Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/xmNy2VtWjZ8YxNFvNh3dVLe3W4M.roa
File: xmNy2VtWjZ8YxNFvNh3dVLe3W4M.roa (raw, json)
Hash identifier: XDaXMB++0g7/KlAeb9NGEoUOtLNe6wH/V5tDFx0OtBg=
Subject key identifier: C6:63:72:D9:5B:56:8D:9F:18:C4:D1:6F:36:1D:DD:54:B7:B7:5B:83
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 01941FFA22F36E03C34E3D22AB0C6B50A792
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/xmNy2VtWjZ8YxNFvNh3dVLe3W4M.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15435
IP address blocks: 62.238.128.0/17 maxlen: 24
81.172.128.0/17 maxlen: 24
141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
149.143.64.0/18 maxlen: 24
185.200.96.0/22 maxlen: 24
212.92.64.0/19 maxlen: 24
212.115.192.0/19 maxlen: 24
213.34.224.0/19 maxlen: 24
217.63.64.0/19 maxlen: 24
217.102.240.0/20 maxlen: 24
2a02:f68::/29 maxlen: 48
2a07:31c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Mar 2025 14:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:22:f3:6e:03:c3:4e:3d:22:ab:0c:6b:50:a7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c66372d95b568d9f18c4d16f361ddd54b7b75b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:6d:63:93:7f:89:da:d6:bd:45:cc:b8:9c:
3f:9b:00:b2:81:7b:5d:19:f8:88:8e:26:d2:8d:fd:
0d:11:6e:55:33:00:93:74:67:2d:de:ca:9b:12:c2:
8a:b5:76:bd:d9:4b:47:96:fa:fc:12:ed:ad:51:b4:
65:e9:1e:11:18:83:8f:b4:2a:30:c7:de:3d:31:5f:
0b:12:e2:25:14:6d:61:09:c8:50:d1:04:05:1a:a4:
96:56:45:92:25:a8:80:f8:a9:b0:a8:58:9b:97:d8:
f0:49:76:94:65:dc:20:3c:be:44:70:9b:cc:48:cc:
46:07:1a:85:01:32:b7:76:b9:9b:5e:43:ba:0f:39:
cd:06:57:29:a1:eb:f5:3f:6a:ce:3d:79:84:8d:bf:
e3:71:d1:39:3f:a8:d0:15:a2:57:4f:dd:67:9d:93:
50:89:7d:43:c7:f7:d4:a0:93:cb:4e:0c:9e:d1:c7:
72:df:3c:f1:f3:df:d0:e0:4e:81:ea:e8:71:52:2f:
5f:30:d8:73:6a:0b:9f:03:62:ca:73:9c:f0:e4:72:
e6:c5:da:96:89:71:97:b3:f5:0b:6f:cf:50:3b:da:
75:e2:6c:33:09:71:bc:6c:23:98:bd:73:3c:c6:45:
6b:e4:f3:48:ae:02:25:7b:e0:93:85:fb:24:c0:54:
05:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:63:72:D9:5B:56:8D:9F:18:C4:D1:6F:36:1D:DD:54:B7:B7:5B:83
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/xmNy2VtWjZ8YxNFvNh3dVLe3W4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.238.128.0/17
81.172.128.0/17
141.224.192.0/18
149.143.32.0-149.143.127.255
185.200.96.0/22
212.92.64.0/19
212.115.192.0/19
213.34.224.0/19
217.63.64.0/19
217.102.240.0/20
IPv6:
2a02:f68::/29
2a07:31c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:a4:9f:9f:e3:c6:e3:24:07:11:ed:cb:e8:42:67:c6:fc:b5:
c8:81:8e:a2:15:9c:cd:ad:13:14:45:fb:8c:00:10:d7:1e:b9:
24:28:07:af:e7:fb:a9:95:76:14:28:26:aa:69:dd:c6:43:cc:
f7:f2:2c:35:6c:23:57:6b:e5:7f:fa:da:3b:68:0d:51:8c:8d:
4a:25:db:7e:ed:5e:be:19:ba:cc:6d:c9:84:94:42:86:cd:9d:
4f:41:3a:de:78:82:5c:ee:fd:53:66:2c:82:0a:d4:b7:a5:3d:
b9:ad:ae:ed:00:57:2c:37:bb:54:67:ad:05:b6:30:a7:56:7b:
f9:75:95:8f:5c:a3:72:08:95:25:d7:22:77:b2:c5:cb:67:f2:
63:c1:b8:bb:1f:65:57:c2:e8:be:63:3a:71:11:b0:f9:12:99:
2c:1d:6e:89:2e:1d:38:19:3a:80:8b:71:ab:9b:24:53:a9:2f:
63:b8:fd:22:2e:4d:5b:2a:03:f0:fd:c4:ed:98:d4:bf:af:1c:
b8:cd:8f:8e:35:60:cb:dd:32:33:5a:c1:e6:21:4c:0c:0a:be:
07:d4:a1:78:2e:de:a8:2e:5e:9e:74:82:8a:21:da:b9:1f:da:
76:a7:3c:db:44:a0:b5:63:ca:75:90:7c:2f:d7:b7:90:2e:38:
07:c8:3a:17
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQf+iLzbgPDTj0iqwxrUKeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz
OWNkYjgwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYzNzJkOTViNTY4ZDlmMThjNGQxNmYzNjFkZGQ1NGI3Yjc1YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wJtY5N/idrWvUXMuJw/mwCygXtd
GfiIjibSjf0NEW5VMwCTdGct3sqbEsKKtXa92UtHlvr8Eu2tUbRl6R4RGIOPtCow
x949MV8LEuIlFG1hCchQ0QQFGqSWVkWSJaiA+KmwqFibl9jwSXaUZdwgPL5EcJvM
SMxGBxqFATK3drmbXkO6DznNBlcpoev1P2rOPXmEjb/jcdE5P6jQFaJXT91nnZNQ
iX1Dx/fUoJPLTgye0cdy3zzx89/Q4E6B6uhxUi9fMNhzagufA2LKc5zw5HLmxdqW
iXGXs/ULb89QO9p14mwzCXG8bCOYvXM8xkVr5PNIrgIle+CThfskwFQFtQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMZjctlbVo2fGMTRbzYd3VS3t1uDMB8GA1UdIwQY
MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt
M2E1NjI4Y2M4MWQ5LzEveG1OeTJWdFdqWjhZeE5Gdk5oM2RWTGUzVzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5
LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBKBAIAATBEAwQHPu6AAwQH
UayAAwQGjeDAMAwDBAWVjyADBAeVjwADBAK5yGADBAXUXEADBAXUc8ADBAXVIuAD
BAXZP0ADBATZZvAwFAQCAAIwDgMFAyoCD2gDBQMqBzHAMA0GCSqGSIb3DQEBCwUA
A4IBAQB4pJ+f48bjJAcR7cvoQmfG/LXIgY6iFZzNrRMURfuMABDXHrkkKAev5/up
lXYUKCaqad3GQ8z38iw1bCNXa+V/+to7aA1RjI1KJdt+7V6+GbrMbcmElEKGzZ1P
QTreeIJc7v1TZiyCCtS3pT25ra7tAFcsN7tUZ60FtjCnVnv5dZWPXKNyCJUl1yJ3
ssXLZ/Jjwbi7H2VXwui+YzpxEbD5EpksHW6JLh04GTqAi3GrmyRTqS9juP0iLk1b
KgPw/cTtmNS/rxy4zY+ONWDL3TIzWsHmIUwMCr4H1KF4Lt6oLl6edIKKIdq5H9p2
pzzbRKC1Y8p1kHwv17eQLjgHyDoX
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:20 2025 by rpki-client