2d:c8:ae:c4:97:86:2b:80:a0:7d:09:e3:cc:27:
0a:6c:a5:42:40:19:71:ff:00:f3:38:16:8f:f7:54:bb:f8:de:
f7:65:87:31:e0:69:44:ad:f9:38:20:02:1e:22:8e:46:87:1b:
46:d7:b7:c7:5d:c5:ea:54:7a:78:52:2b:26:3d:77:ea:b5:2d:
03:d3:f7:ea
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZSydz4tOZmQh5K8Bz6QkjeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTI5MTQyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJkZmVjODFmMzEzNTIyYjRlOWIzYTE3MDE1YWIwYTkyZDE0MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMieWAKECkQXFaaXa0fBS+zwaSmZ
Yatb1pnsvj71lxcgxoLjTxtkDoyxSu43DC+qWmzYap2DZx0GcApcVZvv3V0YD/k0
idaDP51ktIqCxkthiMCHwWzxRHnhT8pCxbL0VmwukPoebfI6Co6GBchm36kQe4oy
CUroidBnUQh2p3SgBVAVio/BN/fnfSMQfNUSVEFWi/VemxbpFhuIHpyc7vIxYMhi
eWsz1G+sXADt9vp4nr10Wxb38sJ9gOlbCQfRKb1oc7CmqkTFEOMYF+MxtISQEPKq
UvUAAMuBEBRefu4Kv/vo0z4Xtmg5P41wcTXVLDCLcSQ6C9ZqQwECCERIPwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFF29/sgfMTUitOmzoXAVqwqS0UAuMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvWGIzLXlCOHhOU0swNmJPaGNCV3JDcExSUUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBnBAIAATBhMAsDAwPB6AME
AMHoBgMEA8HoCAMEAMHoEQMEAMHoEzAMAwQBwegWAwQFwegAMAwDBAbB6MADBAHB
6MQwDAMEAMHozwMEAcHo0AMEAMHo1AMEAcHo2gMEAcJV0AMEAcJV1DANBgkqhkiG
9w0BAQsFAAOCAQEAWFTbBauc9wOUMWlnUaJT/nWrTfqgJlh3gWFyufWGmMCWE4Pr
ZtOScKPMdg6QfGpaNkQYgEOU7OSxO6PL/lfipyLpcEJY1hpGkuC9/GTGXGTtJ6AV
eFJrToc97oJLbZnAs3afTz+nsZcdkAwqijPY4cKQgYJyVH/8gM7jKwVaxyDrcxW6
/G71CRhMVvf40L69MNQmBGJs/WV8n2Z47ghKzXqqMOQI8Dvl5FsPlXJd6Uz6tjUL
Pl1lZS3IrsSXhiuAoH0J48wnCmylQkAZcf8A8zgWj/dUu/je92WHMeBpRK35OCAC
HiKORocbRte3x13F6lR6eFIrJj136rUtA9P36g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:05:35 2025 by rpki-client