Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1Sknq0df5r0-eBLGbQpEFpNVjwY.roa
File: 1Sknq0df5r0-eBLGbQpEFpNVjwY.roa (raw, json)
Hash identifier: UwNQ8p0rOUxUxPoebeBThMjkV9ZTrlKCGWDUzHzAckg=
Subject key identifier: D5:29:27:AB:47:5F:E6:BD:3E:78:12:C6:6D:0A:44:16:93:55:8F:06
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE163A24029C71D1B4A0629115F65C949
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1Sknq0df5r0-eBLGbQpEFpNVjwY.roa
Signing time: Mon 15 Apr 2024 10:53:06 +0000
ROA not before: Mon 15 Apr 2024 10:53:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34267
IP address blocks: 37.19.32.0/20 maxlen: 20
84.42.32.0/19 maxlen: 24
84.42.72.0/21 maxlen: 24
94.75.128.0/18 maxlen: 18
109.198.192.0/19 maxlen: 19
109.198.192.0/21 maxlen: 21
213.155.192.0/19 maxlen: 19
213.155.192.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 27 Aug 2024 07:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:63:a2:40:29:c7:1d:1b:4a:06:29:11:5f:65:c9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 15 10:53:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d52927ab475fe6bd3e7812c66d0a441693558f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:71:4b:2c:42:84:4f:4a:0e:8a:7f:13:0e:60:
b3:f8:81:4e:c4:fb:c3:c8:db:e6:0c:f7:0c:f7:81:
93:5b:60:09:4e:62:c2:97:c7:db:5a:6f:2f:5c:19:
87:00:9a:a3:8f:8f:0c:15:ae:76:de:47:a9:c4:15:
a1:ad:92:12:7f:34:7a:9e:7d:3b:d1:73:08:d6:9a:
19:1f:52:61:cd:e0:94:d9:8f:54:f9:d6:e7:ce:b5:
de:80:5b:ef:65:c8:69:d9:8f:5a:2c:fc:16:e3:d6:
14:6d:61:ca:e2:49:1b:71:f0:e4:db:ba:35:1b:b9:
fd:3a:f4:5d:96:96:ef:3f:0d:93:c5:39:45:ca:50:
c2:69:52:30:45:6f:87:7e:33:e9:a1:83:3a:1d:84:
19:c7:06:5a:1a:95:af:e0:cb:5a:dd:db:e2:98:26:
9a:42:92:ec:84:5e:01:a5:51:09:52:2b:03:1f:b2:
1a:75:b1:10:b3:89:cd:08:d3:4a:f8:ed:2a:a0:13:
77:48:d5:30:39:67:37:b0:a0:04:51:24:3e:e4:6a:
25:4c:84:ee:65:1e:a6:68:c6:9c:40:8c:d4:52:58:
2d:04:9a:f2:7f:fa:91:9b:be:a0:10:1d:3e:03:b3:
ff:a4:65:e4:39:bc:be:c6:bd:49:7b:4b:06:2d:2e:
d6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:29:27:AB:47:5F:E6:BD:3E:78:12:C6:6D:0A:44:16:93:55:8F:06
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1Sknq0df5r0-eBLGbQpEFpNVjwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.32.0/20
84.42.32.0/19
84.42.72.0/21
94.75.128.0/18
109.198.192.0/19
213.155.192.0/19
Signature Algorithm: sha256WithRSAEncryption
96:fa:34:0d:84:6e:97:2a:fa:90:74:df:6a:b5:19:91:58:d4:
17:6e:a3:3c:93:2d:01:59:6d:5d:b5:17:9a:da:e3:b5:38:cd:
fd:3d:cf:4f:47:f5:3c:b6:1b:b1:91:dd:1f:8d:35:0e:93:5b:
c8:7d:23:05:3f:e4:06:ec:eb:e7:3b:88:6f:db:90:b1:98:65:
81:84:ba:2f:f3:5e:63:e3:7d:ce:03:82:20:c0:d8:9e:20:4d:
ce:61:50:3c:85:2f:e5:50:e0:4f:52:22:d1:ab:32:29:97:cb:
d5:fb:70:c6:5a:02:57:27:75:17:2e:3b:c3:3e:3b:62:66:99:
6f:dc:a9:fa:39:e0:ba:b4:b2:7d:12:e6:80:e0:1b:39:b2:30:
37:e7:a4:ed:80:9f:71:72:2f:69:c1:f3:86:f9:a8:e3:60:0e:
32:6b:b2:e6:69:2d:8d:08:17:fc:16:fe:45:8f:55:6e:fa:c1:
4b:fa:09:8a:d8:0b:61:5a:a7:92:3a:c4:c9:9e:8e:24:cb:66:
f8:86:ee:48:b1:4d:86:c0:f8:fd:12:ee:cd:db:aa:a2:cb:18:
be:00:dc:3c:7d:06:bd:0d:ed:d1:1c:d7:52:64:13:64:3b:54:
80:39:bb:d8:37:92:ca:16:3b:47:b5:2d:2c:bd:b3:32:27:4d:
b7:6f:11:9b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7hY6JAKccdG0oGKRFfZclJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE1MTA1MzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI5MjdhYjQ3NWZlNmJkM2U3ODEyYzY2ZDBhNDQxNjkzNTU4ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinFLLEKET0oOin8TDmCz+IFOxPvD
yNvmDPcM94GTW2AJTmLCl8fbWm8vXBmHAJqjj48MFa523kepxBWhrZISfzR6nn07
0XMI1poZH1JhzeCU2Y9U+dbnzrXegFvvZchp2Y9aLPwW49YUbWHK4kkbcfDk27o1
G7n9OvRdlpbvPw2TxTlFylDCaVIwRW+HfjPpoYM6HYQZxwZaGpWv4Mta3dvimCaa
QpLshF4BpVEJUisDH7IadbEQs4nNCNNK+O0qoBN3SNUwOWc3sKAEUSQ+5GolTITu
ZR6maMacQIzUUlgtBJryf/qRm76gEB0+A7P/pGXkOby+xr1Je0sGLS7WbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNUpJ6tHX+a9PngSxm0KRBaTVY8GMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMVNrbnEwZGY1cjAtZUJMR2JRcEVGcE5WandZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEJRMgAwQF
VCogAwQDVCpIAwQGXkuAAwQFbcbAAwQF1ZvAMA0GCSqGSIb3DQEBCwUAA4IBAQCW
+jQNhG6XKvqQdN9qtRmRWNQXbqM8ky0BWW1dtRea2uO1OM39Pc9PR/U8thuxkd0f
jTUOk1vIfSMFP+QG7OvnO4hv25CxmGWBhLov815j433OA4IgwNieIE3OYVA8hS/l
UOBPUiLRqzIpl8vV+3DGWgJXJ3UXLjvDPjtiZplv3Kn6OeC6tLJ9EuaA4Bs5sjA3
56TtgJ9xci9pwfOG+ajjYA4ya7LmaS2NCBf8Fv5Fj1Vu+sFL+gmK2AthWqeSOsTJ
no4ky2b4hu5IsU2GwPj9Eu7N26qiyxi+ANw8fQa9De3RHNdSZBNkO1SAObvYN5LK
FjtHtS0svbMyJ023bxGb
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:43:21 2025 by rpki-client