Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/52amp7tcJ77T1dnKO3bscVZb93k.roa
File: 52amp7tcJ77T1dnKO3bscVZb93k.roa (raw, json)
Hash identifier: iuiKtOCYsGo8aReyfiFP3lIg4Jzuln2SiByg+InfO8g=
Subject key identifier: E7:66:A6:A7:BB:5C:27:BE:D3:D5:D9:CA:3B:76:EC:71:56:5B:F7:79
Certificate issuer: /CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Certificate serial: 0194228DB814809D7218FD889CE67488A7B1
Authority key identifier: 91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/52amp7tcJ77T1dnKO3bscVZb93k.roa
Signing time: Wed 01 Jan 2025 15:48:20 +0000
ROA not before: Wed 01 Jan 2025 15:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43197
IP address blocks: 109.68.232.0/21 maxlen: 21
109.68.232.0/24 maxlen: 24
109.68.233.0/24 maxlen: 24
109.68.234.0/24 maxlen: 24
109.68.235.0/24 maxlen: 24
109.68.236.0/24 maxlen: 24
109.68.237.0/24 maxlen: 24
109.68.238.0/24 maxlen: 24
109.68.239.0/24 maxlen: 24
185.105.228.0/22 maxlen: 22
185.105.228.0/24 maxlen: 24
185.105.229.0/24 maxlen: 24
185.105.230.0/24 maxlen: 24
185.105.231.0/24 maxlen: 24
2a0b:6bc0::/48 maxlen: 48
2a0b:6bc0:1::/48 maxlen: 48
2a0b:6bc0:1::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 07 Jan 2025 06:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b8:14:80:9d:72:18:fd:88:9c:e6:74:88:a7:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91188ca64c4670a6eb56b42a50a10588ad9647ee
Validity
Not Before: Jan 1 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e766a6a7bb5c27bed3d5d9ca3b76ec71565bf779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:f2:85:ab:46:de:9a:7f:7d:c1:ea:14:e4:22:
6e:5c:30:39:3e:9b:38:91:34:08:44:24:3f:4d:70:
b0:e2:f4:68:47:2f:3c:a7:e3:fd:11:3a:6d:60:d4:
2f:2a:53:d7:62:70:a5:2b:6b:3b:57:88:01:0c:61:
a7:a8:ca:04:ff:93:7e:c3:94:9f:a1:5b:aa:1a:b0:
eb:ed:0c:47:17:6e:9b:d0:91:a9:fb:a5:d9:0e:3c:
3a:7d:af:08:d5:6c:da:48:89:a8:a9:bd:af:f7:af:
64:71:4b:26:8d:1f:e6:eb:42:57:c6:9b:85:2e:c8:
93:db:c9:a4:c0:91:45:89:38:f7:fd:e3:d9:2a:1a:
d5:8d:58:92:20:ae:58:22:3e:49:37:be:fd:fe:fb:
21:4b:7c:c1:0c:b8:05:8a:f9:b9:69:05:bd:41:8f:
3f:0d:98:b2:2e:fd:9b:49:ab:82:86:41:f0:fd:fc:
b0:9f:18:9d:1b:45:77:4a:99:e2:05:45:7c:d2:95:
34:f2:28:79:dc:3a:de:5c:4f:98:88:11:cc:d9:30:
66:21:63:08:ad:c1:83:47:77:49:3c:55:77:2b:89:
9b:d5:4c:63:55:4d:7f:28:29:82:be:95:a4:db:18:
cc:81:ac:11:4e:ed:94:95:85:00:21:1c:c6:fb:3f:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:66:A6:A7:BB:5C:27:BE:D3:D5:D9:CA:3B:76:EC:71:56:5B:F7:79
X509v3 Authority Key Identifier:
keyid:91:18:8C:A6:4C:46:70:A6:EB:56:B4:2A:50:A1:05:88:AD:96:47:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kRiMpkxGcKbrVrQqUKEFiK2WR-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/52amp7tcJ77T1dnKO3bscVZb93k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/31d6c1-1146-4588-838d-147177b837de/1/kRiMpkxGcKbrVrQqUKEFiK2WR-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.232.0/21
185.105.228.0/22
IPv6:
2a0b:6bc0::/47
Signature Algorithm: sha256WithRSAEncryption
80:f0:3c:10:79:f2:5f:46:fb:a2:e2:57:ec:10:d6:fa:ba:91:
49:0a:ee:f0:9f:aa:4b:a5:0b:77:b2:18:42:97:d8:8f:69:9c:
f7:68:c8:c3:f6:77:9a:c5:a6:f7:cc:b5:f6:f4:b2:3f:69:35:
fc:15:f0:77:27:99:00:3b:2e:8f:d7:d8:49:f1:1b:58:78:cf:
0f:3a:e9:8c:86:81:23:8b:3e:04:3b:e3:4b:ec:31:eb:43:11:
01:a1:61:ea:bb:d0:16:e4:83:ae:1d:20:08:ab:54:e5:97:bc:
3e:79:55:4d:d1:fa:e1:4a:39:93:85:e5:4e:79:c7:2b:ad:1a:
c7:ed:ef:c7:c2:04:b9:91:13:3d:f4:70:a6:2c:04:ff:a0:2c:
c9:22:48:9a:ba:4d:d3:dd:6f:37:4f:d2:6e:cb:a8:c2:3f:8f:
d8:32:80:92:81:71:87:ad:c8:1c:ac:a0:b5:b9:43:4a:dc:f2:
62:3f:f1:d5:c6:f2:9c:cd:f7:4a:ff:24:a8:c9:43:fd:44:19:
8d:0f:29:38:18:21:a1:c6:74:5c:b8:da:2f:e6:74:66:28:5f:
5d:80:08:1c:c4:f8:71:ae:04:4c:71:bd:53:a6:35:32:2d:92:
da:b9:37:f4:39:dc:4f:b2:2f:35:0c:fe:00:a3:33:56:e6:7f:
ce:49:54:14
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQijbgUgJ1yGP2InOZ0iKexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMTg4Y2E2NGM0NjcwYTZlYjU2YjQyYTUwYTEwNTg4YWQ5
NjQ3ZWUwHhcNMjUwMTAxMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzY2YTZhN2JiNWMyN2JlZDNkNWQ5Y2EzYjc2ZWM3MTU2NWJmNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PKFq0bemn99weoU5CJuXDA5Pps4
kTQIRCQ/TXCw4vRoRy88p+P9ETptYNQvKlPXYnClK2s7V4gBDGGnqMoE/5N+w5Sf
oVuqGrDr7QxHF26b0JGp+6XZDjw6fa8I1WzaSImoqb2v969kcUsmjR/m60JXxpuF
LsiT28mkwJFFiTj3/ePZKhrVjViSIK5YIj5JN779/vshS3zBDLgFivm5aQW9QY8/
DZiyLv2bSauChkHw/fywnxidG0V3SpniBUV80pU08ih53DreXE+YiBHM2TBmIWMI
rcGDR3dJPFV3K4mb1UxjVU1/KCmCvpWk2xjMgawRTu2UlYUAIRzG+z+7zQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOdmpqe7XCe+09XZyjt27HFWW/d5MB8GA1UdIwQY
MBaAFJEYjKZMRnCm61a0KlChBYitlkfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQt
MTQ3MTc3YjgzN2RlLzEvNTJhbXA3dGNKNzdUMWRuS08zYnNjVlpiOTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMWQ2YzEtMTE0Ni00NTg4LTgzOGQtMTQ3MTc3YjgzN2Rl
LzEva1JpTXBreEdjS2JyVnJRcVVLRUZpSzJXUi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDbUToAwQC
uWnkMA8EAgACMAkDBwEqC2vAAAAwDQYJKoZIhvcNAQELBQADggEBAIDwPBB58l9G
+6LiV+wQ1vq6kUkK7vCfqkulC3eyGEKX2I9pnPdoyMP2d5rFpvfMtfb0sj9pNfwV
8HcnmQA7Lo/X2EnxG1h4zw866YyGgSOLPgQ740vsMetDEQGhYeq70Bbkg64dIAir
VOWXvD55VU3R+uFKOZOF5U55xyutGsft78fCBLmREz30cKYsBP+gLMkiSJq6TdPd
bzdP0m7LqMI/j9gygJKBcYetyBysoLW5Q0rc8mI/8dXG8pzN90r/JKjJQ/1EGY0P
KTgYIaHGdFy42i/mdGYoX12ACBzE+HGuBExxvVOmNTItktq5N/Q53E+yLzUM/gCj
M1bmf85JVBQ=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:49:03 2025 by rpki-client