Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/ONBpkXsrVQvkvyj93cP9vCUkxuw.roa
File: ONBpkXsrVQvkvyj93cP9vCUkxuw.roa (raw, json)
Hash identifier: T0GL8KlJWQYZy0hARbBVyT6T0Gqv7G3DGtL4WYQiYOM=
Subject key identifier: 38:D0:69:91:7B:2B:55:0B:E4:BF:28:FD:DD:C3:FD:BC:25:24:C6:EC
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 0193FF5B149C0A5A7E490B794EED027EF096
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/ONBpkXsrVQvkvyj93cP9vCUkxuw.roa
Signing time: Wed 25 Dec 2024 19:46:19 +0000
ROA not before: Wed 25 Dec 2024 19:46:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57568
IP address blocks: 130.185.120.0/22 maxlen: 24
185.204.168.0/22 maxlen: 24
185.235.40.0/22 maxlen: 24
193.24.119.0/24 maxlen: 24
194.5.192.0/23 maxlen: 24
194.5.206.0/23 maxlen: 24
2a0f:94c0:100::/40 maxlen: 40
2a0f:94c0:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ff:5b:14:9c:0a:5a:7e:49:0b:79:4e:ed:02:7e:f0:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Dec 25 19:46:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38d069917b2b550be4bf28fdddc3fdbc2524c6ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:db:d3:7f:ff:41:f8:ed:50:25:b4:30:f5:68:
2b:85:03:19:74:0e:3f:fb:01:23:a9:7a:4e:24:2b:
42:a7:6c:37:89:61:11:45:02:80:e0:4d:1e:7e:8a:
4a:ee:3a:22:3f:e0:bf:75:ec:71:f1:b0:b0:d1:bc:
65:d6:76:44:d9:5e:2c:f5:7d:20:8d:72:76:cb:03:
47:c2:36:1c:e3:f9:5d:8e:f9:be:43:08:b7:fa:b5:
f3:8e:e6:7a:eb:63:33:dc:34:97:4d:96:b4:99:37:
b6:97:5f:b2:b3:c9:67:a8:30:bb:ab:ff:d5:e6:bf:
96:80:e2:57:d5:6d:b4:fe:bc:55:d2:7a:47:52:d0:
58:73:83:f0:fd:62:a1:a9:96:39:50:c6:c8:11:39:
ee:3f:a3:9a:55:1b:42:1d:37:26:f8:57:06:ea:8b:
b3:30:d4:15:66:53:6c:8a:de:63:92:81:3b:1d:89:
3d:6f:47:17:6d:9b:12:d5:7d:b3:63:5d:82:4f:cc:
64:87:a6:5e:82:01:9a:cb:f4:6e:62:ab:d3:86:28:
d4:44:21:7a:c6:bf:36:a5:d0:6f:f0:16:0d:73:79:
6d:b2:ca:2d:3b:2b:c0:94:0d:28:a4:3e:16:9e:6a:
ed:bf:04:6f:c6:c4:ef:1c:ef:d4:bf:57:a4:78:27:
fc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D0:69:91:7B:2B:55:0B:E4:BF:28:FD:DD:C3:FD:BC:25:24:C6:EC
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/ONBpkXsrVQvkvyj93cP9vCUkxuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.235.40.0/22
193.24.119.0/24
194.5.192.0/23
194.5.206.0/23
IPv6:
2a0f:94c0:100::-2a0f:94c0:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
75:f6:ee:51:15:cf:5b:bc:32:66:dd:3a:d9:9e:8b:e2:7c:21:
9f:68:a0:05:cd:b7:4c:77:e9:60:02:d2:99:9b:62:a0:08:91:
10:cc:27:14:ee:f8:47:70:85:55:36:6b:30:68:62:5d:12:99:
50:24:5a:e1:84:f1:ef:8c:69:a6:c5:da:31:42:ba:fd:d7:dd:
a2:1d:be:a2:73:af:32:de:0a:93:17:c1:15:26:e1:c7:b2:c7:
51:1a:59:c9:90:99:80:eb:0a:f1:0a:c6:51:d8:d8:14:2f:51:
9b:2e:83:e3:be:ca:05:83:11:ad:62:82:45:aa:aa:cd:a4:db:
88:ca:de:2c:ba:6b:71:53:b7:bf:95:03:cd:ec:f6:38:5c:a5:
c6:b5:52:10:c6:60:84:35:28:ce:79:d1:20:37:00:b8:51:7d:
58:09:f5:85:01:9f:d5:77:06:55:fc:cb:56:6c:d3:0c:86:db:
3d:7c:fc:74:43:d3:0a:68:0e:c3:e1:b7:d3:ca:3a:fb:f9:aa:
5f:66:7b:a1:c6:45:9b:b7:65:c1:28:de:60:4e:9f:91:ea:c9:
64:17:43:80:6c:30:d4:95:ca:66:3c:46:ea:51:21:5d:a7:70:
7e:2c:89:61:49:c5:ac:32:5b:12:8a:b6:c9:6e:24:de:c1:11:
07:49:37:82
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZP/WxScClp+SQt5Tu0CfvCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjQxMjI1MTk0NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQwNjk5MTdiMmI1NTBiZTRiZjI4ZmRkZGMzZmRiYzI1MjRjNmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytvTf/9B+O1QJbQw9WgrhQMZdA4/
+wEjqXpOJCtCp2w3iWERRQKA4E0efopK7joiP+C/dexx8bCw0bxl1nZE2V4s9X0g
jXJ2ywNHwjYc4/ldjvm+Qwi3+rXzjuZ662Mz3DSXTZa0mTe2l1+ys8lnqDC7q//V
5r+WgOJX1W20/rxV0npHUtBYc4Pw/WKhqZY5UMbIETnuP6OaVRtCHTcm+FcG6ouz
MNQVZlNsit5jkoE7HYk9b0cXbZsS1X2zY12CT8xkh6ZeggGay/RuYqvThijURCF6
xr82pdBv8BYNc3ltssotOyvAlA0opD4WnmrtvwRvxsTvHO/Uv1ekeCf84QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDjQaZF7K1UL5L8o/d3D/bwlJMbsMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvT05CcGtYc3JWUXZrdnlqOTNjUDl2Q1VreHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQCgrl4AwQC
ucyoAwQCuesoAwQAwRh3AwQBwgXAAwQBwgXOMBgEAgACMBIwEAMGACoPlMABAwYA
Kg+UwAIwDQYJKoZIhvcNAQELBQADggEBAHX27lEVz1u8MmbdOtmei+J8IZ9ooAXN
t0x36WAC0pmbYqAIkRDMJxTu+EdwhVU2azBoYl0SmVAkWuGE8e+MaabF2jFCuv3X
3aIdvqJzrzLeCpMXwRUm4ceyx1EaWcmQmYDrCvEKxlHY2BQvUZsug+O+ygWDEa1i
gkWqqs2k24jK3iy6a3FTt7+VA83s9jhcpca1UhDGYIQ1KM550SA3ALhRfVgJ9YUB
n9V3BlX8y1Zs0wyG2z18/HRD0wpoDsPht9PKOvv5ql9me6HGRZu3ZcEo3mBOn5Hq
yWQXQ4BsMNSVymY8RupRIV2ncH4siWFJxawyWxKKtsluJN7BEQdJN4I=
-----END CERTIFICATE-----
Generated at Mon May 12 07:23:36 2025 by rpki-client