Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lZ_qdb2L_GEH54-4k10Y4jdEbw0.roa
File: lZ_qdb2L_GEH54-4k10Y4jdEbw0.roa (raw, json)
Hash identifier: FBsZBA3S8tGzJamgCJTsmmoZbUorKcS/L3I6SY7oXkQ=
Subject key identifier: 95:9F:EA:75:BD:8B:FC:61:07:E7:8F:B8:93:5D:18:E2:37:44:6F:0D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0196814786E1ECDFBC34DE374A73F822FC4E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lZ_qdb2L_GEH54-4k10Y4jdEbw0.roa
Signing time: Tue 29 Apr 2025 11:21:10 +0000
ROA not before: Tue 29 Apr 2025 11:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 89.251.10.0/24 maxlen: 24
188.253.104.0/22 maxlen: 24
188.253.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 14:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:47:86:e1:ec:df:bc:34:de:37:4a:73:f8:22:fc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 29 11:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=959fea75bd8bfc6107e78fb8935d18e237446f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:23:54:02:a8:c7:a1:f8:b2:ed:09:c3:38:86:
98:00:56:3a:71:a6:df:40:9e:cd:3e:fe:6b:62:c9:
b8:bd:74:f2:22:51:fe:ca:15:7c:a9:c7:d1:ae:68:
c2:2e:fe:86:76:b8:43:61:bd:59:37:ca:e9:e1:00:
5b:e3:42:1d:78:0c:2a:e2:fb:61:52:16:f3:3f:db:
e9:2b:2e:7b:34:e6:91:ad:c6:21:aa:db:6b:e6:05:
c8:d7:1a:2e:23:33:f9:90:1b:86:fb:74:a2:17:f4:
d3:70:56:36:52:85:c3:7d:a1:e2:e6:3e:3f:e5:57:
39:e4:cf:70:a0:91:3b:d2:1a:71:f4:75:2b:79:1c:
40:32:b6:8d:21:ae:0b:3d:e7:90:ac:eb:95:28:f3:
91:d0:38:8e:68:88:47:bf:d5:e4:94:67:bf:44:e0:
d4:20:85:4f:96:05:bd:92:a9:b6:f0:b7:1f:61:19:
98:fa:23:d4:df:e1:85:18:74:51:42:6b:ec:28:73:
68:3a:b8:2d:ad:c9:74:60:fe:53:7d:87:d8:fc:ab:
aa:cb:ce:30:e8:68:53:0e:5d:cb:69:f2:77:c3:79:
8b:df:64:6d:fd:4e:01:ed:3e:08:88:78:6e:45:81:
56:a9:49:db:99:1f:c1:a9:5e:eb:1e:19:7a:54:96:
3c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9F:EA:75:BD:8B:FC:61:07:E7:8F:B8:93:5D:18:E2:37:44:6F:0D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/lZ_qdb2L_GEH54-4k10Y4jdEbw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.10.0/24
188.253.104.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:91:7e:72:a6:d3:af:e7:da:e0:57:5f:ae:99:55:14:40:57:
32:da:bd:7c:7f:20:1a:91:8c:ca:39:5d:95:a8:79:5f:70:ad:
65:0d:71:18:f3:bf:1e:0b:10:4e:dc:0d:aa:cc:05:39:33:db:
ee:0a:6b:d6:46:5d:23:ee:9f:cf:33:4c:26:7a:0f:7b:91:57:
67:b9:23:df:68:02:f5:a0:c7:fa:a9:b3:7f:78:7d:fc:fd:f1:
c5:60:ed:31:a3:0e:90:dc:7c:a1:2b:37:c2:18:13:e3:41:b6:
48:36:61:20:78:a1:ee:29:33:95:95:96:41:a1:0f:82:23:91:
3b:2c:82:d2:3f:40:2a:6a:8f:2b:b0:b7:e7:47:58:1b:d6:15:
90:13:11:22:c9:22:36:e3:a5:04:cc:d4:69:10:e7:22:2d:b6:
15:70:32:1e:72:8d:d6:53:13:ae:c7:bb:3c:a0:ab:c2:f5:31:
a3:c5:e0:9a:5d:e5:68:71:00:d9:ba:f4:69:a7:89:db:0f:93:
77:7c:35:68:a5:2b:b1:89:b5:2d:e2:83:9c:2a:a8:37:44:8c:
c1:99:8b:a8:a0:6d:21:97:c6:da:0c:35:a7:d3:9f:d9:bd:dc:
da:ee:27:24:93:f0:c4:58:49:60:bf:81:0a:61:7e:88:23:89:
a5:2f:7a:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaBR4bh7N+8NN43SnP4IvxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDI5MTEyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlmZWE3NWJkOGJmYzYxMDdlNzhmYjg5MzVkMThlMjM3NDQ2ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCNUAqjHofiy7QnDOIaYAFY6cabf
QJ7NPv5rYsm4vXTyIlH+yhV8qcfRrmjCLv6GdrhDYb1ZN8rp4QBb40IdeAwq4vth
UhbzP9vpKy57NOaRrcYhqttr5gXI1xouIzP5kBuG+3SiF/TTcFY2UoXDfaHi5j4/
5Vc55M9woJE70hpx9HUreRxAMraNIa4LPeeQrOuVKPOR0DiOaIhHv9XklGe/RODU
IIVPlgW9kqm28LcfYRmY+iPU3+GFGHRRQmvsKHNoOrgtrcl0YP5TfYfY/Kuqy84w
6GhTDl3LafJ3w3mL32Rt/U4B7T4IiHhuRYFWqUnbmR/BqV7rHhl6VJY8ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJWf6nW9i/xhB+ePuJNdGOI3RG8NMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbFpfcWRiMkxfR0VINTQtNGsxMFk0amRFYncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfsKAwQD
vP1oMA0GCSqGSIb3DQEBCwUAA4IBAQBtkX5yptOv59rgV1+umVUUQFcy2r18fyAa
kYzKOV2VqHlfcK1lDXEY878eCxBO3A2qzAU5M9vuCmvWRl0j7p/PM0wmeg97kVdn
uSPfaAL1oMf6qbN/eH38/fHFYO0xow6Q3HyhKzfCGBPjQbZINmEgeKHuKTOVlZZB
oQ+CI5E7LILSP0Aqao8rsLfnR1gb1hWQExEiySI246UEzNRpEOciLbYVcDIeco3W
UxOux7s8oKvC9TGjxeCaXeVocQDZuvRpp4nbD5N3fDVopSuxibUt4oOcKqg3RIzB
mYuooG0hl8baDDWn05/Zvdza7ickk/DEWElgv4EKYX6II4mlL3ph
-----END CERTIFICATE-----
Generated at Thu May 15 22:37:36 2025 by rpki-client