Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4jY9XJSIF2w7mZ45E3N29WQLjeI.roa
File: 4jY9XJSIF2w7mZ45E3N29WQLjeI.roa (raw, json)
Hash identifier: 0KyRVeu/zaq+TiVUsrUWbuQtk+Lijh3ijTmmjNGszJQ=
Subject key identifier: E2:36:3D:5C:94:88:17:6C:3B:99:9E:39:13:73:76:F5:64:0B:8D:E2
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019632F80FD33A81D482F38DA7987548A2C4
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4jY9XJSIF2w7mZ45E3N29WQLjeI.roa
Signing time: Mon 14 Apr 2025 06:23:59 +0000
ROA not before: Mon 14 Apr 2025 06:23:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.137.154.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.151.56.0/24 maxlen: 24
88.209.195.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:32:f8:0f:d3:3a:81:d4:82:f3:8d:a7:98:75:48:a2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Apr 14 06:23:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2363d5c9488176c3b999e39137376f5640b8de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:8b:fa:e8:49:55:c1:73:f0:b1:a0:45:11:
b4:0f:07:f4:d1:59:14:32:24:d7:bc:cb:89:dc:ab:
01:fd:58:fa:6a:c8:8b:9e:8a:fe:91:bd:9d:df:b7:
8a:97:5f:31:41:42:71:37:a4:2d:b3:e3:b1:b7:f4:
e0:78:6e:cc:1f:7a:69:86:f4:e3:47:ba:0c:97:5c:
b4:99:e4:94:68:48:05:81:d2:22:c7:64:92:98:5e:
ec:34:64:61:89:36:b6:66:bb:a7:2e:05:2b:8a:ae:
c9:04:e2:d3:0a:a2:1b:be:b3:f5:50:31:5e:45:e7:
55:72:04:a6:d4:8b:e4:2b:4b:b4:7a:67:79:eb:db:
3c:0a:ac:b7:45:38:33:47:8b:ab:7a:99:88:05:05:
79:2b:51:26:54:b8:85:04:81:82:cc:7f:0c:e5:42:
24:3f:d9:2b:aa:96:b0:e6:29:74:99:fb:7c:d4:55:
26:06:47:3f:b3:52:2f:40:09:b1:aa:7a:59:2c:03:
f5:cf:72:a3:c5:8b:15:0d:09:c0:a4:73:8f:a1:da:
da:30:e1:41:ab:b7:6b:40:b1:6f:9e:3c:65:2c:d2:
94:53:21:2a:ab:eb:ec:ce:0e:b5:1f:9b:1b:1e:35:
cc:1f:42:5c:ac:4a:ac:7c:7e:5f:d7:2e:8b:bc:76:
a4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:36:3D:5C:94:88:17:6C:3B:99:9E:39:13:73:76:F5:64:0B:8D:E2
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/4jY9XJSIF2w7mZ45E3N29WQLjeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.154.0/24
88.151.56.0/23
88.209.195.0/24
88.209.201.0/24
88.209.224.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:ce:2b:c6:25:08:1f:d6:da:16:ff:ad:43:f4:67:3e:78:97:
75:c3:96:e9:60:b6:5e:8a:b8:a1:20:3f:9d:31:6c:44:99:04:
13:64:ac:70:51:55:46:6e:4e:30:31:8a:9a:3e:ae:13:19:0b:
d1:af:bf:9e:42:43:94:6f:ea:18:b8:9e:cd:6f:67:8d:48:80:
b5:a9:7f:c0:5f:42:75:a3:dd:e5:ad:34:0c:85:60:ac:7a:9f:
02:d4:44:66:68:df:af:ad:89:2b:e4:df:d8:35:90:de:f7:d3:
0c:88:60:ae:de:94:6c:a2:31:49:ee:65:1c:b4:d2:3d:51:da:
38:a1:1d:c4:61:ca:44:16:d9:db:01:66:9f:91:55:a4:5f:b2:
45:31:40:e9:28:39:ea:cc:9a:80:79:e9:91:54:42:e2:19:bc:
07:c0:d0:a8:48:ce:84:a3:50:89:27:7d:1b:15:0b:16:7b:76:
95:75:aa:f0:af:55:04:44:b6:15:06:0a:98:7b:94:aa:ff:53:
c5:19:1a:fd:5e:61:3d:ae:64:39:ba:ec:ef:e0:d5:ee:2b:82:
42:63:ad:1f:be:d5:46:cb:cf:8d:49:02:33:91:51:08:3f:e7:
b9:6f:10:83:eb:30:9b:33:18:da:6b:78:c0:c8:0a:06:61:65:
62:66:7c:7a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZYy+A/TOoHUgvONp5h1SKLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNDE0MDYyMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjM2M2Q1Yzk0ODgxNzZjM2I5OTllMzkxMzczNzZmNTY0MGI4ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2yL+uhJVcFz8LGgRRG0Dwf00VkU
MiTXvMuJ3KsB/Vj6asiLnor+kb2d37eKl18xQUJxN6Qts+Oxt/TgeG7MH3pphvTj
R7oMl1y0meSUaEgFgdIix2SSmF7sNGRhiTa2ZrunLgUriq7JBOLTCqIbvrP1UDFe
RedVcgSm1IvkK0u0emd569s8Cqy3RTgzR4urepmIBQV5K1EmVLiFBIGCzH8M5UIk
P9krqpaw5il0mft81FUmBkc/s1IvQAmxqnpZLAP1z3KjxYsVDQnApHOPodraMOFB
q7drQLFvnjxlLNKUUyEqq+vszg61H5sbHjXMH0JcrEqsfH5f1y6LvHakAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOI2PVyUiBdsO5meORNzdvVkC43iMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvNGpZOVhKU0lGMnc3bVo0NUUzTjI5V1FMamVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU4maAwQB
WJc4AwQAWNHDAwQAWNHJAwQBWNHgAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBq
zivGJQgf1toW/61D9Gc+eJd1w5bpYLZeirihID+dMWxEmQQTZKxwUVVGbk4wMYqa
Pq4TGQvRr7+eQkOUb+oYuJ7Nb2eNSIC1qX/AX0J1o93lrTQMhWCsep8C1ERmaN+v
rYkr5N/YNZDe99MMiGCu3pRsojFJ7mUctNI9Udo4oR3EYcpEFtnbAWafkVWkX7JF
MUDpKDnqzJqAeemRVELiGbwHwNCoSM6Eo1CJJ30bFQsWe3aVdarwr1UERLYVBgqY
e5Sq/1PFGRr9XmE9rmQ5uuzv4NXuK4JCY60fvtVGy8+NSQIzkVEIP+e5bxCD6zCb
Mxjaa3jAyAoGYWViZnx6
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:09:52 2025 by rpki-client