Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/XPjU_xkAkpe7tmkkQOAoptEj_Ug.roa
File: XPjU_xkAkpe7tmkkQOAoptEj_Ug.roa (raw, json)
Hash identifier: grNELTDf91vHNfI9mARuPYDqy8pgPW9E472+Mu73qpM=
Subject key identifier: 5C:F8:D4:FF:19:00:92:97:BB:B6:69:24:40:E0:28:A6:D1:23:FD:48
Certificate issuer: /CN=ac8a69ecb787cce9892dc65480463fb088b613df
Certificate serial: 0194258F6E2405B9B24ABCD67263D0FF0286
Authority key identifier: AC:8A:69:EC:B7:87:CC:E9:89:2D:C6:54:80:46:3F:B0:88:B6:13:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/XPjU_xkAkpe7tmkkQOAoptEj_Ug.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44946
IP address blocks: 93.94.128.0/21 maxlen: 24
93.94.135.0/24 maxlen: 24
185.59.200.0/22 maxlen: 24
194.187.64.0/22 maxlen: 24
195.49.152.0/22 maxlen: 24
2a02:158::/32 maxlen: 64
2a02:158:aa00::/39 maxlen: 39
2a02:158:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Jan 2025 11:21:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6e:24:05:b9:b2:4a:bc:d6:72:63:d0:ff:02:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a69ecb787cce9892dc65480463fb088b613df
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cf8d4ff19009297bbb6692440e028a6d123fd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:32:39:8f:d9:e2:58:d5:ca:de:23:a6:0e:d6:
da:01:d2:89:cc:17:c1:a0:d4:b0:86:86:5b:51:ff:
c0:ce:4f:ea:59:95:c5:18:13:2c:20:88:f3:ed:1c:
62:0e:85:ea:ce:9f:62:a8:60:f2:94:5e:96:66:fc:
74:81:9e:dd:14:bc:89:38:97:75:d8:92:00:6c:ec:
0a:42:55:f6:47:d3:e2:30:ac:8b:4e:a2:fe:bc:28:
7c:31:98:c3:d7:c9:aa:9d:1c:75:3a:ff:a8:1d:f4:
ff:86:ef:fe:d5:96:72:57:d5:ef:27:11:86:5e:c0:
e4:ed:f8:92:52:00:89:ca:ac:e5:ad:7c:4c:fd:99:
b9:1e:2c:77:ee:c7:56:02:0f:93:b4:29:53:e5:e6:
01:41:d1:5e:98:4a:50:73:23:41:53:b8:59:32:5b:
f0:42:59:08:bc:3b:91:06:e1:71:be:15:00:f0:6c:
f4:75:79:62:41:0a:af:65:ca:35:4b:12:5f:fc:49:
5a:db:03:04:5b:0b:75:87:4f:b5:dd:17:50:40:8b:
91:c7:2c:39:21:77:ef:9c:1d:8a:7e:47:09:ce:77:
61:ab:3f:a7:13:97:31:a9:17:32:0c:05:cf:0b:03:
b6:ce:cf:e6:66:62:75:b7:bb:b3:a0:2a:d1:44:8e:
a3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F8:D4:FF:19:00:92:97:BB:B6:69:24:40:E0:28:A6:D1:23:FD:48
X509v3 Authority Key Identifier:
keyid:AC:8A:69:EC:B7:87:CC:E9:89:2D:C6:54:80:46:3F:B0:88:B6:13:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/XPjU_xkAkpe7tmkkQOAoptEj_Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/rIpp7LeHzOmJLcZUgEY_sIi2E98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.128.0/21
185.59.200.0/22
194.187.64.0/22
195.49.152.0/22
IPv6:
2a02:158::/32
Signature Algorithm: sha256WithRSAEncryption
65:15:23:90:24:f3:b5:a1:3f:f7:df:98:47:76:64:65:07:e6:
fb:03:8f:bd:dc:92:f1:26:b9:df:19:f0:8a:98:d7:76:e4:87:
24:2b:6a:d4:d1:8b:4b:9c:a5:53:6b:94:e7:fc:f2:24:82:dc:
b1:75:de:3d:90:dd:66:b9:45:d7:60:da:77:9e:70:a1:43:ae:
ca:2a:ff:69:23:a2:89:ac:92:0e:dd:29:01:9e:5c:32:5c:8b:
46:59:4c:c7:04:9e:ce:d2:d0:46:53:17:de:cb:cf:99:86:98:
b4:70:07:ab:88:a3:5d:bc:96:9f:b2:8b:2d:95:5d:5b:2a:39:
6e:cd:37:8b:8f:81:09:ca:bb:af:21:1f:ea:f1:4b:8c:47:f8:
75:f5:d0:01:8d:6b:4e:7b:8a:11:e8:ca:c3:5c:4b:c5:0d:8d:
b8:a1:a9:3f:04:e4:e1:d6:0c:a8:b0:93:c6:3a:5e:c6:13:65:
29:cb:4f:b5:f7:fc:e7:41:00:bb:7d:8e:6d:76:4e:17:ef:1f:
27:8b:93:94:41:c1:68:d6:43:eb:0d:fd:fe:3e:14:d4:33:8c:
99:9c:77:43:57:cb:d4:09:83:6b:01:4d:f1:23:49:e2:76:8f:
65:86:fa:28:10:cb:f7:48:01:06:8c:5a:b7:79:de:6e:8b:db:
46:e1:e0:c2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQlj24kBbmySrzWcmPQ/wKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGE2OWVjYjc4N2NjZTk4OTJkYzY1NDgwNDYzZmIwODhi
NjEzZGYwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y4ZDRmZjE5MDA5Mjk3YmJiNjY5MjQ0MGUwMjhhNmQxMjNmZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jI5j9niWNXK3iOmDtbaAdKJzBfB
oNSwhoZbUf/Azk/qWZXFGBMsIIjz7RxiDoXqzp9iqGDylF6WZvx0gZ7dFLyJOJd1
2JIAbOwKQlX2R9PiMKyLTqL+vCh8MZjD18mqnRx1Ov+oHfT/hu/+1ZZyV9XvJxGG
XsDk7fiSUgCJyqzlrXxM/Zm5Hix37sdWAg+TtClT5eYBQdFemEpQcyNBU7hZMlvw
QlkIvDuRBuFxvhUA8Gz0dXliQQqvZco1SxJf/Ela2wMEWwt1h0+13RdQQIuRxyw5
IXfvnB2KfkcJzndhqz+nE5cxqRcyDAXPCwO2zs/mZmJ1t7uzoCrRRI6jMQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFz41P8ZAJKXu7ZpJEDgKKbRI/1IMB8GA1UdIwQY
MBaAFKyKaey3h8zpiS3GVIBGP7CIthPfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklwcDdMZUh6T21KTGNaVWdFWV9zSWkyRTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84N2RhZGYtMjlkOS00OWQzLThhYzYt
NGNjNDBmZmQ3OTZkLzEvWFBqVV94a0FrcGU3dG1ra1FPQW9wdEVqX1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84N2RhZGYtMjlkOS00OWQzLThhYzYtNGNjNDBmZmQ3OTZk
LzEvcklwcDdMZUh6T21KTGNaVWdFWV9zSWkyRTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXV6AAwQC
uTvIAwQCwrtAAwQCwzGYMA0EAgACMAcDBQAqAgFYMA0GCSqGSIb3DQEBCwUAA4IB
AQBlFSOQJPO1oT/335hHdmRlB+b7A4+93JLxJrnfGfCKmNd25IckK2rU0YtLnKVT
a5Tn/PIkgtyxdd49kN1muUXXYNp3nnChQ67KKv9pI6KJrJIO3SkBnlwyXItGWUzH
BJ7O0tBGUxfey8+Zhpi0cAeriKNdvJafsostlV1bKjluzTeLj4EJyruvIR/q8UuM
R/h19dABjWtOe4oR6MrDXEvFDY24oak/BOTh1gyosJPGOl7GE2Upy0+19/znQQC7
fY5tdk4X7x8ni5OUQcFo1kPrDf3+PhTUM4yZnHdDV8vUCYNrAU3xI0nido9lhvoo
EMv3SAEGjFq3ed5ui9tG4eDC
-----END CERTIFICATE-----
Generated at Mon May 5 18:33:21 2025 by rpki-client