Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/B1O4Gvaqvj9o4NargoqtZZNSEf4.roa
File: B1O4Gvaqvj9o4NargoqtZZNSEf4.roa (raw, json)
Hash identifier: 17h1teAn4ltgbJE7DEI5sBCRpJ1q5Dy5TAofhBqDSaw=
Subject key identifier: 07:53:B8:1A:F6:AA:BE:3F:68:E0:D6:AB:82:8A:AD:65:93:52:11:FE
Certificate issuer: /CN=5eedd6f53bcb49e4b9b0706dfd074259c9b8a408
Certificate serial: 01941FFA52DACA00E0E0E575F35E9F57A029
Authority key identifier: 5E:ED:D6:F5:3B:CB:49:E4:B9:B0:70:6D:FD:07:42:59:C9:B8:A4:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/B1O4Gvaqvj9o4NargoqtZZNSEf4.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31394
IP address blocks: 83.137.40.0/21 maxlen: 21
185.100.240.0/22 maxlen: 22
2a00:11d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 Jan 2025 20:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:52:da:ca:00:e0:e0:e5:75:f3:5e:9f:57:a0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eedd6f53bcb49e4b9b0706dfd074259c9b8a408
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0753b81af6aabe3f68e0d6ab828aad65935211fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:37:86:ca:52:8e:65:ec:fe:dd:e9:6b:09:b5:
1a:ba:50:56:0b:20:f5:7b:05:b3:c4:8a:95:0c:03:
aa:a1:b7:a4:85:11:e7:45:4a:fd:8b:2b:68:57:37:
dc:56:10:3e:b1:e4:35:a6:7f:a4:f4:c3:5c:53:98:
fb:08:bc:02:12:8b:64:4d:bc:b5:41:cd:ea:a2:84:
c3:44:1e:6a:85:85:2b:b1:5d:7f:cb:25:55:84:a0:
4f:aa:0d:38:b7:42:8f:aa:9d:4b:9f:9e:da:a1:ad:
e8:29:ff:5d:0c:75:95:8a:89:76:42:c5:4b:6a:36:
65:3a:b8:96:34:21:66:7c:6b:c0:b8:ac:c2:93:d8:
db:12:58:f8:f7:24:78:da:7f:e7:5a:49:c9:cc:39:
8d:a1:19:c2:88:6e:33:b9:fd:2f:ae:e3:3d:d3:83:
c4:ca:c2:60:26:32:1b:30:1f:9d:cf:08:72:d5:3f:
e0:28:54:53:9e:4f:69:0a:1c:75:47:c2:11:24:4f:
3c:42:de:12:33:bc:09:5c:a4:b7:08:79:b6:13:bf:
32:2e:a3:77:45:55:3b:a6:26:4d:dc:6a:58:03:e1:
80:73:d4:5b:de:e2:97:86:da:4e:ed:7f:e4:db:46:
2c:da:47:6b:ab:ef:43:35:a4:a6:f4:00:91:cb:ff:
f3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:53:B8:1A:F6:AA:BE:3F:68:E0:D6:AB:82:8A:AD:65:93:52:11:FE
X509v3 Authority Key Identifier:
keyid:5E:ED:D6:F5:3B:CB:49:E4:B9:B0:70:6D:FD:07:42:59:C9:B8:A4:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/B1O4Gvaqvj9o4NargoqtZZNSEf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/73d5ad-a3f2-46cb-8582-215dbc89c2b9/1/Xu3W9TvLSeS5sHBt_QdCWcm4pAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.40.0/21
185.100.240.0/22
IPv6:
2a00:11d0::/32
Signature Algorithm: sha256WithRSAEncryption
07:c7:e7:29:d4:8f:9b:1e:79:d4:70:d5:a2:b7:91:86:9d:eb:
39:75:1c:2d:a5:ef:90:cc:9b:c0:04:8c:89:31:3d:ff:a3:5c:
70:e4:89:1d:41:3d:9c:d0:46:e1:d9:cf:d1:cc:96:5e:ce:35:
0b:4e:95:3d:ec:59:25:87:63:1c:75:a4:01:26:cb:38:69:14:
57:d4:d1:74:16:b8:bb:d4:90:5a:39:b7:2b:8a:08:cc:1f:70:
ce:62:14:89:ba:e1:ef:af:c3:df:c9:c4:b3:d4:23:47:a9:65:
16:41:74:1f:15:57:74:d8:b8:b1:e7:7e:b2:02:8f:19:47:1b:
fe:29:4d:4b:f5:40:39:a7:30:1a:2f:12:6e:16:09:be:65:75:
a7:2a:46:fb:5d:df:ba:5d:7b:d8:87:68:44:60:1e:10:24:38:
96:80:86:62:aa:00:00:40:a5:7c:fb:39:7e:58:a2:4c:df:3f:
6f:ca:81:08:02:98:6f:e5:57:8f:bd:a0:19:00:bf:b6:ca:ea:
36:ba:00:bd:ea:30:9a:da:b2:a2:61:3f:51:f9:39:56:12:12:
33:79:9a:67:b1:39:d8:72:52:48:d7:6b:cb:a5:e4:b8:45:d4:
40:4e:0f:42:74:c3:a0:f1:58:5a:be:1c:16:3d:70:07:3a:62:
e3:12:13:d2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+lLaygDg4OV1816fV6ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWRkNmY1M2JjYjQ5ZTRiOWIwNzA2ZGZkMDc0MjU5Yzli
OGE0MDgwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzUzYjgxYWY2YWFiZTNmNjhlMGQ2YWI4MjhhYWQ2NTkzNTIxMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jeGylKOZez+3elrCbUaulBWCyD1
ewWzxIqVDAOqobekhRHnRUr9iytoVzfcVhA+seQ1pn+k9MNcU5j7CLwCEotkTby1
Qc3qooTDRB5qhYUrsV1/yyVVhKBPqg04t0KPqp1Ln57aoa3oKf9dDHWViol2QsVL
ajZlOriWNCFmfGvAuKzCk9jbElj49yR42n/nWknJzDmNoRnCiG4zuf0vruM904PE
ysJgJjIbMB+dzwhy1T/gKFRTnk9pChx1R8IRJE88Qt4SM7wJXKS3CHm2E78yLqN3
RVU7piZN3GpYA+GAc9Rb3uKXhtpO7X/k20Ys2kdrq+9DNaSm9ACRy//zrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAdTuBr2qr4/aODWq4KKrWWTUhH+MB8GA1UdIwQY
MBaAFF7t1vU7y0nkubBwbf0HQlnJuKQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHUzVzlUdkxTZVM1c0hCdF9RZENXY200cEFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83M2Q1YWQtYTNmMi00NmNiLTg1ODIt
MjE1ZGJjODljMmI5LzEvQjFPNEd2YXF2ajlvNE5hcmdvcXRaWk5TRWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83M2Q1YWQtYTNmMi00NmNiLTg1ODItMjE1ZGJjODljMmI5
LzEvWHUzVzlUdkxTZVM1c0hCdF9RZENXY200cEFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDU4koAwQC
uWTwMA0EAgACMAcDBQAqABHQMA0GCSqGSIb3DQEBCwUAA4IBAQAHx+cp1I+bHnnU
cNWit5GGnes5dRwtpe+QzJvABIyJMT3/o1xw5IkdQT2c0Ebh2c/RzJZezjULTpU9
7Fklh2McdaQBJss4aRRX1NF0Fri71JBaObcrigjMH3DOYhSJuuHvr8PfycSz1CNH
qWUWQXQfFVd02Lix536yAo8ZRxv+KU1L9UA5pzAaLxJuFgm+ZXWnKkb7Xd+6XXvY
h2hEYB4QJDiWgIZiqgAAQKV8+zl+WKJM3z9vyoEIAphv5VePvaAZAL+2yuo2ugC9
6jCa2rKiYT9R+TlWEhIzeZpnsTnYclJI12vLpeS4RdRATg9CdMOg8VhavhwWPXAH
OmLjEhPS
-----END CERTIFICATE-----
Generated at Tue May 13 18:44:53 2025 by rpki-client