Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/XzbyhMwDYpNZjQDC_7uU27JK6G0.roa
File: XzbyhMwDYpNZjQDC_7uU27JK6G0.roa (raw, json)
Hash identifier: 9CMGPNy5I4T8vJYv7bqZpzp2cqUSmnH6OORdqpHNNEI=
Subject key identifier: 5F:36:F2:84:CC:03:62:93:59:8D:00:C2:FF:BB:94:DB:B2:4A:E8:6D
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 019427472B0AD4FC0B3CB100136A3EF2E6E5
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/XzbyhMwDYpNZjQDC_7uU27JK6G0.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209564
IP address blocks: 82.146.23.0/24 maxlen: 24
84.238.223.0/24 maxlen: 24
185.32.148.0/24 maxlen: 24
185.32.149.0/24 maxlen: 24
185.32.150.0/24 maxlen: 24
185.32.151.0/24 maxlen: 24
185.240.182.0/24 maxlen: 24
185.240.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Feb 2025 09:26:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:2b:0a:d4:fc:0b:3c:b1:00:13:6a:3e:f2:e6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f36f284cc036293598d00c2ffbb94dbb24ae86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e0:55:c7:bd:6a:79:54:4d:c5:18:ed:16:50:
61:5b:19:2c:02:78:66:ca:c0:72:fb:b9:89:b0:b5:
db:3d:b5:07:9f:cf:88:d4:df:8f:04:10:ad:39:93:
4d:88:01:7a:b2:54:4b:a5:79:33:17:88:78:3d:60:
89:41:3b:4f:ea:04:57:7e:34:1b:ba:3c:11:d5:4c:
04:08:2a:e1:3f:6d:be:4d:51:e1:2f:91:9b:2e:ca:
88:9c:3f:a9:ef:23:9f:c0:17:13:8f:98:7a:e9:79:
f2:36:b0:ee:69:90:36:2c:24:2d:e4:4d:8f:d2:69:
e3:d6:a5:77:b0:a8:df:e1:5c:55:8b:16:07:b2:0c:
e1:dc:de:75:b9:35:a2:e5:db:79:ba:24:6b:b7:58:
96:e1:74:1c:f7:53:cf:bd:e3:d1:de:8f:f3:43:86:
d0:bd:3c:f7:0d:a1:c4:45:aa:58:51:d7:67:58:73:
69:85:2c:16:dc:ea:a5:02:b1:37:a4:24:41:f9:f1:
ca:d0:37:dc:89:44:78:09:4a:fb:5b:23:3c:97:58:
20:b3:7c:58:23:95:0c:b1:28:9a:ef:ce:81:29:7b:
88:69:8b:b5:69:36:5a:ac:75:98:2c:59:2c:db:1b:
75:61:ff:9a:85:d4:c7:26:cf:b9:c1:29:fb:d4:fb:
29:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:36:F2:84:CC:03:62:93:59:8D:00:C2:FF:BB:94:DB:B2:4A:E8:6D
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/XzbyhMwDYpNZjQDC_7uU27JK6G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.23.0/24
84.238.223.0/24
185.32.148.0/22
185.240.182.0/23
Signature Algorithm: sha256WithRSAEncryption
95:62:ad:a8:7b:c1:62:e9:12:ff:36:71:9d:3a:82:27:e3:27:
df:f7:f0:cc:b1:7a:94:85:dd:f2:5b:3a:4e:70:bc:3b:af:c5:
71:34:6b:7b:64:7b:7f:46:a5:90:48:be:c6:6f:51:22:41:76:
2d:d5:1a:ee:19:32:98:d8:5f:dd:47:f3:a9:b2:7e:2f:28:7e:
48:a2:09:c8:c4:a8:02:94:ef:b3:47:ec:1b:30:32:ff:45:6c:
97:f4:62:f9:01:b6:10:a6:be:41:b5:60:fc:81:e7:6d:d4:aa:
ce:df:c7:77:93:d5:8a:6c:77:a2:ba:76:d3:62:02:07:51:81:
a1:77:b5:f3:d3:ba:10:9c:2f:62:ba:89:aa:29:4c:11:08:a4:
ef:da:6b:a5:17:5e:c0:11:ff:72:cb:73:8b:09:64:16:69:cf:
02:2d:77:f3:72:95:d7:87:1a:2c:40:2d:4e:6b:2f:0d:d4:d0:
6c:a1:dd:37:1f:e9:1e:cd:bc:b1:03:e1:33:fb:75:5d:22:71:
d7:cc:01:36:ee:2e:ca:59:80:ec:ef:91:89:3f:03:6d:87:37:
08:7e:a3:89:7d:cf:92:2f:39:61:91:22:99:05:44:54:9c:ef:
e6:82:0b:57:c2:69:12:eb:6d:06:a0:ca:dc:90:22:c8:1f:3d:
5e:45:2c:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnRysK1PwLPLEAE2o+8ublMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZGMzY2IxZTA3ZDcxNGI3MjVmNTFhNjZkMWRjZmQ4N2Fl
MWM1MWEwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM2ZjI4NGNjMDM2MjkzNTk4ZDAwYzJmZmJiOTRkYmIyNGFlODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuBVx71qeVRNxRjtFlBhWxksAnhm
ysBy+7mJsLXbPbUHn8+I1N+PBBCtOZNNiAF6slRLpXkzF4h4PWCJQTtP6gRXfjQb
ujwR1UwECCrhP22+TVHhL5GbLsqInD+p7yOfwBcTj5h66XnyNrDuaZA2LCQt5E2P
0mnj1qV3sKjf4VxVixYHsgzh3N51uTWi5dt5uiRrt1iW4XQc91PPvePR3o/zQ4bQ
vTz3DaHERapYUddnWHNphSwW3OqlArE3pCRB+fHK0DfciUR4CUr7WyM8l1ggs3xY
I5UMsSia786BKXuIaYu1aTZarHWYLFks2xt1Yf+ahdTHJs+5wSn71PspBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF828oTMA2KTWY0Awv+7lNuySuhtMB8GA1UdIwQY
MBaAFBXcPLHgfXFLcl9Rpm0dz9h64cUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQt
ZmUyY2I0MzFjZjJmLzEvWHpieWhNd0RZcE5aalFEQ183dVUyN0pLNkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQtZmUyY2I0MzFjZjJm
LzEvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpIXAwQA
VO7fAwQCuSCUAwQBufC2MA0GCSqGSIb3DQEBCwUAA4IBAQCVYq2oe8Fi6RL/NnGd
OoIn4yff9/DMsXqUhd3yWzpOcLw7r8VxNGt7ZHt/RqWQSL7Gb1EiQXYt1RruGTKY
2F/dR/Opsn4vKH5IognIxKgClO+zR+wbMDL/RWyX9GL5AbYQpr5BtWD8gedt1KrO
38d3k9WKbHeiunbTYgIHUYGhd7Xz07oQnC9iuomqKUwRCKTv2mulF17AEf9yy3OL
CWQWac8CLXfzcpXXhxosQC1Oay8N1NBsod03H+kezbyxA+Ez+3VdInHXzAE27i7K
WYDs75GJPwNthzcIfqOJfc+SLzlhkSKZBURUnO/mggtXwmkS620GoMrckCLIHz1e
RSw9
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:15:48 2025 by rpki-client