Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/R58VI4djkhuTbXDo3hCSWbF2SfI.roa
File: R58VI4djkhuTbXDo3hCSWbF2SfI.roa (raw, json)
Hash identifier: gdpzf+9dUzabaRUv1tTCbN/KkebRL5xDOj+Hgg500R4=
Subject key identifier: 47:9F:15:23:87:63:92:1B:93:6D:70:E8:DE:10:92:59:B1:76:49:F2
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01954D0E08F28154965F6ED7BBF65688A8E4
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/R58VI4djkhuTbXDo3hCSWbF2SfI.roa
Signing time: Fri 28 Feb 2025 14:55:20 +0000
ROA not before: Fri 28 Feb 2025 14:55:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203052
IP address blocks: 192.121.204.0/22 maxlen: 22
192.176.224.0/22 maxlen: 22
193.180.76.0/22 maxlen: 22
193.234.128.0/21 maxlen: 24
193.234.128.0/22 maxlen: 22
194.132.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 03 Mar 2025 07:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:0e:08:f2:81:54:96:5f:6e:d7:bb:f6:56:88:a8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 28 14:55:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=479f15238763921b936d70e8de109259b17649f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:4a:34:05:34:1c:e4:b3:c9:f3:fe:c6:90:
4c:9c:1d:eb:fd:6a:50:a2:95:fc:e8:db:1f:a9:e0:
f3:fe:32:46:a0:5c:13:73:43:ae:24:52:98:45:df:
a9:a6:69:17:00:b7:fe:a2:ef:dd:cc:8e:40:57:b0:
70:4f:aa:9f:c4:4f:a3:7c:ec:64:5c:17:00:de:97:
ba:16:a1:12:6d:8d:95:c4:54:7d:c4:9a:66:79:a9:
bd:40:2b:03:4f:25:f2:79:71:2f:58:db:bb:17:56:
1d:a2:f7:71:15:7b:e3:df:59:dd:79:5a:f6:02:99:
ba:99:b0:cb:02:84:ec:e5:66:f0:f7:e2:ba:5f:48:
84:6e:da:61:90:0c:73:94:63:0b:a5:04:57:14:83:
09:86:e5:1c:e3:96:64:13:0e:85:0a:42:68:00:d6:
d8:da:7e:64:90:00:90:ba:78:ff:9f:fc:ae:ea:30:
e0:7e:62:32:2d:dc:f3:8a:7d:aa:6e:27:c9:1e:56:
7c:d1:f9:53:c0:60:6d:b8:cb:ad:1a:8c:0f:fd:98:
ac:f8:b5:5d:e6:1a:96:27:fe:61:8d:49:d4:fa:ff:
9a:92:6a:58:5f:58:bd:da:a1:55:df:94:d1:d2:15:
33:e1:1f:ff:68:1a:53:57:fb:95:21:1d:23:73:f2:
ee:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9F:15:23:87:63:92:1B:93:6D:70:E8:DE:10:92:59:B1:76:49:F2
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/R58VI4djkhuTbXDo3hCSWbF2SfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.204.0/22
192.176.224.0/22
193.180.76.0/22
193.234.128.0/21
194.132.72.0/22
Signature Algorithm: sha256WithRSAEncryption
62:7c:f5:f1:13:f3:ab:fe:1f:87:48:98:d5:8a:8a:3d:ee:70:
2c:4b:0b:5b:8b:d6:92:3c:be:68:bd:c8:1c:60:a3:0d:d7:cd:
57:ed:94:18:dc:97:6f:a5:99:c5:10:d7:ba:1b:b2:e8:2f:59:
d5:b0:13:09:78:0f:be:43:23:3c:04:8e:87:02:9f:00:39:29:
f2:73:81:99:01:a9:98:44:cb:fa:37:e1:63:71:9d:0c:b9:16:
32:fd:78:94:c6:9c:b2:79:29:be:51:1e:10:87:e5:34:06:99:
93:d5:9f:10:c8:65:55:ee:b7:03:b1:25:9e:b2:30:25:62:f3:
91:31:18:b5:c7:c7:ba:d5:ab:6c:c1:1e:0a:71:7c:ef:3a:a6:
42:68:2e:a4:41:56:89:72:aa:16:db:46:41:59:35:3c:ec:52:
2f:5c:e4:2d:e4:57:cb:a5:e9:bb:a8:78:ef:fc:1d:38:89:1e:
11:67:1e:e0:ac:18:a4:a4:63:aa:89:cc:43:f9:2b:f8:ca:88:
d0:98:b8:6b:4d:2b:dc:4e:cd:04:12:71:1b:fd:f6:d9:56:15:
ed:7b:40:31:52:69:cd:b2:06:7c:af:4f:93:f0:3e:4d:bd:13:
55:6f:52:62:60:4a:62:7f:bd:75:5d:2d:19:8e:1f:8f:eb:73:
e7:45:e3:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVNDgjygVSWX27Xu/ZWiKjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMjI4MTQ1NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzlmMTUyMzg3NjM5MjFiOTM2ZDcwZThkZTEwOTI1OWIxNzY0OWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn01KNAU0HOSzyfP+xpBMnB3r/WpQ
opX86NsfqeDz/jJGoFwTc0OuJFKYRd+ppmkXALf+ou/dzI5AV7BwT6qfxE+jfOxk
XBcA3pe6FqESbY2VxFR9xJpmeam9QCsDTyXyeXEvWNu7F1YdovdxFXvj31ndeVr2
Apm6mbDLAoTs5Wbw9+K6X0iEbtphkAxzlGMLpQRXFIMJhuUc45ZkEw6FCkJoANbY
2n5kkACQunj/n/yu6jDgfmIyLdzzin2qbifJHlZ80flTwGBtuMutGowP/Zis+LVd
5hqWJ/5hjUnU+v+akmpYX1i92qFV35TR0hUz4R//aBpTV/uVIR0jc/Lu2wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEefFSOHY5Ibk21w6N4QklmxdknyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUjU4Vkk0ZGpraHVUYlhEbzNoQ1NXYkYyU2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwHnMAwQC
wLDgAwQCwbRMAwQDweqAAwQCwoRIMA0GCSqGSIb3DQEBCwUAA4IBAQBifPXxE/Or
/h+HSJjVioo97nAsSwtbi9aSPL5ovcgcYKMN181X7ZQY3JdvpZnFENe6G7LoL1nV
sBMJeA++QyM8BI6HAp8AOSnyc4GZAamYRMv6N+FjcZ0MuRYy/XiUxpyyeSm+UR4Q
h+U0BpmT1Z8QyGVV7rcDsSWesjAlYvORMRi1x8e61atswR4KcXzvOqZCaC6kQVaJ
cqoW20ZBWTU87FIvXOQt5FfLpem7qHjv/B04iR4RZx7grBikpGOqicxD+Sv4yojQ
mLhrTSvcTs0EEnEb/fbZVhXte0AxUmnNsgZ8r0+T8D5NvRNVb1JiYEpif711XS0Z
jh+P63PnReNy
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:37 2025 by rpki-client