Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/mk3vVzwiNC3vm78h8ST9B5Pzsu4.roa
File: mk3vVzwiNC3vm78h8ST9B5Pzsu4.roa (raw, json)
Hash identifier: hT/M2zPGM1OtvcQEmpyQuHw7cLLUQdp5CLzhakPRQJA=
Subject key identifier: 9A:4D:EF:57:3C:22:34:2D:EF:9B:BF:21:F1:24:FD:07:93:F3:B2:EE
Certificate issuer: /CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Certificate serial: 019639D4340F6E6FBAD236EEEC84FE978BCD
Authority key identifier: 7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/mk3vVzwiNC3vm78h8ST9B5Pzsu4.roa
Signing time: Tue 15 Apr 2025 14:22:10 +0000
ROA not before: Tue 15 Apr 2025 14:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59796
IP address blocks: 5.252.32.0/24 maxlen: 24
5.252.33.0/24 maxlen: 24
5.252.34.0/24 maxlen: 24
5.252.35.0/24 maxlen: 24
160.79.120.0/24 maxlen: 24
160.79.121.0/24 maxlen: 24
160.79.122.0/24 maxlen: 24
160.79.123.0/24 maxlen: 24
185.121.240.0/22 maxlen: 22
185.121.240.0/24 maxlen: 24
185.121.241.0/24 maxlen: 24
185.121.242.0/24 maxlen: 24
185.121.243.0/24 maxlen: 24
2a06:a180:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Apr 2025 15:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:d4:34:0f:6e:6f:ba:d2:36:ee:ec:84:fe:97:8b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e26b1ef7410072ce96e82d7581be436e639a7c4
Validity
Not Before: Apr 15 14:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a4def573c22342def9bbf21f124fd0793f3b2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7e:14:c8:cc:fc:7b:d2:69:d0:4a:88:94:94:
ea:73:7a:01:27:05:bb:e5:74:c8:37:2e:1d:79:41:
94:73:ba:1e:ce:bc:3f:e9:6c:fc:89:8e:d6:b6:fe:
fe:ee:0d:90:d8:42:0b:b5:fe:87:d0:49:85:84:f0:
90:de:32:62:71:04:ad:fc:eb:80:07:03:d9:cb:0f:
d5:46:fe:49:0d:41:d2:24:cf:59:7a:7c:34:e6:71:
b7:83:93:89:70:7f:6e:18:5d:33:9f:21:26:8b:c5:
22:bf:cf:4d:49:c8:c9:2f:42:04:36:2d:91:fb:49:
df:10:05:6a:2d:f2:c7:2a:25:1b:30:ea:1f:76:3a:
96:ea:38:48:47:36:2f:dd:53:59:70:2f:99:79:2b:
65:01:71:b7:67:80:48:b8:10:58:6e:bc:9a:0b:57:
53:f7:e5:79:9c:ca:8a:ea:06:06:ad:79:d4:be:5b:
07:78:59:8b:4d:c2:74:09:5d:82:66:4a:b3:7a:12:
4a:86:75:04:63:ca:9b:8c:ca:46:6b:e6:cd:f6:78:
c0:cc:fe:83:ea:49:ce:9f:f9:af:de:bd:59:e5:01:
7c:a6:2d:0e:89:ee:ca:53:9f:54:f4:c0:d8:73:2c:
81:14:39:ba:1c:09:91:a2:79:2a:05:46:b5:97:de:
39:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:4D:EF:57:3C:22:34:2D:EF:9B:BF:21:F1:24:FD:07:93:F3:B2:EE
X509v3 Authority Key Identifier:
keyid:7E:26:B1:EF:74:10:07:2C:E9:6E:82:D7:58:1B:E4:36:E6:39:A7:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiax73QQByzpboLXWBvkNuY5p8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/mk3vVzwiNC3vm78h8ST9B5Pzsu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/cac63c-55e5-4154-8876-8c32c351ee70/1/fiax73QQByzpboLXWBvkNuY5p8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.32.0/22
160.79.120.0/22
185.121.240.0/22
IPv6:
2a06:a180:10::/48
Signature Algorithm: sha256WithRSAEncryption
b6:54:27:c9:48:a7:46:07:6a:ad:45:db:b4:e9:45:a3:8e:e6:
8d:ad:b4:60:ff:7e:9b:76:02:88:74:1b:41:9d:e4:01:82:a0:
c6:78:0e:5f:e4:05:8c:90:f4:6c:3a:ab:94:1c:d8:e8:1f:2c:
49:b1:6a:b6:c4:4f:39:9a:89:55:18:58:1a:51:f0:a7:a1:c4:
16:4c:64:e8:60:c6:2b:40:23:36:7d:d5:be:ea:7a:35:f0:b2:
3a:71:8c:83:ed:a8:17:7d:ff:55:2a:df:2f:93:45:3c:8a:e5:
52:20:da:bf:4f:33:37:fa:61:52:1b:d6:5c:da:2e:52:5d:cb:
cd:8c:49:16:80:e9:7d:65:ef:a9:3e:51:05:2e:01:74:f5:44:
7a:3e:b4:14:7e:72:2a:85:47:46:ba:a0:9a:37:a4:0f:d4:35:
42:f6:c5:7b:d2:ee:be:c2:52:9f:da:44:fe:7c:80:5f:f6:ec:
ae:68:49:45:d4:d2:b9:8f:8a:62:b5:6f:bb:98:6f:fd:6c:56:
11:37:86:8f:91:61:6a:65:f8:0e:c9:4e:17:5d:5b:0e:5b:5c:
f9:eb:97:0e:b5:4d:b3:de:72:37:df:1d:98:9b:5f:66:62:d5:
65:c4:d7:52:be:ee:ab:77:3d:2a:cf:fa:90:a4:e3:2a:f9:93:
17:23:e3:f8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZY51DQPbm+60jbu7IT+l4vNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjZiMWVmNzQxMDA3MmNlOTZlODJkNzU4MWJlNDM2ZTYz
OWE3YzQwHhcNMjUwNDE1MTQyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTRkZWY1NzNjMjIzNDJkZWY5YmJmMjFmMTI0ZmQwNzkzZjNiMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr34UyMz8e9Jp0EqIlJTqc3oBJwW7
5XTINy4deUGUc7oezrw/6Wz8iY7Wtv7+7g2Q2EILtf6H0EmFhPCQ3jJicQSt/OuA
BwPZyw/VRv5JDUHSJM9Zenw05nG3g5OJcH9uGF0znyEmi8Uiv89NScjJL0IENi2R
+0nfEAVqLfLHKiUbMOofdjqW6jhIRzYv3VNZcC+ZeStlAXG3Z4BIuBBYbryaC1dT
9+V5nMqK6gYGrXnUvlsHeFmLTcJ0CV2CZkqzehJKhnUEY8qbjMpGa+bN9njAzP6D
6knOn/mv3r1Z5QF8pi0Oie7KU59U9MDYcyyBFDm6HAmRonkqBUa1l945lQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJpN71c8IjQt75u/IfEk/QeT87LuMB8GA1UdIwQY
MBaAFH4mse90EAcs6W6C11gb5DbmOafEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYt
OGMzMmMzNTFlZTcwLzEvbWszdlZ6d2lOQzN2bTc4aDhTVDlCNVB6c3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9jYWM2M2MtNTVlNS00MTU0LTg4NzYtOGMzMmMzNTFlZTcw
LzEvZmlheDczUVFCeXpwYm9MWFdCdmtOdVk1cDhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCBfwgAwQC
oE94AwQCuXnwMA8EAgACMAkDBwAqBqGAABAwDQYJKoZIhvcNAQELBQADggEBALZU
J8lIp0YHaq1F27TpRaOO5o2ttGD/fpt2Aoh0G0Gd5AGCoMZ4Dl/kBYyQ9Gw6q5Qc
2OgfLEmxarbETzmaiVUYWBpR8KehxBZMZOhgxitAIzZ91b7qejXwsjpxjIPtqBd9
/1Uq3y+TRTyK5VIg2r9PMzf6YVIb1lzaLlJdy82MSRaA6X1l76k+UQUuAXT1RHo+
tBR+ciqFR0a6oJo3pA/UNUL2xXvS7r7CUp/aRP58gF/27K5oSUXU0rmPimK1b7uY
b/1sVhE3ho+RYWpl+A7JThddWw5bXPnrlw61TbPecjffHZibX2Zi1WXE11K+7qt3
PSrP+pCk4yr5kxcj4/g=
-----END CERTIFICATE-----
Generated at Sat May 17 19:29:36 2025 by rpki-client