Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/cOxgJhmSk_clc_-r3otSFuglx-Q.roa
File: cOxgJhmSk_clc_-r3otSFuglx-Q.roa (raw, json)
Hash identifier: 8ss5xrk0aCmGUpNTgPFdZOeHGILVUTM6V9Hj6jNdp7g=
Subject key identifier: 70:EC:60:26:19:92:93:F7:25:73:FF:AB:DE:8B:52:16:E8:25:C7:E4
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 019648A711C9C4E84DA5A11FBEE78F1F7413
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/cOxgJhmSk_clc_-r3otSFuglx-Q.roa
Signing time: Fri 18 Apr 2025 11:27:10 +0000
ROA not before: Fri 18 Apr 2025 11:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29262
IP address blocks: 160.20.108.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 24 Apr 2025 08:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:a7:11:c9:c4:e8:4d:a5:a1:1f:be:e7:8f:1f:74:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Apr 18 11:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70ec6026199293f72573ffabde8b5216e825c7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:af:25:10:ca:fe:5a:f1:91:c1:fc:29:21:1b:
a2:8e:45:7b:f9:02:07:db:a2:d2:58:23:47:fb:d4:
b4:25:5c:b1:6d:c8:e0:22:cd:5a:c2:08:ba:ab:87:
45:eb:7f:15:37:4b:3e:7c:2c:5d:1c:f4:a9:ae:2a:
70:4b:25:b7:69:7c:6a:71:d7:69:1b:87:9a:89:4e:
2f:b4:66:65:a1:e5:ca:39:52:23:b2:c3:39:aa:59:
f8:ef:e6:ed:20:75:0e:80:b8:b2:e5:6e:10:58:a6:
73:59:13:7d:92:51:5c:05:4a:5f:cd:94:7d:f2:87:
30:61:24:ec:3a:bb:c4:1f:78:6d:c9:85:3f:80:ae:
1c:ad:02:b0:7b:48:cd:24:a6:d9:12:8b:5f:e0:68:
24:91:d3:3e:bd:2a:88:51:b9:ad:3c:7a:ba:e2:bf:
45:f4:3a:57:4a:0d:5e:b6:99:05:6b:c2:e8:7f:9a:
42:c5:46:f5:17:2e:8a:c4:a1:cf:68:37:9e:47:5a:
2b:ab:5d:ce:a7:36:d4:11:05:bc:52:7a:73:07:d8:
12:14:66:67:d7:d3:f3:4d:cb:70:4e:db:e7:58:ae:
fd:4f:02:35:17:55:cc:40:a9:8d:85:05:67:d9:71:
78:18:f6:54:34:d3:64:d3:95:4a:9c:16:cd:84:f7:
cd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:EC:60:26:19:92:93:F7:25:73:FF:AB:DE:8B:52:16:E8:25:C7:E4
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/cOxgJhmSk_clc_-r3otSFuglx-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.20.108.0/23
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:cc:ae:ef:8d:2e:fb:fd:b2:01:c6:da:b2:c2:53:82:4e:b4:
14:39:23:b3:a0:75:61:ba:e9:4f:c8:86:51:cb:ac:9d:cb:50:
f2:c8:4f:76:c3:0d:60:22:33:7c:ae:f8:0e:62:23:a8:9b:2a:
0b:5a:4f:a1:52:d0:21:79:c6:33:e9:f7:2d:8e:3c:f2:36:9d:
cf:ff:12:5b:c7:f6:3a:47:5b:6b:1e:e7:df:19:13:69:25:f8:
0d:d1:5f:b8:79:87:d0:ce:d9:45:66:c3:10:b5:e4:00:30:e8:
9e:22:8e:41:fa:95:14:8d:de:42:34:2b:f5:8e:d8:70:cb:de:
07:6c:3b:d4:a2:3e:26:c9:7e:43:e0:56:27:b5:f1:0d:b4:d9:
54:2e:e5:7d:e5:ba:0e:c0:e2:d2:dc:fb:c0:b1:fd:fe:f8:f3:
8e:9c:81:cc:50:8f:94:18:a2:1d:37:e1:cb:a1:33:96:31:3a:
15:ee:d3:05:b9:46:2d:7b:e7:5c:e5:bc:7e:86:1d:20:2c:d7:
d6:c5:d6:b3:e7:5d:7b:22:81:71:3d:e8:fa:e9:4b:a9:29:59:
2a:15:e3:8a:18:ca:4b:ad:1f:af:35:7d:ef:6a:9c:0b:6d:25:
22:66:98:48:ef:53:3c:e7:cf:37:e7:a6:a4:94:70:15:dc:48:
85:22:70:c0
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZZIpxHJxOhNpaEfvuePH3QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNDE4MTEyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVjNjAyNjE5OTI5M2Y3MjU3M2ZmYWJkZThiNTIxNmU4MjVjN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua8lEMr+WvGRwfwpIRuijkV7+QIH
26LSWCNH+9S0JVyxbcjgIs1awgi6q4dF638VN0s+fCxdHPSpripwSyW3aXxqcddp
G4eaiU4vtGZloeXKOVIjssM5qln47+btIHUOgLiy5W4QWKZzWRN9klFcBUpfzZR9
8ocwYSTsOrvEH3htyYU/gK4crQKwe0jNJKbZEotf4GgkkdM+vSqIUbmtPHq64r9F
9DpXSg1etpkFa8Lof5pCxUb1Fy6KxKHPaDeeR1orq13OpzbUEQW8UnpzB9gSFGZn
19PzTctwTtvnWK79TwI1F1XMQKmNhQVn2XF4GPZUNNNk05VKnBbNhPfNnwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFHDsYCYZkpP3JXP/q96LUhboJcfkMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvY094Z0pobVNrX2NsY18tcjNvdFNGdWdseC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuAwQBoBRs
MAwDBAC5Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZ
AwQAuVaaAwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAC5YjwDBAK5
d1ADBAC5jSAwFAQCAAIwDgMFAyoLZ4ADBQMqDGfAMA0GCSqGSIb3DQEBCwUAA4IB
AQB2zK7vjS77/bIBxtqywlOCTrQUOSOzoHVhuulPyIZRy6ydy1DyyE92ww1gIjN8
rvgOYiOomyoLWk+hUtAhecYz6fctjjzyNp3P/xJbx/Y6R1trHuffGRNpJfgN0V+4
eYfQztlFZsMQteQAMOieIo5B+pUUjd5CNCv1jthwy94HbDvUoj4myX5D4FYntfEN
tNlULuV95boOwOLS3PvAsf3++POOnIHMUI+UGKIdN+HLoTOWMToV7tMFuUYte+dc
5bx+hh0gLNfWxdaz5117IoFxPej66UupKVkqFeOKGMpLrR+vNX3vapwLbSUiZphI
71M8588356aklHAV3EiFInDA
-----END CERTIFICATE-----
Generated at Sat May 10 20:07:45 2025 by rpki-client