Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/2SmjXgdMca3V7Y1aKBMg0iD_vTg.roa
File: 2SmjXgdMca3V7Y1aKBMg0iD_vTg.roa (raw, json)
Hash identifier: GjEHfFuB30BeyVEBudXwMDZk821POvVkWpvWLjUuIZM=
Subject key identifier: D9:29:A3:5E:07:4C:71:AD:D5:ED:8D:5A:28:13:20:D2:20:FF:BD:38
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 019428237B82C6A6329B00AE8C04069A33E0
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/2SmjXgdMca3V7Y1aKBMg0iD_vTg.roa
Signing time: Thu 02 Jan 2025 17:50:01 +0000
ROA not before: Thu 02 Jan 2025 17:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34636
IP address blocks: 94.139.176.0/21 maxlen: 21
94.139.184.0/22 maxlen: 22
94.139.188.0/24 maxlen: 24
94.139.190.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 07 Jan 2025 12:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7b:82:c6:a6:32:9b:00:ae:8c:04:06:9a:33:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Jan 2 17:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d929a35e074c71add5ed8d5a281320d220ffbd38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:42:36:8b:20:c0:93:75:6f:58:16:6d:ad:
1b:8a:c3:0b:9e:ec:85:7b:df:d4:6f:20:72:ac:a8:
96:57:b8:b3:0b:0e:cb:9c:4f:ed:90:5e:ed:36:c8:
27:6e:8b:0f:e7:61:7e:bc:b7:33:ee:56:e2:b0:b4:
fe:e5:ce:1b:51:5d:f1:1c:cc:69:d0:09:13:05:b9:
07:f1:ce:42:0a:22:61:8b:ef:a4:d0:10:d2:76:eb:
d8:19:71:b1:46:dc:75:81:e6:3a:22:c8:a7:a0:cf:
f7:00:28:7f:75:16:dd:81:a7:67:06:52:ab:bc:57:
8e:d8:a6:14:f7:9b:ab:d5:6c:7b:96:20:a0:7b:3a:
f5:2e:23:28:71:af:30:ee:e5:e4:bf:21:56:d1:f6:
13:5c:41:30:be:97:d8:79:e7:c3:04:67:73:b9:49:
e2:ea:53:c6:ac:c6:8e:fe:14:cd:fe:8a:35:d8:e1:
88:55:1d:05:bd:a5:03:fb:69:ff:1a:64:1f:2d:29:
44:df:f3:a0:82:23:7e:a3:8b:ec:48:94:17:78:b0:
73:e8:17:be:0a:4c:59:48:a5:ce:c1:dd:34:87:8f:
a9:4d:27:02:f4:24:da:8d:2b:21:6e:16:f1:fd:a0:
0b:c6:7c:b9:ab:79:68:f0:f7:e9:7a:d5:cb:7b:f7:
68:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:29:A3:5E:07:4C:71:AD:D5:ED:8D:5A:28:13:20:D2:20:FF:BD:38
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/2SmjXgdMca3V7Y1aKBMg0iD_vTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.176.0-94.139.188.255
94.139.190.0/23
Signature Algorithm: sha256WithRSAEncryption
51:cd:ae:83:08:81:68:32:0a:2c:fd:85:25:16:23:50:3b:a1:
d3:5c:44:2f:06:e6:ae:19:45:f8:45:32:57:63:55:02:c2:35:
c5:02:e0:20:55:42:cb:fe:b1:9a:88:1c:ea:72:4d:91:b1:cf:
71:a6:40:c3:71:f2:eb:bb:78:22:d0:2d:31:3b:78:62:1a:92:
6b:e8:96:b5:cf:c1:40:e9:68:ff:5d:9f:47:d5:af:41:ba:2e:
66:43:64:85:c2:5b:31:0d:4f:63:a2:00:a4:b0:be:90:9f:b3:
84:fc:d5:7f:62:91:53:c3:88:01:54:6e:64:38:e5:21:ec:8b:
e0:67:3c:0b:89:f6:87:e7:bb:1a:c6:2a:dc:eb:7b:22:d2:e6:
db:5b:06:90:3a:06:7c:85:2b:64:c0:6e:14:70:d3:eb:39:0b:
58:08:45:4b:3d:0c:94:08:21:48:dd:2e:ac:c8:e1:5a:31:31:
7d:12:eb:52:6f:f6:88:03:4f:38:b9:a3:5a:80:ea:1e:4a:bf:
1d:00:82:79:f6:ea:ea:4f:1f:36:e2:f5:51:9a:a4:39:47:b0:
4d:19:69:5a:96:ab:18:89:bc:1b:31:7e:ec:76:ce:f6:0c:cc:
13:ed:2d:b7:31:8a:28:07:67:57:13:2b:be:2d:f5:90:54:ef:
9c:7d:fd:1c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoI3uCxqYymwCujAQGmjPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjUwMTAyMTc1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI5YTM1ZTA3NGM3MWFkZDVlZDhkNWEyODEzMjBkMjIwZmZiZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF1CNosgwJN1b1gWba0bisMLnuyF
e9/UbyByrKiWV7izCw7LnE/tkF7tNsgnbosP52F+vLcz7lbisLT+5c4bUV3xHMxp
0AkTBbkH8c5CCiJhi++k0BDSduvYGXGxRtx1geY6IsinoM/3ACh/dRbdgadnBlKr
vFeO2KYU95ur1Wx7liCgezr1LiMoca8w7uXkvyFW0fYTXEEwvpfYeefDBGdzuUni
6lPGrMaO/hTN/oo12OGIVR0FvaUD+2n/GmQfLSlE3/OggiN+o4vsSJQXeLBz6Be+
CkxZSKXOwd00h4+pTScC9CTajSshbhbx/aALxny5q3lo8PfpetXLe/doowIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNkpo14HTHGt1e2NWigTINIg/704MB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvMlNtalhnZE1jYTNWN1kxYUtCTWcwaURfdlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARei7AD
BABei7wDBAFei74wDQYJKoZIhvcNAQELBQADggEBAFHNroMIgWgyCiz9hSUWI1A7
odNcRC8G5q4ZRfhFMldjVQLCNcUC4CBVQsv+sZqIHOpyTZGxz3GmQMNx8uu7eCLQ
LTE7eGIakmvolrXPwUDpaP9dn0fVr0G6LmZDZIXCWzENT2OiAKSwvpCfs4T81X9i
kVPDiAFUbmQ45SHsi+BnPAuJ9ofnuxrGKtzreyLS5ttbBpA6BnyFK2TAbhRw0+s5
C1gIRUs9DJQIIUjdLqzI4VoxMX0S61Jv9ogDTzi5o1qA6h5Kvx0Agnn26upPHzbi
9VGapDlHsE0ZaVqWqxiJvBsxfux2zvYMzBPtLbcxiigHZ1cTK74t9ZBU75x9/Rw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:20 2025 by rpki-client