Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/1dD4vtQXFkoZcF70NU-_BM8QCpU.roa
File: 1dD4vtQXFkoZcF70NU-_BM8QCpU.roa (raw, json)
Hash identifier: qDPxEqP5GNB0yRGue3O4ANM22IjAq42FSkT31hNzb/8=
Subject key identifier: D5:D0:F8:BE:D4:17:16:4A:19:70:5E:F4:35:4F:BF:04:CF:10:0A:95
Certificate issuer: /CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Certificate serial: 019468F8507026CDF5C682B167907DEDC00F
Authority key identifier: 88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/1dD4vtQXFkoZcF70NU-_BM8QCpU.roa
Signing time: Wed 15 Jan 2025 07:58:11 +0000
ROA not before: Wed 15 Jan 2025 07:58:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34655
IP address blocks: 5.159.217.0/24 maxlen: 24
93.93.54.0/24 maxlen: 24
95.128.122.0/24 maxlen: 24
95.128.123.0/24 maxlen: 24
95.128.124.0/24 maxlen: 24
95.128.125.0/24 maxlen: 24
95.128.126.0/24 maxlen: 24
95.128.127.0/24 maxlen: 24
109.71.163.0/24 maxlen: 24
109.71.165.0/24 maxlen: 24
109.71.166.0/24 maxlen: 24
109.71.167.0/24 maxlen: 24
185.13.89.0/24 maxlen: 24
2a03:9c40::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:800::/48 maxlen: 48
2a03:9c40:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Jan 2025 06:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:f8:50:70:26:cd:f5:c6:82:b1:67:90:7d:ed:c0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Validity
Not Before: Jan 15 07:58:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5d0f8bed417164a19705ef4354fbf04cf100a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:41:82:63:43:e8:7c:61:03:1b:88:b8:20:
b5:17:96:96:95:ce:1e:a4:da:dd:4e:f4:bc:5c:d3:
4b:e5:e1:ea:0d:5e:90:3b:bf:62:8a:a2:8c:de:4e:
ef:b5:e7:4b:67:dc:4d:da:46:ba:b7:47:f7:78:f7:
4a:34:e9:77:b1:3c:c8:79:da:c4:9b:1a:27:40:e3:
14:a1:fb:5d:43:ad:40:19:57:8e:36:6d:93:b9:f8:
ea:a4:2d:bf:85:03:e2:1c:e7:eb:fe:9b:bd:15:d5:
21:69:4a:72:1c:d3:75:af:de:50:db:15:1c:7c:c3:
a9:3a:92:ab:4f:dc:f8:ea:01:d0:50:ef:fd:09:fd:
d4:b0:61:fd:00:1d:eb:ac:80:21:03:8f:bf:4f:40:
f9:5d:93:0e:1a:24:30:a1:11:31:49:0a:ce:5e:da:
b5:2e:a6:24:0a:55:89:9b:06:26:1d:5e:5e:92:81:
f4:d3:5e:38:ae:b6:73:02:eb:a8:6c:36:82:eb:74:
e7:dc:fe:49:50:d5:8a:e2:e8:32:3a:ae:c3:4a:da:
1f:66:05:68:35:0b:79:db:13:5c:21:4f:4b:76:89:
7f:b6:46:ea:47:e3:a8:32:43:d6:f0:34:3d:3d:4e:
aa:16:43:eb:6c:33:fa:2d:02:d4:0c:7e:2d:00:37:
8c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D0:F8:BE:D4:17:16:4A:19:70:5E:F4:35:4F:BF:04:CF:10:0A:95
X509v3 Authority Key Identifier:
keyid:88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/1dD4vtQXFkoZcF70NU-_BM8QCpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/iBchKB_7pXE-nQUq9v5tGwQKKjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.217.0/24
93.93.54.0/24
95.128.122.0-95.128.127.255
109.71.163.0/24
109.71.165.0-109.71.167.255
185.13.89.0/24
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
2a03:9c40:1000::/48
Signature Algorithm: sha256WithRSAEncryption
74:be:d2:cb:ba:31:22:16:6b:34:ad:21:a5:36:18:6a:b7:f8:
d3:f1:44:1a:3e:64:df:77:1e:3c:f6:3d:bd:da:19:11:86:78:
5e:05:32:a1:b4:0d:c7:81:67:fb:57:0e:83:e8:d1:d6:7d:0f:
e2:a9:b6:41:72:9e:6e:5b:e2:7a:5b:ff:3f:9c:73:36:74:61:
1f:a4:e3:d8:8b:a6:59:bb:34:fe:0d:7d:18:a9:8c:1a:e6:54:
74:f2:68:ae:3a:4b:cf:de:fe:33:37:58:4f:27:12:8a:da:c0:
49:78:07:9e:99:8f:76:77:09:c6:e8:5a:88:ca:34:88:c8:65:
e6:33:f2:bb:25:09:08:7e:93:cf:7f:4f:12:2a:a3:6f:13:e3:
8b:f4:e8:87:22:4f:08:e7:5f:be:1c:cc:ee:25:08:3e:47:61:
82:3f:a8:92:bd:0f:06:16:70:c6:a0:35:b9:5f:ec:72:9b:f6:
21:b9:af:bb:f4:19:7c:de:46:68:72:f3:ca:5b:00:ac:06:46:
c5:37:0e:4a:f7:71:4c:0c:d3:0c:6c:66:43:0e:77:12:56:bf:
da:43:e3:4a:f5:15:10:aa:98:42:92:c5:3d:d4:bc:c7:32:d4:
3b:c5:23:9d:db:11:c4:95:5e:8f:77:9f:2c:48:9e:e5:54:86:
55:f2:e7:6b
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZRo+FBwJs31xoKxZ5B97cAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTcyMTI4MWZmYmE1NzEzZTlkMDUyYWY2ZmU2ZDFiMDQw
YTJhMzkwHhcNMjUwMTE1MDc1ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQwZjhiZWQ0MTcxNjRhMTk3MDVlZjQzNTRmYmYwNGNmMTAwYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjxBgmND6HxhAxuIuCC1F5aWlc4e
pNrdTvS8XNNL5eHqDV6QO79iiqKM3k7vtedLZ9xN2ka6t0f3ePdKNOl3sTzIedrE
mxonQOMUoftdQ61AGVeONm2TufjqpC2/hQPiHOfr/pu9FdUhaUpyHNN1r95Q2xUc
fMOpOpKrT9z46gHQUO/9Cf3UsGH9AB3rrIAhA4+/T0D5XZMOGiQwoRExSQrOXtq1
LqYkClWJmwYmHV5ekoH00144rrZzAuuobDaC63Tn3P5JUNWK4ugyOq7DStofZgVo
NQt52xNcIU9Ldol/tkbqR+OoMkPW8DQ9PU6qFkPrbDP6LQLUDH4tADeMOQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFNXQ+L7UFxZKGXBe9DVPvwTPEAqVMB8GA1UdIwQY
MBaAFIgXISgf+6VxPp0FKvb+bRsECio5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMt
NDg4NzNiYWE2OWE3LzEvMWRENHZ0UVhGa29aY0Y3ME5VLV9CTThRQ3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMtNDg4NzNiYWE2OWE3
LzEvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowOgQCAAEwNAMEAAWf2QME
AF1dNjAMAwQBX4B6AwQHX4AAAwQAbUejMAwDBABtR6UDBANtR6ADBAC5DVkwPAQC
AAIwNgMHACoDnEAAAAMHACoDnEACAAMHACoDnEAEAAMHACoDnEAGAAMHACoDnEAI
AAMHACoDnEAQADANBgkqhkiG9w0BAQsFAAOCAQEAdL7Sy7oxIhZrNK0hpTYYarf4
0/FEGj5k33cePPY9vdoZEYZ4XgUyobQNx4Fn+1cOg+jR1n0P4qm2QXKeblvielv/
P5xzNnRhH6Tj2IumWbs0/g19GKmMGuZUdPJorjpLz97+MzdYTycSitrASXgHnpmP
dncJxuhaiMo0iMhl5jPyuyUJCH6Tz39PEiqjbxPji/TohyJPCOdfvhzM7iUIPkdh
gj+okr0PBhZwxqA1uV/scpv2Ibmvu/QZfN5GaHLzylsArAZGxTcOSvdxTAzTDGxm
Qw53Ela/2kPjSvUVEKqYQpLFPdS8xzLUO8UjndsRxJVej3efLEie5VSGVfLnaw==
-----END CERTIFICATE-----
Generated at Sat May 10 13:44:02 2025 by rpki-client