Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Ce8jR80Zo3SiKiOpehKCXj2dx7M.roa
File: Ce8jR80Zo3SiKiOpehKCXj2dx7M.roa (raw, json)
Hash identifier: Uo6Qk4WxSvG/Mis4bSCM2d/06jFKotkwC/9rQ4l9dEY=
Subject key identifier: 09:EF:23:47:CD:19:A3:74:A2:2A:23:A9:7A:12:82:5E:3D:9D:C7:B3
Certificate issuer: /CN=473779e6a77c7e58213198764ce2ac0e6bee6236
Certificate serial: 0196A94D3238D587D84F5C5256DCDCAA0CBD
Authority key identifier: 47:37:79:E6:A7:7C:7E:58:21:31:98:76:4C:E2:AC:0E:6B:EE:62:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rzd55qd8flghMZh2TOKsDmvuYjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Ce8jR80Zo3SiKiOpehKCXj2dx7M.roa
Signing time: Wed 07 May 2025 05:52:10 +0000
ROA not before: Wed 07 May 2025 05:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42730
IP address blocks: 178.254.60.0/23 maxlen: 23
178.254.62.0/24 maxlen: 24
185.195.100.0/23 maxlen: 23
185.195.102.0/23 maxlen: 23
2a00:6800::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 May 2025 08:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:4d:32:38:d5:87:d8:4f:5c:52:56:dc:dc:aa:0c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=473779e6a77c7e58213198764ce2ac0e6bee6236
Validity
Not Before: May 7 05:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09ef2347cd19a374a22a23a97a12825e3d9dc7b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f8:f0:a4:a0:9b:ed:c4:1c:03:e9:76:88:28:
4c:3d:f8:a1:9e:01:9e:8b:4e:d6:a8:73:f6:56:b8:
e3:00:83:59:04:05:6b:25:53:75:75:78:7c:87:bd:
67:10:90:bc:fc:a1:27:d4:be:84:86:54:19:12:79:
17:8f:b6:ea:ec:bf:20:12:95:7c:27:9d:ae:7a:37:
fc:ab:29:dc:e0:8b:fb:f0:14:4e:d5:c1:88:44:b0:
92:50:37:ad:b4:41:bd:29:c7:81:10:4e:f0:8e:4a:
1d:7e:3e:c5:05:75:6a:42:cf:89:c9:07:af:16:c8:
d3:93:9f:7f:eb:e8:67:f3:2a:2c:dc:5f:b2:fa:2a:
28:c2:91:36:4f:17:75:43:62:ce:67:a2:f8:eb:b3:
1e:1e:07:ef:ae:1e:d0:f7:15:e8:6a:fb:02:f2:90:
40:53:ee:be:a5:6b:dc:fc:0f:fb:33:30:16:d6:fa:
46:b6:5a:94:6c:9c:c9:85:b7:0c:90:64:07:10:36:
38:24:d8:e4:ff:b4:84:d7:95:e9:3a:d5:56:61:a7:
02:cb:39:ae:5d:a1:bc:61:cc:f3:51:ba:50:a3:a2:
37:c9:29:ca:2b:5e:a3:6b:b6:1b:5a:89:6c:78:b1:
86:ab:c8:a7:fd:2e:07:3d:b6:9b:7f:44:d2:bc:82:
26:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EF:23:47:CD:19:A3:74:A2:2A:23:A9:7A:12:82:5E:3D:9D:C7:B3
X509v3 Authority Key Identifier:
keyid:47:37:79:E6:A7:7C:7E:58:21:31:98:76:4C:E2:AC:0E:6B:EE:62:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rzd55qd8flghMZh2TOKsDmvuYjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Ce8jR80Zo3SiKiOpehKCXj2dx7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1d7583-d10c-47db-aee1-58d664210669/1/Rzd55qd8flghMZh2TOKsDmvuYjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.254.60.0-178.254.62.255
185.195.100.0/22
IPv6:
2a00:6800::/32
Signature Algorithm: sha256WithRSAEncryption
6c:4f:34:7a:dd:d9:b7:2d:cd:4c:f8:e2:f3:06:72:e3:37:48:
7c:55:f4:1a:97:d2:c7:0d:5c:3b:60:03:e0:8e:a5:60:50:da:
a9:84:49:f2:63:1b:24:28:a1:1b:10:28:6b:5b:dd:73:e3:fc:
e5:b1:bd:9f:d4:66:38:3d:19:a2:67:41:ec:23:e1:0e:20:26:
e8:e0:19:dc:80:c2:2f:5a:8a:2c:83:51:0c:7e:c4:db:0e:7c:
fc:2b:9a:20:8c:31:84:17:2f:a1:4e:ce:2c:fd:e0:09:6c:a3:
09:45:a2:e8:e9:c1:44:03:6f:ae:d0:d7:44:46:f5:96:87:73:
0f:fd:3c:03:f6:c5:a7:01:de:67:7a:94:87:48:c2:cf:45:0f:
be:6f:cd:e4:67:f0:9d:4f:c5:69:63:fc:d3:9e:5a:ae:48:e2:
d9:e5:b7:9e:31:db:e8:6c:d3:a2:f7:7f:cb:70:1f:bc:1b:46:
d2:f8:b6:58:c9:fd:3c:25:1d:18:4b:a0:4d:4f:36:cb:57:9e:
4e:ca:bc:f1:8c:26:e5:e7:0b:39:5f:d7:ad:19:f5:e7:4e:82:
43:71:bb:da:fc:11:a0:d1:29:b0:5d:e4:28:da:fe:f0:be:92:
c5:8f:00:cb:f3:ea:09:2c:54:63:c7:14:02:b1:7e:e3:34:b0:
f5:27:2a:5a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZapTTI41YfYT1xSVtzcqgy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3Mzc3OWU2YTc3YzdlNTgyMTMxOTg3NjRjZTJhYzBlNmJl
ZTYyMzYwHhcNMjUwNTA3MDU1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVmMjM0N2NkMTlhMzc0YTIyYTIzYTk3YTEyODI1ZTNkOWRjN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvjwpKCb7cQcA+l2iChMPfihngGe
i07WqHP2VrjjAINZBAVrJVN1dXh8h71nEJC8/KEn1L6EhlQZEnkXj7bq7L8gEpV8
J52uejf8qync4Iv78BRO1cGIRLCSUDettEG9KceBEE7wjkodfj7FBXVqQs+JyQev
FsjTk59/6+hn8yos3F+y+ioowpE2Txd1Q2LOZ6L467MeHgfvrh7Q9xXoavsC8pBA
U+6+pWvc/A/7MzAW1vpGtlqUbJzJhbcMkGQHEDY4JNjk/7SE15XpOtVWYacCyzmu
XaG8YczzUbpQo6I3ySnKK16ja7YbWolseLGGq8in/S4HPbabf0TSvIImhwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAnvI0fNGaN0oiojqXoSgl49ncezMB8GA1UdIwQY
MBaAFEc3eeanfH5YITGYdkzirA5r7mI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpkNTVxZDhmbGdoTVpoMlRPS3NEbXZ1WWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZDc1ODMtZDEwYy00N2RiLWFlZTEt
NThkNjY0MjEwNjY5LzEvQ2U4alI4MFpvM1NpS2lPcGVoS0NYajJkeDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZDc1ODMtZDEwYy00N2RiLWFlZTEtNThkNjY0MjEwNjY5
LzEvUnpkNTVxZDhmbGdoTVpoMlRPS3NEbXZ1WWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAKy/jwD
BACy/j4DBAK5w2QwDQQCAAIwBwMFACoAaAAwDQYJKoZIhvcNAQELBQADggEBAGxP
NHrd2bctzUz44vMGcuM3SHxV9BqX0scNXDtgA+COpWBQ2qmESfJjGyQooRsQKGtb
3XPj/OWxvZ/UZjg9GaJnQewj4Q4gJujgGdyAwi9aiiyDUQx+xNsOfPwrmiCMMYQX
L6FOziz94AlsowlFoujpwUQDb67Q10RG9ZaHcw/9PAP2xacB3md6lIdIws9FD75v
zeRn8J1PxWlj/NOeWq5I4tnlt54x2+hs06L3f8twH7wbRtL4tljJ/TwlHRhLoE1P
NstXnk7KvPGMJuXnCzlf160Z9edOgkNxu9r8EaDRKbBd5Cja/vC+ksWPAMvz6gks
VGPHFAKxfuM0sPUnKlo=
-----END CERTIFICATE-----
Generated at Tue May 13 23:16:26 2025 by rpki-client