Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/byZBlpSay0PsD1X60dKTXwqq9h4.roa
File: byZBlpSay0PsD1X60dKTXwqq9h4.roa (raw, json)
Hash identifier: 2acVgwP+7DPoX8zbW+cdzEXytvXbxcOQr769irsChQA=
Subject key identifier: 6F:26:41:96:94:9A:CB:43:EC:0F:55:FA:D1:D2:93:5F:0A:AA:F6:1E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01954CEFD330C847C2AFDF4B2D998F95439D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/byZBlpSay0PsD1X60dKTXwqq9h4.roa
Signing time: Fri 28 Feb 2025 14:22:20 +0000
ROA not before: Fri 28 Feb 2025 14:22:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203052
IP address blocks: 192.121.204.0/22 maxlen: 22
192.176.224.0/22 maxlen: 22
193.180.76.0/22 maxlen: 22
193.234.128.0/21 maxlen: 24
194.132.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 28 Feb 2025 14:55:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:ef:d3:30:c8:47:c2:af:df:4b:2d:99:8f:95:43:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 28 14:22:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f264196949acb43ec0f55fad1d2935f0aaaf61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:70:09:cb:a6:d7:3a:3d:d9:e2:36:27:98:14:
c5:29:f4:8d:93:81:33:fb:69:da:a0:7c:4a:b5:0d:
dc:e4:11:98:ed:bd:23:06:4d:bd:8f:a9:44:3e:22:
09:d3:92:22:75:e7:7c:00:e9:a6:f0:fa:ed:7c:29:
a6:61:20:99:d6:b2:94:d6:21:1a:59:fc:27:71:25:
10:fa:52:07:16:b3:b3:fa:d6:fa:92:2b:95:44:23:
9d:61:79:87:29:d5:e0:83:9e:64:a2:51:a5:c8:6d:
c1:68:ce:fb:07:03:15:51:31:37:26:97:55:d2:05:
6a:15:65:3a:db:59:c6:69:5e:46:e8:5e:c6:13:44:
53:3a:e4:de:bd:e1:c1:e6:e9:ae:03:af:fc:d2:25:
b6:11:23:c6:b4:e6:a9:e4:be:76:a8:44:df:95:a8:
e0:bb:86:dc:a0:83:e0:64:7d:f5:2b:42:6f:68:bc:
00:f1:33:f9:ca:2b:c8:4f:a9:19:10:20:3f:d3:4f:
cd:fc:d4:8b:ef:36:82:e8:3b:c5:15:87:fb:d2:99:
cc:15:9e:8a:03:e5:6b:e6:f9:2b:aa:88:64:35:e7:
58:d2:1e:f7:8c:49:80:11:63:61:f0:5a:86:84:9d:
e2:2d:56:6b:29:21:57:06:ff:bd:95:b2:23:38:50:
91:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:26:41:96:94:9A:CB:43:EC:0F:55:FA:D1:D2:93:5F:0A:AA:F6:1E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/byZBlpSay0PsD1X60dKTXwqq9h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.204.0/22
192.176.224.0/22
193.180.76.0/22
193.234.128.0/21
194.132.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:ad:e1:41:da:c2:ea:39:5c:e2:f9:ec:df:7d:4f:bd:a7:fa:
d1:85:b6:a5:d7:ef:e2:bd:57:cd:61:14:cb:48:7e:a4:26:38:
e5:f0:a3:e1:b0:e5:87:17:83:17:41:cf:3e:db:56:c2:ac:66:
55:18:23:5e:d5:83:fe:ce:ba:be:98:14:f4:e3:df:cf:6b:46:
75:fc:cc:fc:26:c8:ac:4f:82:fc:cb:39:ef:81:b1:53:84:b0:
d1:e3:37:1f:68:a0:ee:5f:66:d2:f4:53:f8:14:c2:a6:4a:13:
c4:2f:49:5a:70:92:9a:10:0e:c7:52:da:9d:60:cf:9a:82:67:
5f:99:f7:ae:1e:a8:d2:c2:3b:35:5a:df:f7:1f:91:b9:4f:90:
36:be:bb:33:84:02:99:04:9e:63:84:a4:a4:f7:54:34:ac:82:
3f:67:50:3b:58:a9:9e:d3:60:95:30:20:85:df:04:6b:c6:f2:
2c:91:57:84:60:57:e4:e8:2a:b3:98:45:68:fb:98:d6:f4:8a:
ca:50:7a:d5:09:8a:3f:ef:0b:0e:ae:be:e6:01:8b:03:1d:c5:
fc:7b:44:87:fe:72:b1:4b:a0:1b:23:21:d2:17:18:c2:f7:1a:
af:97:56:4a:ff:50:0a:4f:98:73:89:9e:2b:3b:f0:98:82:e9:
63:5a:61:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVM79MwyEfCr99LLZmPlUOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMjI4MTQyMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI2NDE5Njk0OWFjYjQzZWMwZjU1ZmFkMWQyOTM1ZjBhYWFmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HAJy6bXOj3Z4jYnmBTFKfSNk4Ez
+2naoHxKtQ3c5BGY7b0jBk29j6lEPiIJ05Iided8AOmm8PrtfCmmYSCZ1rKU1iEa
WfwncSUQ+lIHFrOz+tb6kiuVRCOdYXmHKdXgg55kolGlyG3BaM77BwMVUTE3JpdV
0gVqFWU621nGaV5G6F7GE0RTOuTeveHB5umuA6/80iW2ESPGtOap5L52qETflajg
u4bcoIPgZH31K0JvaLwA8TP5yivIT6kZECA/00/N/NSL7zaC6DvFFYf70pnMFZ6K
A+Vr5vkrqohkNedY0h73jEmAEWNh8FqGhJ3iLVZrKSFXBv+9lbIjOFCRrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG8mQZaUmstD7A9V+tHSk18KqvYeMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYnlaQmxwU2F5MFBzRDFYNjBkS1RYd3FxOWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwHnMAwQC
wLDgAwQCwbRMAwQDweqAAwQCwoRIMA0GCSqGSIb3DQEBCwUAA4IBAQANreFB2sLq
OVzi+ezffU+9p/rRhbal1+/ivVfNYRTLSH6kJjjl8KPhsOWHF4MXQc8+21bCrGZV
GCNe1YP+zrq+mBT049/Pa0Z1/Mz8JsisT4L8yznvgbFThLDR4zcfaKDuX2bS9FP4
FMKmShPEL0lacJKaEA7HUtqdYM+agmdfmfeuHqjSwjs1Wt/3H5G5T5A2vrszhAKZ
BJ5jhKSk91Q0rII/Z1A7WKme02CVMCCF3wRrxvIskVeEYFfk6CqzmEVo+5jW9IrK
UHrVCYo/7wsOrr7mAYsDHcX8e0SH/nKxS6AbIyHSFxjC9xqvl1ZK/1AKT5hziZ4r
O/CYguljWmEL
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:04:55 2025 by rpki-client