Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/_Sr3CY6s30u-xOSQjtUdPDKazPE.roa
File: _Sr3CY6s30u-xOSQjtUdPDKazPE.roa (raw, json)
Hash identifier: j+MhlHYUFqwOTWulnbW+AamtwPzihef+KMQBrl7RK+k=
Subject key identifier: FD:2A:F7:09:8E:AC:DF:4B:BE:C4:E4:90:8E:D5:1D:3C:32:9A:CC:F1
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 01964098614E2F4383AF759D7E67862FA124
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/_Sr3CY6s30u-xOSQjtUdPDKazPE.roa
Signing time: Wed 16 Apr 2025 21:54:10 +0000
ROA not before: Wed 16 Apr 2025 21:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 5.178.108.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.218.0/23 maxlen: 24
185.5.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:40:98:61:4e:2f:43:83:af:75:9d:7e:67:86:2f:a1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Apr 16 21:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd2af7098eacdf4bbec4e4908ed51d3c329accf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:69:64:d9:34:4e:e8:9f:14:ab:c7:a6:29:1f:
9c:17:bf:22:e4:ec:7f:18:65:8c:59:3c:e4:8c:9f:
88:2a:dc:b6:11:3d:4d:ac:51:10:2b:cf:69:9f:c6:
5a:95:55:30:41:32:df:cc:df:62:cb:57:fe:32:ff:
6b:7a:a7:f2:5e:f8:d6:1e:53:6b:9f:19:12:ab:88:
a3:ee:17:fb:e3:6c:f2:5f:63:38:73:05:a4:8c:09:
4b:ec:9d:df:dc:20:36:71:f3:59:db:65:53:43:32:
49:08:6e:cf:f6:d9:97:18:a1:29:be:e1:86:3c:3a:
2a:a1:64:bb:71:bb:10:13:bd:9f:bd:5c:97:c9:e7:
af:1c:21:e8:5e:f0:51:e5:38:af:9b:b8:40:3c:2f:
4c:bd:25:35:24:aa:d6:85:96:1e:80:6c:10:4b:be:
32:e2:e8:88:62:2d:1b:a0:1f:2d:94:3a:6b:97:20:
84:5f:15:a5:7b:7f:aa:66:b9:9a:fe:79:09:6a:70:
47:3e:54:92:85:f9:f3:26:a2:f0:1f:b8:db:77:3f:
17:e5:dc:be:c4:7f:32:6c:2c:a5:84:b3:4b:e1:d7:
b4:3c:78:34:19:80:92:11:3f:ee:80:1b:24:85:87:
30:37:35:e9:5c:5a:bf:57:10:9b:01:1e:8b:45:b4:
9d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2A:F7:09:8E:AC:DF:4B:BE:C4:E4:90:8E:D5:1D:3C:32:9A:CC:F1
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/_Sr3CY6s30u-xOSQjtUdPDKazPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.108.0/24
45.12.217.0-45.12.219.255
185.5.37.0/24
Signature Algorithm: sha256WithRSAEncryption
e4:bd:87:86:4e:a6:3e:67:dc:9e:11:a2:6f:e8:cb:ea:13:a3:
08:7e:50:5f:c1:1f:ac:7a:6d:4d:1f:2d:2a:54:5e:24:2e:2a:
bc:35:4f:d6:40:32:57:ad:7f:12:a6:7b:e2:c0:61:93:82:66:
bc:fc:e2:a4:7a:d7:d4:90:72:8e:c2:6c:87:ae:02:df:d2:c7:
02:4b:32:6b:da:00:10:a3:3c:95:0c:87:f9:b1:09:e3:82:0b:
61:d0:11:5c:12:11:c4:5b:bd:21:a4:16:e8:3a:58:99:4e:b3:
07:fe:82:cb:1f:39:a3:a1:a7:71:09:4e:b8:d4:e3:58:bb:e3:
a6:0f:07:e6:02:80:c6:b6:9b:41:f1:ea:8b:21:ea:89:c1:d8:
89:c1:6a:95:89:8a:08:c5:e0:63:b6:52:b3:b6:17:c7:90:74:
30:5f:8f:41:cf:0d:9d:41:75:7c:3e:1d:8f:11:63:6a:75:75:
64:94:27:bc:e4:e6:a3:30:45:a4:5f:89:07:32:5a:7c:19:d4:
03:0e:b2:58:13:a3:c3:d4:fc:9e:14:0a:0d:8e:53:a6:9c:93:
1c:40:b7:cd:95:7e:a7:a9:59:05:82:65:af:04:7a:04:20:05:
0a:b4:c2:01:67:52:03:d0:40:73:37:93:6e:42:aa:18:ef:4e:
fd:3b:d7:47
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZZAmGFOL0ODr3WdfmeGL6EkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwNDE2MjE1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJhZjcwOThlYWNkZjRiYmVjNGU0OTA4ZWQ1MWQzYzMyOWFjY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2lk2TRO6J8Uq8emKR+cF78i5Ox/
GGWMWTzkjJ+IKty2ET1NrFEQK89pn8ZalVUwQTLfzN9iy1f+Mv9reqfyXvjWHlNr
nxkSq4ij7hf742zyX2M4cwWkjAlL7J3f3CA2cfNZ22VTQzJJCG7P9tmXGKEpvuGG
PDoqoWS7cbsQE72fvVyXyeevHCHoXvBR5Tivm7hAPC9MvSU1JKrWhZYegGwQS74y
4uiIYi0boB8tlDprlyCEXxWle3+qZrma/nkJanBHPlSShfnzJqLwH7jbdz8X5dy+
xH8ybCylhLNL4de0PHg0GYCSET/ugBskhYcwNzXpXFq/VxCbAR6LRbSdyQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP0q9wmOrN9LvsTkkI7VHTwymszxMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvX1NyM0NZNnMzMHUteE9TUWp0VWRQREthelBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABbJsMAwD
BAAtDNkDBAItDNgDBAC5BSUwDQYJKoZIhvcNAQELBQADggEBAOS9h4ZOpj5n3J4R
om/oy+oTowh+UF/BH6x6bU0fLSpUXiQuKrw1T9ZAMletfxKme+LAYZOCZrz84qR6
19SQco7CbIeuAt/SxwJLMmvaABCjPJUMh/mxCeOCC2HQEVwSEcRbvSGkFug6WJlO
swf+gssfOaOhp3EJTrjU41i746YPB+YCgMa2m0Hx6osh6onB2InBapWJigjF4GO2
UrO2F8eQdDBfj0HPDZ1BdXw+HY8RY2p1dWSUJ7zk5qMwRaRfiQcyWnwZ1AMOslgT
o8PU/J4UCg2OU6ackxxAt82VfqepWQWCZa8EegQgBQq0wgFnUgPQQHM3k25Cqhjv
Tv0710c=
-----END CERTIFICATE-----
Generated at Sun Apr 27 06:33:20 2025 by rpki-client