Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/9Wv36M0RJ68a08BxH-lpIGQLi9o.roa
File: 9Wv36M0RJ68a08BxH-lpIGQLi9o.roa (raw, json)
Hash identifier: 5KsxaNFjOQRqmqqQsAgyvnAWhIcBXxO0usHHw+tVHAU=
Subject key identifier: F5:6B:F7:E8:CD:11:27:AF:1A:D3:C0:71:1F:E9:69:20:64:0B:8B:DA
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 019669A80F1715B9CCFD95F15F60C134DB5F
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/9Wv36M0RJ68a08BxH-lpIGQLi9o.roa
Signing time: Thu 24 Apr 2025 21:15:43 +0000
ROA not before: Thu 24 Apr 2025 21:15:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31304
IP address blocks: 83.168.96.0/23 maxlen: 24
83.168.104.0/24 maxlen: 24
83.168.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 09:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:69:a8:0f:17:15:b9:cc:fd:95:f1:5f:60:c1:34:db:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Apr 24 21:15:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f56bf7e8cd1127af1ad3c0711fe96920640b8bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:9e:1c:ab:ee:8f:f6:54:5a:9c:06:b4:7c:
80:b9:64:f7:70:5d:23:fc:df:61:4a:8f:fb:c0:04:
1d:99:8d:4d:58:af:8f:13:df:56:ae:78:90:62:e1:
89:84:5b:99:af:ec:e5:9e:b8:05:5c:5d:6e:c2:5a:
04:4b:bb:9f:43:4a:f3:35:24:15:a3:a8:92:61:9a:
27:2a:7c:51:7d:85:e6:47:34:15:cd:7a:66:02:1e:
15:ed:0e:12:21:66:4f:28:43:ca:02:58:5b:51:63:
a3:28:d1:22:e1:3b:99:b2:e9:b1:d2:9b:c8:d2:27:
7c:c7:23:69:c2:b5:dc:19:8b:e4:7a:a2:02:3c:2f:
cc:d4:e3:f6:43:cb:8b:fc:1c:f8:40:77:e0:84:03:
8a:68:0f:bb:4b:9e:ad:ab:8d:c5:de:5f:f8:3a:5d:
93:29:20:56:e0:28:e4:e6:ba:04:d6:b6:a5:e0:27:
64:e1:0d:03:e6:a5:6a:9e:4d:ed:00:7d:6e:19:c3:
84:18:df:b9:75:08:c3:d5:4a:1a:0e:f2:e6:b8:ae:
ed:e1:2d:b2:a0:2e:41:f2:aa:9f:b0:fb:40:6d:9e:
87:15:18:a8:84:13:f5:09:a2:ef:41:35:99:ec:6b:
f3:3f:35:e6:fa:29:44:ed:3f:cd:6e:c9:aa:a2:92:
8e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:6B:F7:E8:CD:11:27:AF:1A:D3:C0:71:1F:E9:69:20:64:0B:8B:DA
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/9Wv36M0RJ68a08BxH-lpIGQLi9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.168.96.0/23
83.168.104.0/24
83.168.111.0/24
Signature Algorithm: sha256WithRSAEncryption
35:11:4d:2f:ea:81:50:3f:bf:5b:2a:b4:97:2b:18:9b:ba:f0:
7e:2e:59:22:39:3b:5c:32:61:de:1f:51:2c:4f:cd:0d:87:a5:
5c:ed:a8:60:e5:2e:e6:0c:b1:7a:1b:bf:c8:63:96:01:0e:b0:
b6:bb:f3:83:9f:f3:97:87:db:4c:02:f2:d4:5b:08:11:1f:1f:
da:2a:0a:62:7a:61:6b:f8:9a:a3:a7:f9:0c:71:4c:ca:e2:59:
8e:ac:ab:86:fd:3d:a1:c5:42:43:54:0a:0d:ff:f7:7a:8e:5b:
89:f4:c7:cf:40:72:0e:e4:26:ca:a9:13:db:11:43:e6:1b:06:
02:32:69:4a:87:16:7d:00:19:8c:ce:5e:61:02:75:e2:b0:5b:
3b:50:1e:7f:55:2f:91:39:74:a3:b1:8d:4a:54:e4:06:4d:e2:
ae:92:ab:fd:84:83:e8:6f:51:ea:8a:dc:a5:98:c7:63:c3:4f:
40:07:d6:ca:16:b9:d4:14:e7:9d:6e:19:5d:bc:47:1d:31:c9:
25:7d:c6:3e:a2:e9:68:bf:24:8e:92:7e:b9:54:29:26:2d:8c:
38:a8:9e:75:9d:08:f1:c0:9d:19:2f:4d:2c:80:ad:9e:a4:87:
ff:e9:10:5d:66:2f:22:84:bd:34:72:cd:c6:c3:93:65:a8:96:
f3:09:5f:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZpqA8XFbnM/ZXxX2DBNNtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjUwNDI0MjExNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTZiZjdlOGNkMTEyN2FmMWFkM2MwNzExZmU5NjkyMDY0MGI4YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutmeHKvuj/ZUWpwGtHyAuWT3cF0j
/N9hSo/7wAQdmY1NWK+PE99WrniQYuGJhFuZr+zlnrgFXF1uwloES7ufQ0rzNSQV
o6iSYZonKnxRfYXmRzQVzXpmAh4V7Q4SIWZPKEPKAlhbUWOjKNEi4TuZsumx0pvI
0id8xyNpwrXcGYvkeqICPC/M1OP2Q8uL/Bz4QHfghAOKaA+7S56tq43F3l/4Ol2T
KSBW4Cjk5roE1ral4Cdk4Q0D5qVqnk3tAH1uGcOEGN+5dQjD1UoaDvLmuK7t4S2y
oC5B8qqfsPtAbZ6HFRiohBP1CaLvQTWZ7GvzPzXm+ilE7T/NbsmqopKOXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPVr9+jNESevGtPAcR/paSBkC4vaMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvOVd2MzZNMFJKNjhhMDhCeEgtbHBJR1FMaTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBU6hgAwQA
U6hoAwQAU6hvMA0GCSqGSIb3DQEBCwUAA4IBAQA1EU0v6oFQP79bKrSXKxibuvB+
LlkiOTtcMmHeH1EsT80Nh6Vc7ahg5S7mDLF6G7/IY5YBDrC2u/ODn/OXh9tMAvLU
WwgRHx/aKgpiemFr+Jqjp/kMcUzK4lmOrKuG/T2hxUJDVAoN//d6jluJ9MfPQHIO
5CbKqRPbEUPmGwYCMmlKhxZ9ABmMzl5hAnXisFs7UB5/VS+ROXSjsY1KVOQGTeKu
kqv9hIPob1HqitylmMdjw09AB9bKFrnUFOedbhldvEcdMcklfcY+oulovySOkn65
VCkmLYw4qJ51nQjxwJ0ZL00sgK2epIf/6RBdZi8ihL00cs3Gw5NlqJbzCV/i
-----END CERTIFICATE-----
Generated at Sun May 11 12:30:03 2025 by rpki-client