Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/xBy1krvzt2oCjh12XneEoy8SQFo.roa
File: xBy1krvzt2oCjh12XneEoy8SQFo.roa (raw, json)
Hash identifier: zfN09qRfOP4i8zNXXnoNpuAd5T6zS7QaO7Gom3k3fOg=
Subject key identifier: C4:1C:B5:92:BB:F3:B7:6A:02:8E:1D:76:5E:77:84:A3:2F:12:40:5A
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 0194939CFD5A834ED62885C9C335C6C08441
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/xBy1krvzt2oCjh12XneEoy8SQFo.roa
Signing time: Thu 23 Jan 2025 14:42:06 +0000
ROA not before: Thu 23 Jan 2025 14:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5411
IP address blocks: 82.196.160.0/19 maxlen: 19
82.196.160.0/20 maxlen: 20
82.196.176.0/20 maxlen: 20
185.222.176.0/22 maxlen: 22
185.222.178.0/23 maxlen: 23
193.8.32.0/22 maxlen: 22
193.8.32.0/23 maxlen: 23
193.8.34.0/23 maxlen: 23
193.41.168.0/23 maxlen: 23
193.41.168.0/24 maxlen: 24
193.41.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 09:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:9c:fd:5a:83:4e:d6:28:85:c9:c3:35:c6:c0:84:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 23 14:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c41cb592bbf3b76a028e1d765e7784a32f12405a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:aa:51:91:c7:fc:c4:48:52:6a:17:f0:26:cd:
d4:93:95:52:1e:e4:95:82:32:fd:0a:68:2a:fe:2d:
06:fc:6f:04:c3:b3:71:39:c9:fc:b4:50:26:68:fc:
e1:c8:5f:e9:6f:8e:22:67:5d:ed:db:7d:22:91:c6:
41:00:39:02:5d:15:13:34:f4:36:ae:cb:e6:4b:d8:
12:c1:ca:9d:7c:8d:0b:37:33:de:15:02:cc:53:a0:
dd:a3:d2:59:46:ae:ef:4a:3a:06:8e:fb:df:1e:7e:
8f:84:68:c2:57:ef:4a:23:bf:23:cb:69:a2:a5:24:
00:c6:c3:c3:49:f8:a9:65:2e:53:dc:46:68:7f:bf:
d1:8f:ba:7b:09:17:68:c7:78:7d:49:0a:bc:56:2b:
12:c0:38:5a:47:c8:db:df:ec:77:46:01:be:1b:98:
c3:3b:7f:8f:5c:03:62:ab:b0:2d:35:c3:64:aa:a1:
d4:23:2c:82:9f:75:19:65:22:e7:4c:3a:0d:60:a3:
e5:60:c6:65:ee:c1:58:2a:b0:ca:5c:8b:ab:32:27:
01:4e:bf:0a:71:3d:56:53:ea:f7:56:db:43:15:a9:
43:57:18:66:1d:fe:c5:47:a3:87:91:ba:77:61:f7:
cd:1e:ae:f1:c3:ef:55:ab:88:30:81:8f:2f:dc:97:
b3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1C:B5:92:BB:F3:B7:6A:02:8E:1D:76:5E:77:84:A3:2F:12:40:5A
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/xBy1krvzt2oCjh12XneEoy8SQFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.160.0/19
185.222.176.0/22
193.8.32.0/22
193.41.168.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:ba:eb:89:1c:7a:c4:38:b9:85:d0:8e:ac:77:99:c4:96:46:
0f:42:62:05:07:5c:bc:5b:d3:57:51:80:63:9a:bd:72:42:e9:
09:6a:9a:0f:85:c3:0c:9b:0c:da:d4:7d:80:ad:93:6c:63:59:
e7:3c:61:b8:5c:ed:33:13:d3:c0:00:a6:3e:23:64:b8:34:1b:
d4:55:9c:2c:76:a8:88:b6:a5:9e:0a:6e:42:a3:20:f3:c8:9a:
98:99:e9:51:1b:b4:ab:17:54:50:dd:64:f7:9b:27:c3:33:2b:
14:cc:e6:57:3b:a4:f5:85:ff:25:b4:75:c9:88:5c:4f:de:e6:
bd:f0:b5:89:48:71:09:4d:b3:92:c8:7d:75:82:ea:ef:80:4c:
0b:7d:9e:6d:ef:f6:cb:6c:52:dd:8b:b9:98:f5:61:0e:60:e5:
93:3d:34:ff:e3:ab:d3:5c:0b:6f:b0:9c:3d:65:94:fa:af:2e:
67:75:9c:cc:b6:03:11:37:6a:c5:3e:72:14:a2:2a:1b:75:cc:
0f:e0:af:e6:a9:97:cf:79:30:23:56:16:8a:08:b9:f1:1c:6a:
47:30:10:18:8a:b2:ec:67:79:fb:09:94:74:09:04:08:03:0a:
c2:65:67:f3:5f:dd:bb:f3:41:bb:7e:2e:43:85:37:0b:7d:f9:
f1:c5:64:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZSTnP1ag07WKIXJwzXGwIRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjUwMTIzMTQ0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDFjYjU5MmJiZjNiNzZhMDI4ZTFkNzY1ZTc3ODRhMzJmMTI0MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0apRkcf8xEhSahfwJs3Uk5VSHuSV
gjL9Cmgq/i0G/G8Ew7NxOcn8tFAmaPzhyF/pb44iZ13t230ikcZBADkCXRUTNPQ2
rsvmS9gSwcqdfI0LNzPeFQLMU6Ddo9JZRq7vSjoGjvvfHn6PhGjCV+9KI78jy2mi
pSQAxsPDSfipZS5T3EZof7/Rj7p7CRdox3h9SQq8VisSwDhaR8jb3+x3RgG+G5jD
O3+PXANiq7AtNcNkqqHUIyyCn3UZZSLnTDoNYKPlYMZl7sFYKrDKXIurMicBTr8K
cT1WU+r3VttDFalDVxhmHf7FR6OHkbp3YffNHq7xw+9Vq4gwgY8v3JezHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMQctZK787dqAo4ddl53hKMvEkBaMB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEveEJ5MWtydnp0Mm9DamgxMlhuZUVveThTUUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUsSgAwQC
ud6wAwQCwQggAwQBwSmoMA0GCSqGSIb3DQEBCwUAA4IBAQB9uuuJHHrEOLmF0I6s
d5nElkYPQmIFB1y8W9NXUYBjmr1yQukJapoPhcMMmwza1H2ArZNsY1nnPGG4XO0z
E9PAAKY+I2S4NBvUVZwsdqiItqWeCm5CoyDzyJqYmelRG7SrF1RQ3WT3myfDMysU
zOZXO6T1hf8ltHXJiFxP3ua98LWJSHEJTbOSyH11gurvgEwLfZ5t7/bLbFLdi7mY
9WEOYOWTPTT/46vTXAtvsJw9ZZT6ry5ndZzMtgMRN2rFPnIUoiobdcwP4K/mqZfP
eTAjVhaKCLnxHGpHMBAYirLsZ3n7CZR0CQQIAwrCZWfzX92780G7fi5DhTcLffnx
xWRY
-----END CERTIFICATE-----
Generated at Fri Apr 18 08:27:37 2025 by rpki-client