Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Xm2Y0BFxXzb8GK65BWE1SvWtejY.roa
File: Xm2Y0BFxXzb8GK65BWE1SvWtejY.roa (raw, json)
Hash identifier: 59bUcO4rblxa+Omo/cROeHowgtCJ2NZH1yxpWuVqwxo=
Subject key identifier: 5E:6D:98:D0:11:71:5F:36:FC:18:AE:B9:05:61:35:4A:F5:AD:7A:36
Certificate issuer: /CN=51bfb46353bfcccff9412dcbdd480f19b4c98397
Certificate serial: 0194CBA6625120EDF0FC137B7D95C1DD0A71
Authority key identifier: 51:BF:B4:63:53:BF:CC:CF:F9:41:2D:CB:DD:48:0F:19:B4:C9:83:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Xm2Y0BFxXzb8GK65BWE1SvWtejY.roa
Signing time: Mon 03 Feb 2025 11:51:06 +0000
ROA not before: Mon 03 Feb 2025 11:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25070
IP address blocks: 88.135.188.0/24 maxlen: 24
109.197.33.0/24 maxlen: 24
109.197.34.0/24 maxlen: 24
109.197.38.0/24 maxlen: 24
195.200.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 15:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:a6:62:51:20:ed:f0:fc:13:7b:7d:95:c1:dd:0a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51bfb46353bfcccff9412dcbdd480f19b4c98397
Validity
Not Before: Feb 3 11:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e6d98d011715f36fc18aeb90561354af5ad7a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6d:35:d0:33:1b:cb:4b:91:12:da:69:d8:91:
8a:5a:e3:58:78:e3:d7:56:54:df:05:eb:f1:95:3f:
ad:ca:5f:09:e8:86:69:a0:53:0f:90:83:0e:9c:1d:
cb:4d:5f:8f:73:8e:47:78:54:d0:eb:4a:ab:19:72:
e4:5e:d7:00:b2:a3:4f:c1:c5:7a:91:00:4f:a7:25:
a9:de:c8:a6:60:23:17:7c:23:f9:1a:8f:7d:4d:2e:
1f:ed:73:d1:8e:01:69:b7:05:b7:fb:cd:d7:c9:f5:
ed:b3:cb:35:98:85:8d:f5:79:bb:d8:75:1d:45:e5:
02:97:43:2a:b6:4f:24:38:02:a5:fb:8d:6f:a5:8a:
a6:bb:ca:cd:91:0e:4e:49:c1:7b:01:75:0c:ad:7a:
c1:e0:d5:f7:45:eb:7b:0a:d8:c1:d0:26:16:53:6f:
1a:1f:0a:e8:c6:8b:4c:67:ce:88:0d:cb:14:af:b4:
d4:41:af:97:5e:d4:95:84:da:e0:5d:5a:c3:53:43:
9c:c0:78:7f:82:2b:d0:3e:d6:d2:8a:0d:bf:6b:7c:
db:56:7f:b2:74:4e:7d:16:26:18:70:11:e3:41:dc:
7d:e2:55:8a:48:42:11:31:df:8d:bc:9e:79:9f:0a:
cd:d5:5f:71:2e:d6:fd:c8:ea:e4:d7:fc:fc:02:7f:
fa:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:6D:98:D0:11:71:5F:36:FC:18:AE:B9:05:61:35:4A:F5:AD:7A:36
X509v3 Authority Key Identifier:
keyid:51:BF:B4:63:53:BF:CC:CF:F9:41:2D:CB:DD:48:0F:19:B4:C9:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Xm2Y0BFxXzb8GK65BWE1SvWtejY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.188.0/24
109.197.33.0-109.197.34.255
109.197.38.0/24
195.200.206.0/24
Signature Algorithm: sha256WithRSAEncryption
90:68:ed:79:6a:c5:33:86:73:1d:0b:9c:bf:df:fe:02:ed:72:
b1:5e:f6:6e:bb:d3:38:4d:5d:3c:25:00:9e:ba:90:cd:a4:f4:
48:79:06:f6:15:22:dc:51:63:a3:73:8a:12:b7:a8:60:51:9b:
dd:91:dc:3b:87:5d:bb:bd:bf:3e:b5:2c:a1:ac:80:f2:d1:f3:
7b:95:6c:52:bc:a5:99:7b:e7:0c:5c:38:28:f4:4a:2e:eb:10:
2b:ad:c2:08:ca:21:7b:d2:a2:cf:60:ac:4f:db:59:e5:60:d5:
f5:70:4d:74:ff:7e:20:86:bf:f2:6a:8e:3c:ee:ca:5b:1f:5b:
4e:e1:53:04:bc:96:92:c3:80:e5:a5:51:47:3c:01:da:e2:9a:
4d:02:ca:13:76:fe:04:a5:9c:09:80:5f:8c:f4:24:32:7d:82:
d9:20:e9:45:b2:ca:30:a6:c6:40:ef:17:e9:ef:e1:b1:dc:63:
48:46:36:cb:c8:b6:ed:78:79:88:31:68:32:b7:d7:97:1c:88:
f3:72:01:98:03:f5:c4:67:19:93:7a:aa:f3:10:17:64:c6:2a:
06:2f:f4:07:ca:97:03:8b:33:3b:f4:c6:4d:04:12:6d:2a:fd:
80:9e:8e:89:f4:20:a4:5a:24:04:27:ff:c6:3e:4f:a9:8e:d9:
51:d3:48:b1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZTLpmJRIO3w/BN7fZXB3QpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYmZiNDYzNTNiZmNjY2ZmOTQxMmRjYmRkNDgwZjE5YjRj
OTgzOTcwHhcNMjUwMjAzMTE1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTZkOThkMDExNzE1ZjM2ZmMxOGFlYjkwNTYxMzU0YWY1YWQ3YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2010DMby0uREtpp2JGKWuNYeOPX
VlTfBevxlT+tyl8J6IZpoFMPkIMOnB3LTV+Pc45HeFTQ60qrGXLkXtcAsqNPwcV6
kQBPpyWp3simYCMXfCP5Go99TS4f7XPRjgFptwW3+83XyfXts8s1mIWN9Xm72HUd
ReUCl0Mqtk8kOAKl+41vpYqmu8rNkQ5OScF7AXUMrXrB4NX3Ret7CtjB0CYWU28a
HwroxotMZ86IDcsUr7TUQa+XXtSVhNrgXVrDU0OcwHh/givQPtbSig2/a3zbVn+y
dE59FiYYcBHjQdx94lWKSEIRMd+NvJ55nwrN1V9xLtb9yOrk1/z8An/6MQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF5tmNARcV82/BiuuQVhNUr1rXo2MB8GA1UdIwQY
MBaAFFG/tGNTv8zP+UEty91IDxm0yYOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWItMFkxT196TV81UVMzTDNVZ1BHYlRKZzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kOTI1NTctOGM0Ni00ODJjLTkxYTgt
YzFlOTc0YmVkMTJlLzEvWG0yWTBCRnhYemI4R0s2NUJXRTFTdld0ZWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kOTI1NTctOGM0Ni00ODJjLTkxYTgtYzFlOTc0YmVkMTJl
LzEvVWItMFkxT196TV81UVMzTDNVZ1BHYlRKZzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWIe8MAwD
BABtxSEDBABtxSIDBABtxSYDBADDyM4wDQYJKoZIhvcNAQELBQADggEBAJBo7Xlq
xTOGcx0LnL/f/gLtcrFe9m670zhNXTwlAJ66kM2k9Eh5BvYVItxRY6NzihK3qGBR
m92R3DuHXbu9vz61LKGsgPLR83uVbFK8pZl75wxcOCj0Si7rECutwgjKIXvSos9g
rE/bWeVg1fVwTXT/fiCGv/JqjjzuylsfW07hUwS8lpLDgOWlUUc8Adrimk0CyhN2
/gSlnAmAX4z0JDJ9gtkg6UWyyjCmxkDvF+nv4bHcY0hGNsvItu14eYgxaDK315cc
iPNyAZgD9cRnGZN6qvMQF2TGKgYv9AfKlwOLMzv0xk0EEm0q/YCejon0IKRaJAQn
/8Y+T6mO2VHTSLE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:43:06 2025 by rpki-client