Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/lDpAjx1ulvxypo6DSKdyZgPw3FM.roa
File: lDpAjx1ulvxypo6DSKdyZgPw3FM.roa (raw, json)
Hash identifier: MLQ8WqINiS55ulbdcJE1u/W7HPezAojsjyo5RmkGojs=
Subject key identifier: 94:3A:40:8F:1D:6E:96:FC:72:A6:8E:83:48:A7:72:66:03:F0:DC:53
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018CC3B6B32ABBAA3ECCB88AC84FF5A8987A
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/lDpAjx1ulvxypo6DSKdyZgPw3FM.roa
Signing time: Mon 01 Jan 2024 06:29:39 +0000
ROA not before: Mon 01 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202553
IP address blocks: 147.181.12.0/22 maxlen: 24
147.181.16.0/23 maxlen: 24
147.181.32.0/22 maxlen: 24
147.181.36.0/22 maxlen: 24
147.181.44.0/22 maxlen: 24
147.181.48.0/22 maxlen: 22
147.181.4.0/22 maxlen: 24
147.181.8.0/22 maxlen: 24
2a04:9a00:100e::/48 maxlen: 48
2a04:9a00:1002::/48 maxlen: 48
2a04:9a00:1003::/48 maxlen: 48
2a04:9a00:1006::/48 maxlen: 48
2a04:9a00:1001::/48 maxlen: 48
2a04:9a00:1007::/48 maxlen: 48
2a04:9a00:1005::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b3:2a:bb:aa:3e:cc:b8:8a:c8:4f:f5:a8:98:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 1 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=943a408f1d6e96fc72a68e8348a7726603f0dc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ab:b0:17:c8:d5:cb:08:43:70:c0:8f:6a:59:
4e:12:fb:33:86:63:93:d3:bd:1d:d1:c5:82:07:b3:
2c:a0:5c:fb:e5:52:61:09:a0:aa:0f:40:1f:95:5e:
0c:0a:9b:ec:3d:b2:f1:cf:89:be:45:71:01:65:88:
4d:4a:27:b5:4a:8f:9e:33:04:af:e6:20:a8:27:b8:
04:3e:5a:6c:65:15:f1:1f:9c:27:4b:b8:70:83:cb:
30:6b:cc:20:95:dc:c7:0c:eb:e3:83:40:1e:b9:e8:
1c:98:bb:ee:82:26:07:86:8f:ff:a2:aa:a3:6d:6f:
ec:0c:01:10:c8:62:4d:d3:4f:69:58:85:09:3e:a4:
49:8a:63:b7:9d:7a:ce:98:bd:a8:c5:7d:ab:1d:7a:
51:fc:55:69:37:94:ac:28:83:e0:3d:6c:c7:0f:bb:
29:f9:25:a5:f0:71:7b:5d:46:85:22:44:1a:4c:5a:
19:cb:34:8d:b6:6b:db:a8:a0:b2:6d:7a:eb:56:c6:
c0:16:45:b4:f5:7c:6f:64:57:ae:2f:77:06:06:bf:
fe:ec:32:4f:77:fe:89:00:25:79:9d:4e:20:da:c1:
e6:80:b4:b1:f7:33:ad:a2:12:15:2b:4d:b6:67:c4:
93:ce:ef:e6:27:65:2e:24:45:3b:de:3c:0f:cf:5b:
a6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3A:40:8F:1D:6E:96:FC:72:A6:8E:83:48:A7:72:66:03:F0:DC:53
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/lDpAjx1ulvxypo6DSKdyZgPw3FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.4.0-147.181.17.255
147.181.32.0/21
147.181.44.0-147.181.51.255
IPv6:
2a04:9a00:1001::-2a04:9a00:1003:ffff:ffff:ffff:ffff:ffff
2a04:9a00:1005::-2a04:9a00:1007:ffff:ffff:ffff:ffff:ffff
2a04:9a00:100e::/48
Signature Algorithm: sha256WithRSAEncryption
a4:63:dd:51:a5:25:e7:1e:4e:e6:0a:c1:89:61:4c:f2:8b:9e:
70:7a:b5:f1:b6:7d:be:ac:94:50:cd:8c:97:bd:a6:05:55:09:
6f:ae:0a:2f:b6:14:10:02:3f:3e:9b:61:9d:50:88:ab:1b:4e:
d5:e6:74:90:e4:5a:8e:16:3c:e1:25:5a:80:0d:11:3d:ea:4d:
0a:df:e0:13:96:c1:36:e0:8b:9d:df:2f:d5:e0:d6:30:3d:dd:
cc:85:a4:96:2e:47:e9:69:f0:5a:0b:06:2e:bb:08:fb:6d:c3:
5a:8b:64:f6:79:23:63:52:f4:a6:68:7d:d5:37:60:17:2e:57:
e3:dd:b6:36:91:b2:0b:6e:6d:13:8e:ff:95:c4:2d:65:32:f7:
b4:fd:eb:9e:48:ac:2b:64:ec:38:42:b9:fd:cd:cb:25:66:f0:
fe:08:18:ac:b2:38:c3:19:8b:01:de:cb:23:5c:09:82:8e:62:
be:ba:c2:5f:6c:a0:e7:ce:8d:b3:a0:50:ff:55:f6:4b:f7:fd:
25:5a:1d:f8:78:32:79:e0:97:27:36:77:f1:26:40:e5:e6:af:
d1:7c:6a:53:34:6b:a4:d9:ea:5a:23:53:2b:b7:bf:d7:1a:a3:
e7:e2:63:79:d3:aa:cd:de:d9:d2:c8:70:1f:a8:cb:2d:6e:ea:
12:42:cb:c1
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzDtrMqu6o+zLiKyE/1qJh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTAxMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDNhNDA4ZjFkNmU5NmZjNzJhNjhlODM0OGE3NzI2NjAzZjBkYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6uwF8jVywhDcMCPallOEvszhmOT
070d0cWCB7MsoFz75VJhCaCqD0AflV4MCpvsPbLxz4m+RXEBZYhNSie1So+eMwSv
5iCoJ7gEPlpsZRXxH5wnS7hwg8swa8wgldzHDOvjg0AeuegcmLvugiYHho//oqqj
bW/sDAEQyGJN009pWIUJPqRJimO3nXrOmL2oxX2rHXpR/FVpN5SsKIPgPWzHD7sp
+SWl8HF7XUaFIkQaTFoZyzSNtmvbqKCybXrrVsbAFkW09XxvZFeuL3cGBr/+7DJP
d/6JACV5nU4g2sHmgLSx9zOtohIVK022Z8STzu/mJ2UuJEU73jwPz1umvQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFJQ6QI8dbpb8cqaOg0incmYD8NxTMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvbERwQWp4MXVsdnh5cG82RFNLZHlaZ1B3M0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzAoBAIAATAiMAwDBAKTtQQD
BAGTtRADBAOTtSAwDAMEApO1LAMEApO1MDA3BAIAAjAxMBIDBwAqBJoAEAEDBwIq
BJoAEAAwEgMHACoEmgAQBQMHAyoEmgAQAAMHACoEmgAQDjANBgkqhkiG9w0BAQsF
AAOCAQEApGPdUaUl5x5O5grBiWFM8ouecHq18bZ9vqyUUM2Ml72mBVUJb64KL7YU
EAI/PpthnVCIqxtO1eZ0kORajhY84SVagA0RPepNCt/gE5bBNuCLnd8v1eDWMD3d
zIWkli5H6WnwWgsGLrsI+23DWotk9nkjY1L0pmh91TdgFy5X4922NpGyC25tE47/
lcQtZTL3tP3rnkisK2TsOEK5/c3LJWbw/ggYrLI4wxmLAd7LI1wJgo5ivrrCX2yg
586Ns6BQ/1X2S/f9JVod+HgyeeCXJzZ38SZA5eav0XxqUzRrpNnqWiNTK7e/1xqj
5+JjedOqzd7Z0shwH6jLLW7qEkLLwQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:56:59 2025 by rpki-client