Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/Xl3QL5HJS1e4ENAQknYP91eM8lU.roa
File: Xl3QL5HJS1e4ENAQknYP91eM8lU.roa (raw, json)
Hash identifier: dE+mAuQIrpXImlrc+DbJ4SZFdsCqfvGoVQPv80xo+io=
Subject key identifier: 5E:5D:D0:2F:91:C9:4B:57:B8:10:D0:10:92:76:0F:F7:57:8C:F2:55
Certificate issuer: /CN=d62329d8d7e541953e120fd05f66cc6ebab0684d
Certificate serial: 0193F819902CA291526705FB9DAFEA2BD0AF
Authority key identifier: D6:23:29:D8:D7:E5:41:95:3E:12:0F:D0:5F:66:CC:6E:BA:B0:68:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/Xl3QL5HJS1e4ENAQknYP91eM8lU.roa
Signing time: Tue 24 Dec 2024 09:57:24 +0000
ROA not before: Tue 24 Dec 2024 09:57:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25151
IP address blocks: 37.46.136.0/21 maxlen: 24
81.24.0.0/22 maxlen: 22
81.24.4.0/22 maxlen: 22
81.24.6.0/23 maxlen: 23
81.24.8.0/22 maxlen: 22
81.24.10.0/23 maxlen: 23
85.158.200.0/21 maxlen: 24
93.94.224.0/21 maxlen: 24
109.235.72.0/21 maxlen: 24
185.54.112.0/22 maxlen: 24
185.78.196.0/22 maxlen: 22
2a01:518::/32 maxlen: 48
2a05:6cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Dec 2024 10:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f8:19:90:2c:a2:91:52:67:05:fb:9d:af:ea:2b:d0:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d62329d8d7e541953e120fd05f66cc6ebab0684d
Validity
Not Before: Dec 24 09:57:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e5dd02f91c94b57b810d01092760ff7578cf255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6b:c3:3f:b7:51:0e:8d:03:39:00:90:be:0d:
c6:d3:45:85:98:7e:50:fa:45:75:01:28:28:cb:fb:
58:88:b2:64:e2:dc:ff:16:44:d0:92:88:3d:e4:ab:
6d:f9:b8:0d:41:fa:1b:e9:0e:2c:8f:df:c4:58:87:
f5:9d:55:c8:4d:41:70:20:24:d0:46:05:01:7f:30:
1e:3e:0a:73:be:2c:0f:6b:a6:81:f9:d0:74:e7:84:
7c:ca:2f:20:b4:b2:d8:38:d0:35:55:81:0c:22:30:
a9:95:60:41:6b:fe:6a:9c:d5:2b:db:3e:2b:29:85:
e3:88:5a:d0:4e:15:04:ad:fa:a3:6d:24:e2:6b:19:
ec:72:c6:f0:fb:b0:f2:1d:83:bb:64:47:ad:0b:94:
90:be:15:b6:dd:13:27:3a:d6:55:b6:02:ad:d6:12:
65:0f:de:d1:69:69:f1:80:ce:ab:77:6f:40:86:d9:
a5:b2:f3:b7:8b:77:25:00:a9:a5:f2:c1:a7:cd:f8:
50:25:a0:b3:95:2d:4d:e6:10:28:c8:74:96:f5:4e:
71:c4:6a:ce:86:e2:47:c4:c2:66:c9:a4:ed:17:87:
1f:52:1f:09:04:52:a7:6b:0e:03:6a:96:dc:54:3e:
0d:ee:93:0b:27:94:ba:26:5f:51:a5:0d:73:21:5b:
de:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5D:D0:2F:91:C9:4B:57:B8:10:D0:10:92:76:0F:F7:57:8C:F2:55
X509v3 Authority Key Identifier:
keyid:D6:23:29:D8:D7:E5:41:95:3E:12:0F:D0:5F:66:CC:6E:BA:B0:68:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1iMp2NflQZU-Eg_QX2bMbrqwaE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/Xl3QL5HJS1e4ENAQknYP91eM8lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e85180-1910-4c42-a1f5-73202f0e1d03/1/1iMp2NflQZU-Eg_QX2bMbrqwaE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.136.0/21
81.24.0.0-81.24.11.255
85.158.200.0/21
93.94.224.0/21
109.235.72.0/21
185.54.112.0/22
185.78.196.0/22
IPv6:
2a01:518::/32
2a05:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:c4:de:85:bd:b4:ef:49:8b:a9:f9:06:a4:97:57:72:f9:78:
e4:e1:97:f9:68:da:d0:66:ca:68:7d:ef:2c:e9:cb:bd:ad:87:
9b:93:f5:dc:fc:77:dc:8c:3f:67:76:82:de:f4:e5:da:24:6a:
51:53:d4:89:d4:f1:e5:13:17:b9:0b:bf:4c:11:2d:58:2e:2e:
5b:3c:10:7d:b1:d9:02:61:ee:93:7e:79:7d:bc:ea:bb:86:d5:
ee:9d:f2:0d:44:e4:a4:1a:0d:86:47:c0:50:24:d3:f3:b7:ec:
ef:ef:08:bc:53:f4:55:82:56:fc:59:14:7e:ec:71:22:b2:5f:
8e:69:00:85:a7:94:5b:75:4a:44:88:db:c8:ac:ef:f1:0a:16:
1d:0d:1f:4a:28:60:dc:27:91:fb:c1:c5:03:87:61:ce:ca:eb:
2c:05:73:ef:c6:55:f9:b6:15:e9:fb:3e:1b:aa:31:64:41:dd:
39:54:1c:ca:d3:86:32:f1:fe:be:4a:99:6f:8a:58:f5:97:77:
c5:4e:d0:4d:14:1f:52:7c:aa:53:95:97:38:f0:90:bd:99:86:
5d:fe:d5:3b:d5:67:79:52:d4:e3:fb:6d:26:47:53:fe:26:fc:
a8:7f:99:b2:4c:14:38:e5:63:c1:c8:8f:20:3d:25:51:54:33:
7b:72:46:d7
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZP4GZAsopFSZwX7na/qK9CvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MjMyOWQ4ZDdlNTQxOTUzZTEyMGZkMDVmNjZjYzZlYmFi
MDY4NGQwHhcNMjQxMjI0MDk1NzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTVkZDAyZjkxYzk0YjU3YjgxMGQwMTA5Mjc2MGZmNzU3OGNmMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGvDP7dRDo0DOQCQvg3G00WFmH5Q
+kV1ASgoy/tYiLJk4tz/FkTQkog95Ktt+bgNQfob6Q4sj9/EWIf1nVXITUFwICTQ
RgUBfzAePgpzviwPa6aB+dB054R8yi8gtLLYONA1VYEMIjCplWBBa/5qnNUr2z4r
KYXjiFrQThUErfqjbSTiaxnscsbw+7DyHYO7ZEetC5SQvhW23RMnOtZVtgKt1hJl
D97RaWnxgM6rd29AhtmlsvO3i3clAKml8sGnzfhQJaCzlS1N5hAoyHSW9U5xxGrO
huJHxMJmyaTtF4cfUh8JBFKnaw4DapbcVD4N7pMLJ5S6Jl9RpQ1zIVveaQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF5d0C+RyUtXuBDQEJJ2D/dXjPJVMB8GA1UdIwQY
MBaAFNYjKdjX5UGVPhIP0F9mzG66sGhNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWlNcDJOZmxRWlUtRWdfUVgyYk1icnF3YUUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lODUxODAtMTkxMC00YzQyLWExZjUt
NzMyMDJmMGUxZDAzLzEvWGwzUUw1SEpTMWU0RU5BUWtuWVA5MWVNOGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lODUxODAtMTkxMC00YzQyLWExZjUtNzMyMDJmMGUxZDAz
LzEvMWlNcDJOZmxRWlUtRWdfUVgyYk1icnF3YUUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA3BAIAATAxAwQDJS6IMAsD
AwNRGAMEAlEYCAMEA1WeyAMEA11e4AMEA23rSAMEArk2cAMEArlOxDAUBAIAAjAO
AwUAKgEFGAMFAyoFbMAwDQYJKoZIhvcNAQELBQADggEBAIzE3oW9tO9Ji6n5BqSX
V3L5eOThl/lo2tBmymh97yzpy72th5uT9dz8d9yMP2d2gt705dokalFT1InU8eUT
F7kLv0wRLVguLls8EH2x2QJh7pN+eX286ruG1e6d8g1E5KQaDYZHwFAk0/O37O/v
CLxT9FWCVvxZFH7scSKyX45pAIWnlFt1SkSI28is7/EKFh0NH0ooYNwnkfvBxQOH
Yc7K6ywFc+/GVfm2Fen7PhuqMWRB3TlUHMrThjLx/r5KmW+KWPWXd8VO0E0UH1J8
qlOVlzjwkL2Zhl3+1TvVZ3lS1OP7bSZHU/4m/Kh/mbJMFDjlY8HIjyA9JVFUM3ty
Rtc=
-----END CERTIFICATE-----
Generated at Wed May 14 02:21:06 2025 by rpki-client