Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UEdlx3jwsNuwMQcSEYfdt0prOCU.roa
File: UEdlx3jwsNuwMQcSEYfdt0prOCU.roa (raw, json)
Hash identifier: 5WYM2sGbd1+1E6x3tiflOUSt4z6hA8VCv7ux0cK+Jzg=
Subject key identifier: 50:47:65:C7:78:F0:B0:DB:B0:31:07:12:11:87:DD:B7:4A:6B:38:25
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01941F3FEC12222CD530080AFAD3EB34ABA8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UEdlx3jwsNuwMQcSEYfdt0prOCU.roa
Signing time: Wed 01 Jan 2025 00:24:30 +0000
ROA not before: Wed 01 Jan 2025 00:24:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.64.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:3f:ec:12:22:2c:d5:30:08:0a:fa:d3:eb:34:ab:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 00:24:30 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=504765c778f0b0dbb03107121187ddb74a6b3825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b0:d9:57:a4:57:9a:73:0f:6a:63:63:ce:8b:
3d:97:87:f7:42:44:83:ba:60:d8:38:21:7f:ba:d6:
62:1b:86:7e:8e:eb:64:91:8b:73:e5:51:85:19:14:
df:b7:40:cb:a3:6d:e8:b5:77:b4:44:52:24:31:90:
7c:fa:cc:e0:bd:c2:0b:d1:6e:ab:cf:c1:5c:79:cd:
3f:cd:c3:c5:db:40:b7:23:08:be:3e:b6:9d:eb:49:
cb:bf:e3:c2:5d:46:ee:c4:b0:e4:3f:f1:da:bd:6c:
87:fb:30:58:79:1a:f9:57:67:10:fd:39:f9:0e:2d:
03:b8:4f:5c:76:c7:32:57:32:96:90:11:c5:32:62:
aa:dc:04:e7:fd:14:1b:08:70:e8:fe:b7:0b:e7:24:
e1:3f:b9:2d:3e:ef:24:c6:da:d6:ad:cf:2c:d5:c8:
c7:97:16:0d:22:2e:af:97:5e:4f:ba:50:49:b9:98:
de:76:2e:5f:5f:b7:a4:ba:1b:f2:7d:30:e5:9b:46:
49:02:f5:44:e8:7b:7b:26:69:45:f2:ed:67:25:59:
54:cc:52:98:dd:f0:07:3f:aa:7e:61:44:ce:3b:58:
f6:10:28:d5:36:1a:2a:7a:f1:77:17:14:d8:30:56:
ee:a9:96:22:f3:7b:55:5d:65:cf:77:cc:2a:2d:5d:
5e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:47:65:C7:78:F0:B0:DB:B0:31:07:12:11:87:DD:B7:4A:6B:38:25
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UEdlx3jwsNuwMQcSEYfdt0prOCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
83.219.98.0/24
87.120.68.0/23
87.121.60.0/24
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
31:f5:70:0c:a4:40:21:e1:4b:2e:c4:b6:7f:e6:2c:c7:f5:20:
a6:ba:c4:96:47:c8:15:73:d6:10:a3:54:1c:ee:a0:0b:45:5e:
ec:7f:91:e9:16:fa:28:e9:79:74:97:04:dd:e9:91:55:f3:b2:
06:1b:77:b5:d2:db:2d:be:99:a6:83:d1:02:32:58:17:f8:03:
4c:83:64:14:5e:f8:f9:c0:bf:46:42:87:77:cd:36:f9:70:e1:
5a:d8:b2:93:05:ba:06:a0:72:aa:cb:c6:3c:75:f6:42:a3:bb:
63:c1:4c:07:a4:58:b3:29:c9:2b:62:60:fd:0d:ec:76:fa:ff:
f4:43:46:15:41:99:4a:b7:69:8b:b1:ce:60:37:8b:66:83:cf:
b1:1e:3f:94:58:38:f9:d7:d8:a5:ff:22:d7:3e:b3:2b:71:97:
db:9a:a0:64:d3:dd:54:ee:e9:60:83:55:df:05:3f:a3:cd:ae:
4a:82:ad:5a:4a:07:1b:a6:75:56:cd:18:e1:47:83:4f:2f:b9:
1f:7e:2f:46:10:cb:94:1f:66:ed:87:b5:4a:b2:a3:80:25:3e:
80:77:31:60:a1:4c:35:e6:53:d7:2c:ed:16:6d:6e:8c:55:e3:
98:a0:20:5e:06:0c:e8:a5:c0:ed:fc:1d:d5:4f:51:c0:b0:45:
08:a9:09:6a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQfP+wSIizVMAgK+tPrNKuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAxMDAyNDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ3NjVjNzc4ZjBiMGRiYjAzMTA3MTIxMTg3ZGRiNzRhNmIzODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurDZV6RXmnMPamNjzos9l4f3QkSD
umDYOCF/utZiG4Z+jutkkYtz5VGFGRTft0DLo23otXe0RFIkMZB8+szgvcIL0W6r
z8Fcec0/zcPF20C3Iwi+Prad60nLv+PCXUbuxLDkP/HavWyH+zBYeRr5V2cQ/Tn5
Di0DuE9cdscyVzKWkBHFMmKq3ATn/RQbCHDo/rcL5yThP7ktPu8kxtrWrc8s1cjH
lxYNIi6vl15PulBJuZjedi5fX7ekuhvyfTDlm0ZJAvVE6Ht7JmlF8u1nJVlUzFKY
3fAHP6p+YUTOO1j2ECjVNhoqevF3FxTYMFbuqZYi83tVXWXPd8wqLV1e/wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFBHZcd48LDbsDEHEhGH3bdKazglMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVUVkbHgzandzTnV3TVFjU0VZZmR0MHByT0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABf1AAwQA
U9tiAwQBV3hEAwQAV3k8AwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQAx
9XAMpEAh4UsuxLZ/5izH9SCmusSWR8gVc9YQo1Qc7qALRV7sf5HpFvoo6Xl0lwTd
6ZFV87IGG3e10tstvpmmg9ECMlgX+ANMg2QUXvj5wL9GQod3zTb5cOFa2LKTBboG
oHKqy8Y8dfZCo7tjwUwHpFizKckrYmD9Dex2+v/0Q0YVQZlKt2mLsc5gN4tmg8+x
Hj+UWDj519il/yLXPrMrcZfbmqBk091U7ulgg1XfBT+jza5Kgq1aSgcbpnVWzRjh
R4NPL7kffi9GEMuUH2bth7VKsqOAJT6AdzFgoUw15lPXLO0WbW6MVeOYoCBeBgzo
pcDt/B3VT1HAsEUIqQlq
-----END CERTIFICATE-----
Generated at Tue May 13 17:08:02 2025 by rpki-client