Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lV_eAbSaWX9lOKqPyzCqM-dm3yY.roa
File: lV_eAbSaWX9lOKqPyzCqM-dm3yY.roa (raw, json)
Hash identifier: 4OuwuEyBVQFoZS2j4RPlexL0v2dG8oZdKl/fp1tn78w=
Subject key identifier: 95:5F:DE:01:B4:9A:59:7F:65:38:AA:8F:CB:30:AA:33:E7:66:DF:26
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01968828FFDA670887C78FCEFF322BA7FA11
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lV_eAbSaWX9lOKqPyzCqM-dm3yY.roa
Signing time: Wed 30 Apr 2025 19:25:10 +0000
ROA not before: Wed 30 Apr 2025 19:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 82.115.10.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
178.173.232.0/22 maxlen: 24
178.173.232.0/24 maxlen: 24
188.253.104.0/22 maxlen: 24
188.253.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 May 2025 02:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:28:ff:da:67:08:87:c7:8f:ce:ff:32:2b:a7:fa:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 30 19:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=955fde01b49a597f6538aa8fcb30aa33e766df26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cb:ac:a2:41:f4:7c:e1:20:3a:89:dc:48:fd:
c4:3f:8e:38:1c:da:33:02:31:e8:36:3a:bc:aa:dc:
85:4a:b5:79:39:63:11:b4:c9:ad:20:fe:96:6d:6e:
73:c9:ed:a7:c8:55:ec:4a:23:e7:96:ec:ad:02:8a:
7f:93:c5:8d:1e:32:8e:7d:62:b7:ed:68:6f:a8:90:
b5:02:13:e2:b2:8a:a8:b0:1e:2b:80:53:a5:e7:57:
9c:ea:53:99:ad:3f:33:db:90:10:9b:05:42:b4:61:
fd:1a:1e:19:98:58:ae:b4:9d:9b:9b:37:cf:4e:87:
dd:7d:ce:75:aa:c4:d2:1f:cc:f8:24:45:e4:fc:00:
50:6c:90:b2:58:36:7d:fc:fc:fb:4d:be:3a:a1:81:
1c:55:a3:bc:ce:5e:e3:3e:88:8d:21:23:46:8c:35:
0e:28:a9:71:5b:d7:ea:a8:cb:80:b6:63:bd:2c:c3:
a6:b0:75:9b:c0:63:9b:46:c8:df:a4:dc:4a:03:c0:
ea:32:e1:d4:40:b1:58:48:e0:4c:e3:3a:62:cb:de:
74:a0:62:90:e8:df:75:0e:37:b3:7f:bf:a2:26:f3:
36:d2:1c:aa:2f:36:4b:e0:b4:91:27:1c:75:7a:d9:
1d:4b:b8:49:d5:00:21:2c:1f:97:48:8e:02:7c:c2:
1b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5F:DE:01:B4:9A:59:7F:65:38:AA:8F:CB:30:AA:33:E7:66:DF:26
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lV_eAbSaWX9lOKqPyzCqM-dm3yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.10.0/23
89.251.10.0/24
178.173.232.0/22
188.253.104.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:b8:86:ab:d1:ab:e7:c9:65:51:1b:0a:84:12:c6:a7:25:87:
f6:e6:23:bb:0e:ed:56:91:4c:f7:65:90:b4:dd:a7:08:66:bc:
64:e1:87:7f:12:03:47:d9:49:31:7a:52:d2:4e:52:88:5f:99:
9f:14:6c:2f:ea:92:dc:ca:a7:b6:04:09:8a:24:96:21:b4:e5:
9d:ad:c1:cf:86:b4:ee:fe:33:f0:1a:8b:19:e3:b3:15:a9:f8:
f6:f1:61:fc:56:08:18:cc:15:17:32:6c:02:68:99:b1:f4:e5:
4c:71:e6:dc:d3:90:86:82:ca:c8:45:2d:17:c0:f7:77:03:a5:
92:f9:ba:d3:d6:af:7c:bb:d1:82:d1:9c:49:25:c3:bc:bc:a5:
25:bf:42:0c:de:22:04:16:5e:88:5a:92:db:24:26:91:6e:5d:
bb:0f:1b:96:ea:fd:ce:5c:cc:70:e2:6d:9f:97:21:26:32:78:
2f:2c:1d:49:d4:c6:3e:87:22:4a:05:e4:04:03:89:73:f5:7b:
20:2f:c6:0d:2a:bc:6c:42:0b:83:38:90:69:28:eb:aa:0f:c7:
1b:41:f1:a4:d0:12:a2:5d:70:14:c7:bc:04:f6:fb:56:55:f2:
b4:98:67:83:1d:9b:a3:75:f5:1c:0f:b2:a2:41:b1:10:74:81:
da:46:b8:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaIKP/aZwiHx4/O/zIrp/oRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDMwMTkyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVmZGUwMWI0OWE1OTdmNjUzOGFhOGZjYjMwYWEzM2U3NjZkZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcusokH0fOEgOoncSP3EP444HNoz
AjHoNjq8qtyFSrV5OWMRtMmtIP6WbW5zye2nyFXsSiPnluytAop/k8WNHjKOfWK3
7WhvqJC1AhPisoqosB4rgFOl51ec6lOZrT8z25AQmwVCtGH9Gh4ZmFiutJ2bmzfP
Tofdfc51qsTSH8z4JEXk/ABQbJCyWDZ9/Pz7Tb46oYEcVaO8zl7jPoiNISNGjDUO
KKlxW9fqqMuAtmO9LMOmsHWbwGObRsjfpNxKA8DqMuHUQLFYSOBM4zpiy950oGKQ
6N91Djezf7+iJvM20hyqLzZL4LSRJxx1etkdS7hJ1QAhLB+XSI4CfMIbiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJVf3gG0mll/ZTiqj8swqjPnZt8mMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbFZfZUFiU2FXWDlsT0txUHl6Q3FNLWRtM3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUnMKAwQA
WfsKAwQCsq3oAwQDvP1oMA0GCSqGSIb3DQEBCwUAA4IBAQCKuIar0avnyWVRGwqE
EsanJYf25iO7Du1WkUz3ZZC03acIZrxk4Yd/EgNH2UkxelLSTlKIX5mfFGwv6pLc
yqe2BAmKJJYhtOWdrcHPhrTu/jPwGosZ47MVqfj28WH8VggYzBUXMmwCaJmx9OVM
cebc05CGgsrIRS0XwPd3A6WS+brT1q98u9GC0ZxJJcO8vKUlv0IM3iIEFl6IWpLb
JCaRbl27DxuW6v3OXMxw4m2flyEmMngvLB1J1MY+hyJKBeQEA4lz9XsgL8YNKrxs
QguDOJBpKOuqD8cbQfGk0BKiXXAUx7wE9vtWVfK0mGeDHZujdfUcD7KiQbEQdIHa
Rrg0
-----END CERTIFICATE-----
Generated at Wed May 14 19:37:53 2025 by rpki-client