Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/x_d11DnTZa9d88R7fW6tENYMRPQ.roa
File: x_d11DnTZa9d88R7fW6tENYMRPQ.roa (raw, json)
Hash identifier: AFaf9NZeq9eB0Q+v1ghd9dt218F00A62SrwL9awkER0=
Subject key identifier: C7:F7:75:D4:39:D3:65:AF:5D:F3:C4:7B:7D:6E:AD:10:D6:0C:44:F4
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019517C295079B6B4A77E441B60384CCB61C
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/x_d11DnTZa9d88R7fW6tENYMRPQ.roa
Signing time: Tue 18 Feb 2025 06:33:02 +0000
ROA not before: Tue 18 Feb 2025 06:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209043
IP address blocks: 5.252.184.0/24 maxlen: 24
5.252.185.0/24 maxlen: 24
45.11.155.0/24 maxlen: 24
45.138.28.0/22 maxlen: 22
141.98.56.0/24 maxlen: 24
141.98.57.0/24 maxlen: 24
141.98.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 10:39:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:c2:95:07:9b:6b:4a:77:e4:41:b6:03:84:cc:b6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Feb 18 06:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7f775d439d365af5df3c47b7d6ead10d60c44f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:df:05:9f:9e:5f:20:2c:c4:22:2f:f8:aa:f5:
9c:89:1b:cb:c9:e9:af:58:0d:c1:70:f0:55:8b:4f:
c5:31:28:d8:2b:40:84:32:a8:a5:24:b3:9e:16:e8:
67:d9:e9:02:f4:6f:23:03:a6:f2:27:75:b9:a1:fd:
36:16:e1:bc:33:b1:3b:7f:b5:06:bb:c5:2d:81:97:
c2:b1:f1:6e:bf:45:7a:2f:fe:42:9e:8b:83:29:da:
cb:9d:6f:f3:50:f6:a4:f0:45:76:b3:1c:4c:4e:b3:
b8:a7:06:ad:db:85:24:6b:28:24:54:62:a3:fb:1d:
bb:49:0c:0a:34:82:fe:29:84:03:5e:a8:ef:f0:9e:
4d:7d:29:40:80:9d:e1:01:52:1e:f6:c7:0a:50:25:
c1:87:75:c7:f4:37:4c:23:79:8b:bb:c3:7d:f2:93:
13:89:22:0a:88:fa:ce:f1:3d:19:d1:4d:31:9c:78:
27:2f:ea:e6:21:d0:39:1f:bc:91:a9:84:83:a1:a5:
48:55:62:ca:f7:b4:fa:21:e1:5d:75:0a:4d:e8:f8:
5d:fa:fd:78:d5:80:c3:3c:83:90:39:f2:fa:03:cd:
ce:d0:29:6a:69:34:13:f1:8f:d1:05:20:e4:bc:db:
12:6a:1f:6d:f3:7e:6e:d1:df:ef:9a:67:19:07:33:
fe:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F7:75:D4:39:D3:65:AF:5D:F3:C4:7B:7D:6E:AD:10:D6:0C:44:F4
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/x_d11DnTZa9d88R7fW6tENYMRPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.184.0/23
45.11.155.0/24
45.138.28.0/22
141.98.56.0/23
141.98.59.0/24
Signature Algorithm: sha256WithRSAEncryption
75:5d:34:d8:a3:de:d9:f3:a2:1a:a0:c6:95:c0:83:f5:6f:4f:
c8:6e:70:8b:69:51:02:cd:ee:6c:73:f8:7a:b3:9f:64:d3:de:
21:4d:13:14:8c:13:ff:98:d6:1b:0d:f3:bd:f3:9d:57:95:e0:
6e:2e:e7:9c:76:67:3e:22:8b:d8:a0:7c:4c:57:4f:dd:d4:48:
9b:fd:ad:77:cd:78:2e:09:78:0f:14:16:7f:a7:f7:d2:a6:b2:
fa:23:25:2f:d1:4d:29:22:b8:e8:ef:c5:30:6a:1f:38:3f:3e:
73:86:5c:0d:a9:99:18:42:2d:b0:f4:f2:9c:50:a0:e8:04:77:
6a:ac:38:b9:af:b1:0b:39:6d:98:84:85:c9:1e:21:89:73:bd:
be:71:39:19:39:df:15:0a:ee:1d:c6:2e:77:92:e4:96:c2:39:
09:ef:27:07:28:6e:43:45:49:01:91:90:99:4c:58:83:6a:00:
c0:e4:72:2e:c4:c7:50:8e:cd:b6:2f:6b:7f:92:49:e4:e5:a8:
56:d2:1b:ea:f4:c4:c8:2a:7a:de:f9:3f:b3:1b:92:37:6c:3a:
c2:58:0a:83:3f:48:01:54:02:08:f3:2a:43:07:0a:c3:4e:34:
37:d4:55:42:93:bb:fe:b2:ce:21:ea:a4:45:a2:14:60:19:44:
2f:3d:3a:1e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZUXwpUHm2tKd+RBtgOEzLYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMjE4MDYzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y3NzVkNDM5ZDM2NWFmNWRmM2M0N2I3ZDZlYWQxMGQ2MGM0NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkd8Fn55fICzEIi/4qvWciRvLyemv
WA3BcPBVi0/FMSjYK0CEMqilJLOeFuhn2ekC9G8jA6byJ3W5of02FuG8M7E7f7UG
u8UtgZfCsfFuv0V6L/5CnouDKdrLnW/zUPak8EV2sxxMTrO4pwat24UkaygkVGKj
+x27SQwKNIL+KYQDXqjv8J5NfSlAgJ3hAVIe9scKUCXBh3XH9DdMI3mLu8N98pMT
iSIKiPrO8T0Z0U0xnHgnL+rmIdA5H7yRqYSDoaVIVWLK97T6IeFddQpN6Phd+v14
1YDDPIOQOfL6A83O0ClqaTQT8Y/RBSDkvNsSah9t835u0d/vmmcZBzP+IwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMf3ddQ502WvXfPEe31urRDWDET0MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEveF9kMTFEblRaYTlkODhSN2ZXNnRFTllNUlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBfy4AwQA
LQubAwQCLYocAwQBjWI4AwQAjWI7MA0GCSqGSIb3DQEBCwUAA4IBAQB1XTTYo97Z
86IaoMaVwIP1b0/IbnCLaVECze5sc/h6s59k094hTRMUjBP/mNYbDfO9851XleBu
Luecdmc+IovYoHxMV0/d1Eib/a13zXguCXgPFBZ/p/fSprL6IyUv0U0pIrjo78Uw
ah84Pz5zhlwNqZkYQi2w9PKcUKDoBHdqrDi5r7ELOW2YhIXJHiGJc72+cTkZOd8V
Cu4dxi53kuSWwjkJ7ycHKG5DRUkBkZCZTFiDagDA5HIuxMdQjs22L2t/kknk5ahW
0hvq9MTIKnre+T+zG5I3bDrCWAqDP0gBVAII8ypDBwrDTjQ31FVCk7v+ss4h6qRF
ohRgGUQvPToe
-----END CERTIFICATE-----
Generated at Tue May 6 03:07:32 2025 by rpki-client