Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-hhY2cGlLmKNT5Xp_BH8tSG94cs.roa
File: 1-hhY2cGlLmKNT5Xp_BH8tSG94cs.roa (raw, json)
Hash identifier: GXPPt53qj60wpttUF05r42Ok90EOgyQWTnCV4Wgfj8w=
Subject key identifier: FA:18:58:D9:C1:A5:2E:62:8D:4F:95:E9:FC:11:FC:B5:21:BD:E1:CB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019506EE1DEA2A6A30EB8C30021A8330A00E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-hhY2cGlLmKNT5Xp_BH8tSG94cs.roa
Signing time: Sat 15 Feb 2025 00:07:03 +0000
ROA not before: Sat 15 Feb 2025 00:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.253.64.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 00:28:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:06:ee:1d:ea:2a:6a:30:eb:8c:30:02:1a:83:30:a0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 15 00:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa1858d9c1a52e628d4f95e9fc11fcb521bde1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:e1:ad:ce:ba:f8:07:e6:7c:ec:28:53:4e:
92:b6:8e:46:4a:70:18:c7:e0:4b:f9:1f:16:23:d1:
18:e1:2e:4c:3a:35:ef:dd:a8:57:9f:58:8b:6c:96:
60:ad:d9:01:b9:bb:36:c8:15:f3:10:f2:f1:dd:f9:
1f:39:d0:7e:5f:72:6f:e7:47:3a:6d:80:40:b3:1a:
33:15:7c:bd:67:e3:86:db:71:57:17:21:ab:2c:5e:
29:af:74:8d:59:2c:f7:c7:5c:d8:7b:67:6e:af:b3:
ab:58:33:06:e4:04:9c:8d:59:f2:6a:37:82:52:33:
68:5a:43:e3:d5:7e:4c:0b:26:f7:fb:72:bb:a6:4c:
84:f8:23:14:17:18:c8:76:c3:84:47:e6:0b:87:0e:
20:bd:e5:35:42:e2:b8:2c:e7:d0:44:3e:d5:10:7f:
45:0b:71:a4:56:ee:0e:2c:b6:d3:b4:47:03:6a:2e:
42:22:b1:59:32:4e:84:78:7c:e7:dc:62:0b:96:2b:
88:31:8a:32:bd:33:08:47:f5:d5:61:a6:7a:42:5d:
eb:3e:29:fb:39:92:75:dd:b1:8b:c7:78:86:49:fd:
87:2d:00:81:e8:c1:92:e0:2b:6e:96:99:4c:48:43:
5d:ab:18:e7:dd:bc:0e:d1:38:1d:7d:04:6c:b4:3f:
cc:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:18:58:D9:C1:A5:2E:62:8D:4F:95:E9:FC:11:FC:B5:21:BD:E1:CB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-hhY2cGlLmKNT5Xp_BH8tSG94cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
31.13.211.0/24
45.12.253.0/24
87.120.68.0/23
87.121.60.0/24
93.123.74.0/23
93.123.119.0/24
147.78.102.0/24
178.215.227.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
74:47:81:38:36:9a:dc:a6:10:56:cf:43:1a:65:ea:66:b9:8a:
eb:3d:1a:79:1e:7d:71:f7:0c:d2:65:8d:a8:85:e3:73:04:ba:
be:63:42:02:1f:93:28:b9:90:37:3c:06:d0:0d:da:a9:19:65:
32:60:3a:27:b5:3d:c8:66:66:a2:4a:2e:6f:64:64:ca:bc:54:
3c:69:03:67:81:ad:41:76:a0:93:ad:9c:38:a4:03:3c:6f:00:
d7:84:97:0e:03:d1:9a:6a:52:46:2b:a8:32:32:ed:a2:ab:c2:
e2:b0:f8:8c:d0:86:9d:a4:70:f2:e7:11:2e:84:69:ef:12:16:
49:bb:09:73:2d:95:f4:b6:db:fd:4b:40:ea:95:3e:f8:3c:1e:
c5:75:74:18:5a:1c:de:30:23:85:cf:7d:e7:7d:4d:62:c9:cf:
fc:eb:ad:b7:40:e1:85:58:74:21:76:4a:93:87:0a:f0:27:49:
e7:05:cc:2a:1e:22:c5:7b:ef:70:5c:3a:3f:ff:68:1e:4b:7a:
29:c0:75:d0:f1:2d:eb:c3:74:66:a0:71:a8:76:e7:a1:e2:5c:
c3:56:bb:f0:7d:de:2b:f9:03:64:48:8c:70:2b:ed:41:45:74:
ab:f5:5f:2e:44:48:9c:af:e9:25:c8:52:ce:3e:40:18:fa:db:
21:4b:a7:61
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZUG7h3qKmow64wwAhqDMKAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjE1MDAwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE4NThkOWMxYTUyZTYyOGQ0Zjk1ZTlmYzExZmNiNTIxYmRlMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusThrc66+AfmfOwoU06Sto5GSnAY
x+BL+R8WI9EY4S5MOjXv3ahXn1iLbJZgrdkBubs2yBXzEPLx3fkfOdB+X3Jv50c6
bYBAsxozFXy9Z+OG23FXFyGrLF4pr3SNWSz3x1zYe2dur7OrWDMG5AScjVnyajeC
UjNoWkPj1X5MCyb3+3K7pkyE+CMUFxjIdsOER+YLhw4gveU1QuK4LOfQRD7VEH9F
C3GkVu4OLLbTtEcDai5CIrFZMk6EeHzn3GILliuIMYoyvTMIR/XVYaZ6Ql3rPin7
OZJ13bGLx3iGSf2HLQCB6MGS4CtulplMSENdqxjn3bwO0TgdfQRstD/MsQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFPoYWNnBpS5ijU+V6fwR/LUhveHLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1oaFkyY0dsTG1LTlQ1WHBfQkg4dFNHOTRjcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAAX9QAME
AB8N0wMEAC0M/QMEAVd4RAMEAFd5PAMEAV17SgMEAF17dwMEAJNOZgMEALLX4wME
Abn8oDANBgkqhkiG9w0BAQsFAAOCAQEAdEeBODaa3KYQVs9DGmXqZrmK6z0aeR59
cfcM0mWNqIXjcwS6vmNCAh+TKLmQNzwG0A3aqRllMmA6J7U9yGZmokoub2RkyrxU
PGkDZ4GtQXagk62cOKQDPG8A14SXDgPRmmpSRiuoMjLtoqvC4rD4jNCGnaRw8ucR
LoRp7xIWSbsJcy2V9Lbb/UtA6pU++DwexXV0GFoc3jAjhc99531NYsnP/Outt0Dh
hVh0IXZKk4cK8CdJ5wXMKh4ixXvvcFw6P/9oHkt6KcB10PEt68N0ZqBxqHbnoeJc
w1a78H3eK/kDZEiMcCvtQUV0q/VfLkRInK/pJchSzj5AGPrbIUunYQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:41:06 2025 by rpki-client