Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/CLvsLgB7BtJU4LHFYTnJS4vaGtc.roa
File: CLvsLgB7BtJU4LHFYTnJS4vaGtc.roa (raw, json)
Hash identifier: XHucMU1mp8CPqjOOQjXMGVwyKTqFADJGDs9sdKikuEo=
Subject key identifier: 08:BB:EC:2E:00:7B:06:D2:54:E0:B1:C5:61:39:C9:4B:8B:DA:1A:D7
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 019427CAF10D0EFD9D03EDF8837CAAE24116
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/CLvsLgB7BtJU4LHFYTnJS4vaGtc.roa
Signing time: Thu 02 Jan 2025 16:13:18 +0000
ROA not before: Thu 02 Jan 2025 16:13:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209076
IP address blocks: 5.183.111.0/24 maxlen: 24
185.198.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:ca:f1:0d:0e:fd:9d:03:ed:f8:83:7c:aa:e2:41:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 2 16:13:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08bbec2e007b06d254e0b1c56139c94b8bda1ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:26:a4:d2:63:4b:3a:ef:d1:6d:33:cc:5e:5f:
a5:82:e1:12:7a:db:9b:21:b0:5b:a0:68:b1:2c:69:
4a:d8:e8:9f:c0:04:d3:9b:8f:bf:d3:0a:77:c5:84:
a0:2b:ce:48:12:65:7c:f7:7f:ab:c0:fd:15:a3:e4:
83:31:1e:0e:f7:98:a2:1d:da:c2:e7:11:f5:dd:a2:
6d:e9:e1:03:66:6e:b4:38:97:bc:6a:97:fe:ab:6a:
33:5e:92:2a:3f:4e:17:72:21:ed:22:36:0a:bc:4b:
a1:ce:e3:8a:ef:4a:8c:4e:f1:5f:c6:39:18:68:d8:
04:c5:29:da:6f:b2:02:34:62:f6:76:34:e4:fc:2e:
71:a2:ef:c2:5f:5e:f8:c5:e7:b0:59:b0:e0:11:c8:
53:9e:ca:15:fe:5c:d7:a8:77:91:a4:bd:09:24:9b:
af:3b:3a:8b:77:30:31:5c:02:89:66:99:f9:87:dd:
d2:bc:cf:80:9c:3e:83:a5:a8:08:66:09:20:46:63:
91:12:f1:eb:65:46:3f:c7:6c:d7:92:f7:07:21:dc:
09:10:6e:82:64:71:9d:20:ed:cf:67:32:44:bc:96:
25:18:5b:88:c3:52:ea:fe:31:35:bf:a2:5b:98:5f:
81:40:a3:93:ac:e7:19:74:fd:2e:3f:c4:d5:f9:be:
12:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BB:EC:2E:00:7B:06:D2:54:E0:B1:C5:61:39:C9:4B:8B:DA:1A:D7
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/CLvsLgB7BtJU4LHFYTnJS4vaGtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.111.0/24
185.198.210.0/24
Signature Algorithm: sha256WithRSAEncryption
76:57:3b:09:f5:53:9b:c6:76:f8:5c:7c:ae:76:27:2a:ff:a6:
61:a4:ac:dc:1c:93:de:ac:e8:63:b9:b5:ca:4f:59:f2:17:7d:
41:5a:bd:a7:fe:2d:87:98:de:94:6d:07:7c:81:da:11:2d:83:
a9:38:fb:0f:e2:c0:c0:71:a5:72:35:1b:e1:36:ea:e8:f1:93:
2b:c5:17:d9:85:3a:fa:3f:cc:25:20:e2:87:56:82:4b:6f:a6:
dd:2b:e3:15:c8:cf:27:4e:ec:d8:a9:96:71:76:d7:f4:97:62:
10:82:0b:7f:1a:c4:5b:92:ae:2d:a1:50:e0:6d:71:f6:f7:bf:
bc:74:b2:50:e3:a1:6d:99:36:51:b8:f9:c1:a8:8e:16:f5:4f:
98:36:05:e4:9c:3b:e4:9f:63:0c:4f:b1:d7:51:4f:d9:fb:56:
dd:20:7b:e6:f9:2f:91:fd:ab:22:e8:81:9d:66:63:94:86:d8:
2e:8a:fb:12:2b:8e:fc:f7:c1:ff:f6:37:76:af:47:cd:2c:0c:
f5:6e:5c:e3:a1:5a:11:6d:94:7c:f6:7d:3e:14:a6:60:72:d6:
85:98:56:73:ca:ed:c9:87:98:52:e2:f3:e7:d5:80:62:d1:18:
90:b3:6a:8c:11:9c:54:fb:df:07:00:ff:e1:95:50:59:67:0c:
74:aa:45:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnyvENDv2dA+34g3yq4kEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjUwMTAyMTYxMzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJiZWMyZTAwN2IwNmQyNTRlMGIxYzU2MTM5Yzk0YjhiZGExYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiak0mNLOu/RbTPMXl+lguESetub
IbBboGixLGlK2OifwATTm4+/0wp3xYSgK85IEmV893+rwP0Vo+SDMR4O95iiHdrC
5xH13aJt6eEDZm60OJe8apf+q2ozXpIqP04XciHtIjYKvEuhzuOK70qMTvFfxjkY
aNgExSnab7ICNGL2djTk/C5xou/CX174xeewWbDgEchTnsoV/lzXqHeRpL0JJJuv
OzqLdzAxXAKJZpn5h93SvM+AnD6DpagIZgkgRmOREvHrZUY/x2zXkvcHIdwJEG6C
ZHGdIO3PZzJEvJYlGFuIw1Lq/jE1v6JbmF+BQKOTrOcZdP0uP8TV+b4SgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAi77C4AewbSVOCxxWE5yUuL2hrXMB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvQ0x2c0xnQjdCdEpVNExIRllUbkpTNHZhR3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbdvAwQA
ucbSMA0GCSqGSIb3DQEBCwUAA4IBAQB2VzsJ9VObxnb4XHyudicq/6ZhpKzcHJPe
rOhjubXKT1nyF31BWr2n/i2HmN6UbQd8gdoRLYOpOPsP4sDAcaVyNRvhNuro8ZMr
xRfZhTr6P8wlIOKHVoJLb6bdK+MVyM8nTuzYqZZxdtf0l2IQggt/GsRbkq4toVDg
bXH297+8dLJQ46FtmTZRuPnBqI4W9U+YNgXknDvkn2MMT7HXUU/Z+1bdIHvm+S+R
/asi6IGdZmOUhtguivsSK47898H/9jd2r0fNLAz1blzjoVoRbZR89n0+FKZgctaF
mFZzyu3Jh5hS4vPn1YBi0RiQs2qMEZxU+98HAP/hlVBZZwx0qkXx
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:33 2025 by rpki-client