Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/vMNS1d1zm1uK6_qUBlioQy4LE9k.roa
File: vMNS1d1zm1uK6_qUBlioQy4LE9k.roa (raw, json)
Hash identifier: FETTh+ShPfQ6wOHRhObXBr9+DB9FRiIYAk9EQjecGi0=
Subject key identifier: BC:C3:52:D5:DD:73:9B:5B:8A:EB:FA:94:06:58:A8:43:2E:0B:13:D9
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 0196486B8F30574AACEBD2BC5E3A5B7C5773
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/vMNS1d1zm1uK6_qUBlioQy4LE9k.roa
Signing time: Fri 18 Apr 2025 10:22:10 +0000
ROA not before: Fri 18 Apr 2025 10:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200596
IP address blocks: 85.184.228.0/22 maxlen: 24
135.84.148.0/22 maxlen: 24
147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
2a00:5ea0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 18 Apr 2025 10:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:6b:8f:30:57:4a:ac:eb:d2:bc:5e:3a:5b:7c:57:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: Apr 18 10:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcc352d5dd739b5b8aebfa940658a8432e0b13d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3f:e4:ae:9b:be:59:f5:53:66:44:37:2f:01:
4f:e6:92:ad:f7:41:b3:b6:17:85:38:7c:c1:ad:b3:
65:3d:df:da:92:6e:84:11:46:f5:e7:c6:fa:28:e8:
bd:f6:0d:3c:7c:d3:41:16:42:8d:e0:ed:22:52:3f:
c1:1b:19:29:f7:dd:6d:a0:6c:9f:f0:dc:52:eb:c4:
80:f8:32:1a:99:26:ea:77:93:c4:4b:18:4d:44:1e:
d9:48:be:72:cf:74:60:4d:cc:ad:49:79:37:14:f7:
f0:6b:eb:84:31:30:5b:58:b0:74:e0:e3:a7:7c:28:
dd:ca:f9:cb:be:7c:66:f9:ca:0a:ee:e8:60:20:fa:
03:11:45:5a:bf:a3:1c:45:8b:37:b6:54:3e:b8:98:
d1:7d:d8:bc:94:b6:de:99:45:03:95:d2:33:2c:0c:
28:51:2e:2e:3d:1e:fd:1d:ec:a3:3b:b1:b9:ee:b3:
1f:53:04:34:be:5e:f2:5e:74:1d:b1:e4:6a:62:c2:
b1:b7:d6:1b:c8:1e:82:38:85:7f:6a:15:b3:08:31:
54:d9:43:62:53:f7:c4:93:ba:a9:26:96:e7:44:cb:
56:7e:5e:1d:6c:06:28:26:2b:4f:fd:7c:21:fd:05:
7b:1e:ad:7c:9b:13:dd:33:31:f2:5f:eb:b2:6d:9b:
36:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:C3:52:D5:DD:73:9B:5B:8A:EB:FA:94:06:58:A8:43:2E:0B:13:D9
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/vMNS1d1zm1uK6_qUBlioQy4LE9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.228.0/22
135.84.148.0/22
147.12.16.0/20
185.101.196.0/22
IPv6:
2a00:5ea0::/29
Signature Algorithm: sha256WithRSAEncryption
80:b9:99:2b:57:7c:81:b9:b1:02:6a:f4:60:e7:5e:f0:79:ca:
35:fa:4f:48:ad:9e:09:5e:31:4b:de:af:c0:0a:b7:3a:61:76:
9b:01:e8:fc:18:c2:0f:d4:52:9d:d4:08:96:a2:ed:f2:16:52:
87:3d:3c:2c:b1:b8:b6:32:ab:35:57:87:c8:78:9d:b9:f1:0d:
64:f3:20:52:60:a2:3e:3e:96:6e:df:60:a0:47:b6:45:25:be:
ef:61:47:72:42:bb:b7:37:8e:79:ed:ca:ae:e5:5a:f6:8c:7a:
a4:f3:0d:dd:df:30:b4:81:b9:c8:e8:2d:2e:f2:70:04:19:3d:
0a:d6:6d:d0:3d:0c:8d:69:91:35:7c:01:a6:c7:d8:01:13:dd:
21:59:57:23:c5:1d:09:06:0d:72:6c:9f:cf:01:74:8e:7e:e2:
db:61:2a:97:59:c2:57:97:44:fe:da:bf:92:a9:e9:f0:02:05:
3f:99:f3:a5:dd:db:d2:79:b5:61:06:9c:34:99:91:a5:6a:10:
1b:a4:dd:ac:c2:0f:79:27:df:f5:1e:de:83:ba:2f:e1:a3:c2:
53:4c:79:21:83:00:5f:c8:5f:01:49:c0:26:3f:ea:d2:b8:dd:
f9:42:9e:8e:87:c8:55:75:99:14:cd:86:86:57:74:5c:7d:89:
1f:ab:33:97
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZZIa48wV0qs69K8XjpbfFdzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjUwNDE4MTAyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2MzNTJkNWRkNzM5YjViOGFlYmZhOTQwNjU4YTg0MzJlMGIxM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT/krpu+WfVTZkQ3LwFP5pKt90Gz
theFOHzBrbNlPd/akm6EEUb158b6KOi99g08fNNBFkKN4O0iUj/BGxkp991toGyf
8NxS68SA+DIamSbqd5PESxhNRB7ZSL5yz3RgTcytSXk3FPfwa+uEMTBbWLB04OOn
fCjdyvnLvnxm+coK7uhgIPoDEUVav6McRYs3tlQ+uJjRfdi8lLbemUUDldIzLAwo
US4uPR79HeyjO7G57rMfUwQ0vl7yXnQdseRqYsKxt9YbyB6COIV/ahWzCDFU2UNi
U/fEk7qpJpbnRMtWfl4dbAYoJitP/Xwh/QV7Hq18mxPdMzHyX+uybZs26QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLzDUtXdc5tbiuv6lAZYqEMuCxPZMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvdk1OUzFkMXptMXVLNl9xVUJsaW9ReTRMRTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCVbjkAwQC
h1SUAwQEkwwQAwQCuWXEMA0EAgACMAcDBQMqAF6gMA0GCSqGSIb3DQEBCwUAA4IB
AQCAuZkrV3yBubECavRg517weco1+k9IrZ4JXjFL3q/ACrc6YXabAej8GMIP1FKd
1AiWou3yFlKHPTwssbi2Mqs1V4fIeJ258Q1k8yBSYKI+PpZu32CgR7ZFJb7vYUdy
Qru3N4557cqu5Vr2jHqk8w3d3zC0gbnI6C0u8nAEGT0K1m3QPQyNaZE1fAGmx9gB
E90hWVcjxR0JBg1ybJ/PAXSOfuLbYSqXWcJXl0T+2r+SqenwAgU/mfOl3dvSebVh
Bpw0mZGlahAbpN2swg95J9/1Ht6Dui/ho8JTTHkhgwBfyF8BScAmP+rSuN35Qp6O
h8hVdZkUzYaGV3RcfYkfqzOX
-----END CERTIFICATE-----
Generated at Thu May 8 11:19:20 2025 by rpki-client