Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1-bDeX0WjVZKVgs0ZVSQhp7Te4Fs.roa
File: 1-bDeX0WjVZKVgs0ZVSQhp7Te4Fs.roa (raw, json)
Hash identifier: rn/kqYYZYG1Q1E6t1sjpToyxOCOftNmEE9lcR+bzEdw=
Subject key identifier: F9:B0:DE:5F:45:A3:55:92:95:82:CD:19:55:24:21:A7:B4:DE:E0:5B
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018ED201F4EAD558A9DBDD34D7F885B90331
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1-bDeX0WjVZKVgs0ZVSQhp7Te4Fs.roa
Signing time: Fri 12 Apr 2024 11:12:07 +0000
ROA not before: Fri 12 Apr 2024 11:12:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29069
IP address blocks: 185.13.112.0/22 maxlen: 22
185.13.112.0/25 maxlen: 25
185.13.112.128/25 maxlen: 25
195.128.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 15 Apr 2024 10:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:01:f4:ea:d5:58:a9:db:dd:34:d7:f8:85:b9:03:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 12 11:12:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9b0de5f45a355929582cd19552421a7b4dee05b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8f:8d:ef:cd:4f:5f:27:40:a8:43:ed:eb:d4:
af:0b:ef:97:c5:aa:05:0a:bd:56:a4:21:84:3c:78:
9d:f1:d2:61:5d:41:c1:d2:ba:56:f4:48:c2:ec:fe:
8f:19:e8:0b:42:e0:11:99:f9:e1:a2:11:62:00:20:
e3:e0:14:3c:6c:c7:a0:8d:ca:c5:c0:fd:c8:35:f6:
f2:0d:09:89:3e:6a:a5:d3:7c:9c:01:18:cb:87:e4:
b1:d8:38:67:5d:e3:50:2d:f4:f4:03:dd:09:e6:05:
84:8e:99:97:d8:28:5e:5d:9f:3f:e7:ab:bc:f8:8b:
74:65:77:ff:e5:09:07:2f:a7:95:be:f2:09:65:9b:
f4:3e:34:47:54:68:2c:60:1c:51:f0:26:1b:f7:a7:
70:cb:29:5b:62:fa:fa:eb:66:f2:f8:24:0b:54:2b:
8d:e4:64:7f:f4:de:7f:55:00:f9:21:2a:33:cb:cf:
f3:44:12:ad:a6:28:f1:8f:85:67:16:a6:00:a2:20:
da:50:ae:4a:f8:14:3c:dd:34:04:62:44:15:33:9c:
e4:14:10:4c:5f:da:51:b0:12:b5:3d:4b:8d:01:4e:
26:4c:a9:ba:20:12:fb:95:b7:db:76:1f:64:e3:7a:
0e:a6:e6:5d:36:92:2e:3c:23:37:c7:82:21:6b:0e:
d8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B0:DE:5F:45:A3:55:92:95:82:CD:19:55:24:21:A7:B4:DE:E0:5B
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1-bDeX0WjVZKVgs0ZVSQhp7Te4Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.112.0/22
195.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
12:ec:59:3d:e4:61:81:fe:db:fa:ea:4d:a1:ce:6d:d3:56:e7:
4d:ab:48:89:9c:8c:77:38:72:54:a9:63:73:29:b6:7e:7b:0b:
1f:5a:34:62:2d:2b:c0:df:35:1a:ad:0e:79:94:68:72:73:af:
ae:aa:cd:c6:f5:0b:73:50:ac:8c:0f:bc:60:11:65:b8:65:d2:
7c:41:b2:5f:c2:4b:1e:0c:cd:6c:f6:65:82:0f:b6:4a:15:6e:
1e:f4:e7:5c:a8:cc:bc:fa:11:98:36:b8:f5:7e:ca:16:06:46:
c3:ae:77:fc:6c:c9:1c:51:22:39:94:3b:4a:5e:3c:aa:9e:05:
e5:18:ff:ed:ef:7a:fa:b7:72:00:66:13:82:3e:4c:48:b7:d7:
f4:7a:ea:00:18:88:df:28:9e:3d:17:c7:6d:ee:32:00:b3:4c:
0c:75:2d:33:a6:33:0d:77:4e:af:a5:df:68:34:31:c0:b7:d3:
72:ef:16:52:42:c6:82:88:82:c6:fa:71:33:cc:7b:c1:60:cf:
24:0a:cb:dc:fc:53:0b:81:8d:70:65:ea:6f:dd:b5:7c:be:86:
c2:2e:6a:6e:33:4c:22:73:e8:b3:4a:89:72:de:bb:07:45:49:
d9:8a:65:5f:23:28:2f:cb:5a:0d:e3:29:7a:57:df:e0:50:67:
52:71:1a:93
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAY7SAfTq1Vip29001/iFuQMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDEyMTExMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWIwZGU1ZjQ1YTM1NTkyOTU4MmNkMTk1NTI0MjFhN2I0ZGVlMDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4+N781PXydAqEPt69SvC++XxaoF
Cr1WpCGEPHid8dJhXUHB0rpW9EjC7P6PGegLQuARmfnhohFiACDj4BQ8bMegjcrF
wP3INfbyDQmJPmql03ycARjLh+Sx2DhnXeNQLfT0A90J5gWEjpmX2CheXZ8/56u8
+It0ZXf/5QkHL6eVvvIJZZv0PjRHVGgsYBxR8CYb96dwyylbYvr662by+CQLVCuN
5GR/9N5/VQD5ISozy8/zRBKtpijxj4VnFqYAoiDaUK5K+BQ83TQEYkQVM5zkFBBM
X9pRsBK1PUuNAU4mTKm6IBL7lbfbdh9k43oOpuZdNpIuPCM3x4Ihaw7YAQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPmw3l9Fo1WSlYLNGVUkIae03uBbMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMS1iRGVYMFdqVlpLVmdzMFpWU1FocDdUZTRGcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmQvOWExZDQ0LTg2MDktNGU1ZS1iYTk0LTVhODZjMjc1N2Mx
ZS8xL1h1VXh1YXdwa05hYWlsd3dJLWN1YllRZWJBay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkNcAME
A8OAODANBgkqhkiG9w0BAQsFAAOCAQEAEuxZPeRhgf7b+upNoc5t01bnTatIiZyM
dzhyVKljcym2fnsLH1o0Yi0rwN81Gq0OeZRocnOvrqrNxvULc1CsjA+8YBFluGXS
fEGyX8JLHgzNbPZlgg+2ShVuHvTnXKjMvPoRmDa49X7KFgZGw653/GzJHFEiOZQ7
Sl48qp4F5Rj/7e96+rdyAGYTgj5MSLfX9HrqABiI3yiePRfHbe4yALNMDHUtM6Yz
DXdOr6XfaDQxwLfTcu8WUkLGgoiCxvpxM8x7wWDPJArL3PxTC4GNcGXqb921fL6G
wi5qbjNMInPos0qJct67B0VJ2YplXyMoL8taDeMpelff4FBnUnEakw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:12:49 2025 by rpki-client