Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/X_hpqM4HM60s1MIwfWPLeNUpIVk.roa
File: X_hpqM4HM60s1MIwfWPLeNUpIVk.roa (raw, json)
Hash identifier: mUT2CsuAPbeXZUKvHFfOr7i60UrKi182uYlhUBDUVNM=
Subject key identifier: 5F:F8:69:A8:CE:07:33:AD:2C:D4:C2:30:7D:63:CB:78:D5:29:21:59
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0193839DB327D19F601A34E18371E7324071
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/X_hpqM4HM60s1MIwfWPLeNUpIVk.roa
Signing time: Sun 01 Dec 2024 19:06:10 +0000
ROA not before: Sun 01 Dec 2024 19:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 5.182.184.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 18:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:83:9d:b3:27:d1:9f:60:1a:34:e1:83:71:e7:32:40:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Dec 1 19:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff869a8ce0733ad2cd4c2307d63cb78d5292159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:85:68:ed:cf:86:46:85:e7:b9:30:f7:c4:a3:
bd:36:79:c2:30:14:e0:86:0c:70:b0:36:99:de:be:
fd:1e:e0:52:b4:39:36:56:e0:57:a9:eb:bc:db:e0:
96:05:6f:19:d7:b5:ab:0b:98:98:d7:23:8a:59:5e:
8c:4b:5f:d1:b7:d1:10:11:a1:f3:cd:b2:b6:d5:35:
83:6e:5a:0f:2e:ef:00:db:de:b2:81:f0:7f:8b:a6:
30:2b:8f:13:da:bb:d9:fa:69:e4:50:cc:d9:33:35:
ac:87:c5:d9:4c:ed:33:d3:7c:ab:dd:c7:bc:0c:ae:
f8:e4:2c:87:94:51:46:a9:cd:96:6d:fc:7b:77:76:
a5:da:23:ff:01:df:4a:15:16:92:7a:b9:38:3e:81:
3b:11:89:90:03:d6:cb:15:66:65:bd:45:54:e4:06:
13:58:db:43:3c:2d:be:a7:9e:c2:22:7f:08:e4:7e:
71:19:66:ca:c9:2d:a2:06:15:74:b0:b2:77:15:14:
e4:e4:ed:84:7d:bf:f0:45:5f:2c:f7:dc:ec:32:e5:
bc:a2:e2:6f:1e:46:9d:2e:a9:9f:50:90:5f:06:6c:
0c:70:89:ff:58:24:49:04:8e:7f:9e:bb:dc:ae:ad:
5b:1a:39:60:19:15:44:c1:61:54:81:ea:b0:1e:1c:
ac:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F8:69:A8:CE:07:33:AD:2C:D4:C2:30:7D:63:CB:78:D5:29:21:59
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/X_hpqM4HM60s1MIwfWPLeNUpIVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/24
79.98.182.0/24
162.218.89.0/24
162.218.93.0/24
185.52.136.0/24
185.52.139.0/24
185.161.191.0/24
185.171.126.0/24
185.187.214.0/23
185.205.206.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:38:21:cc:d5:fe:04:98:4d:b6:46:6d:29:b3:1e:42:29:8e:
f4:a7:06:28:16:9a:f4:da:41:5d:87:85:1d:da:77:34:06:93:
32:bc:7d:c7:74:86:80:c7:9a:91:03:42:39:ba:69:af:37:71:
71:fa:cc:9e:b5:32:01:e1:a5:94:d3:9d:52:2d:01:a6:2f:c2:
0a:59:94:5a:65:d4:50:28:85:26:0a:c9:91:6b:b4:42:72:ab:
28:72:ee:24:6e:f8:f8:94:5a:08:09:dd:8c:e1:d1:57:9a:dd:
0b:3c:7a:3e:54:62:c3:ae:8a:c7:fd:34:97:1e:cc:99:eb:c3:
4f:39:2f:1d:da:54:52:8b:21:c8:d5:b5:52:1e:7d:e0:c0:53:
41:22:21:2d:9b:42:88:57:7d:28:41:61:f3:4f:33:3a:85:0d:
8a:3e:9b:d6:ee:3e:53:b4:dc:0b:c4:e9:26:16:ea:e8:3f:c8:
59:e7:9a:9b:52:3b:21:0b:7c:82:a6:6c:99:46:bc:4f:ec:07:
5d:c4:ae:5e:9e:b4:eb:3b:96:b7:cf:2d:c2:b1:f9:55:47:e5:
8b:c0:88:5b:2e:6b:44:6d:fd:95:32:45:ac:71:c4:5a:46:86:
86:ba:3b:1e:e3:35:36:79:76:4d:2b:a6:8d:14:d1:aa:ce:c3:
88:d6:59:ba
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZODnbMn0Z9gGjThg3HnMkBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMjAxMTkwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY4NjlhOGNlMDczM2FkMmNkNGMyMzA3ZDYzY2I3OGQ1MjkyMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooVo7c+GRoXnuTD3xKO9NnnCMBTg
hgxwsDaZ3r79HuBStDk2VuBXqeu82+CWBW8Z17WrC5iY1yOKWV6MS1/Rt9EQEaHz
zbK21TWDbloPLu8A296ygfB/i6YwK48T2rvZ+mnkUMzZMzWsh8XZTO0z03yr3ce8
DK745CyHlFFGqc2Wbfx7d3al2iP/Ad9KFRaSerk4PoE7EYmQA9bLFWZlvUVU5AYT
WNtDPC2+p57CIn8I5H5xGWbKyS2iBhV0sLJ3FRTk5O2Efb/wRV8s99zsMuW8ouJv
HkadLqmfUJBfBmwMcIn/WCRJBI5/nrvcrq1bGjlgGRVEwWFUgeqwHhysWwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFF/4aajOBzOtLNTCMH1jy3jVKSFZMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWF9ocHFNNEhNNjBzMU1Jd2ZXUExlTlVwSVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQABba4AwQA
LUOSAwQATh/OAwQAT2K2AwQAotpZAwQAotpdAwQAuTSIAwQAuTSLAwQAuaG/AwQA
uat+AwQBubvWAwQAuc3OMAwDBAO50JgDBAC50JoDBAC55nkwDQYJKoZIhvcNAQEL
BQADggEBAFw4IczV/gSYTbZGbSmzHkIpjvSnBigWmvTaQV2HhR3adzQGkzK8fcd0
hoDHmpEDQjm6aa83cXH6zJ61MgHhpZTTnVItAaYvwgpZlFpl1FAohSYKyZFrtEJy
qyhy7iRu+PiUWggJ3Yzh0Vea3Qs8ej5UYsOuisf9NJcezJnrw085Lx3aVFKLIcjV
tVIefeDAU0EiIS2bQohXfShBYfNPMzqFDYo+m9buPlO03AvE6SYW6ug/yFnnmptS
OyELfIKmbJlGvE/sB13Erl6etOs7lrfPLcKx+VVH5YvAiFsua0Rt/ZUyRaxxxFpG
hoa6Ox7jNTZ5dk0rpo0U0arOw4jWWbo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:41:14 2025 by rpki-client