Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/5b1657-abf0-4d36-a892-abe5c8e2bad6/1/U1MjiCIlA4iup3pmxAEZWYySCK0.roa
File: U1MjiCIlA4iup3pmxAEZWYySCK0.roa (raw, json)
Hash identifier: CY8U+Rijm/vkTU6wtdBserg6/x2jbw4gd75rjk7KN38=
Subject key identifier: 53:53:23:88:22:25:03:88:AE:A7:7A:66:C4:01:19:59:8C:92:08:AD
Certificate issuer: /CN=a6a8f3436fd83e8af610f216808996e90acac75d
Certificate serial: 0195CE7C568A480A599035483538BA30B3A7
Authority key identifier: A6:A8:F3:43:6F:D8:3E:8A:F6:10:F2:16:80:89:96:E9:0A:CA:C7:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqjzQ2_YPor2EPIWgImW6QrKx10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/5b1657-abf0-4d36-a892-abe5c8e2bad6/1/U1MjiCIlA4iup3pmxAEZWYySCK0.roa
Signing time: Tue 25 Mar 2025 18:06:49 +0000
ROA not before: Tue 25 Mar 2025 18:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 94.232.40.0/24 maxlen: 24
94.232.41.0/24 maxlen: 24
94.232.42.0/24 maxlen: 24
94.232.43.0/24 maxlen: 24
94.232.44.0/24 maxlen: 24
94.232.45.0/24 maxlen: 24
94.232.46.0/24 maxlen: 24
94.232.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 30 Mar 2025 18:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:7c:56:8a:48:0a:59:90:35:48:35:38:ba:30:b3:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6a8f3436fd83e8af610f216808996e90acac75d
Validity
Not Before: Mar 25 18:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5353238822250388aea77a66c40119598c9208ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cb:6f:41:81:87:e8:9d:de:c5:85:bc:52:e2:
b2:f2:33:8b:eb:26:2f:5c:fc:44:ab:b3:97:82:8d:
f5:6e:1e:e1:ed:d7:c2:1f:ec:8f:df:70:c1:64:dd:
63:3b:5a:3c:48:ba:70:92:60:31:2b:ed:c2:85:0f:
4c:c9:f4:4a:24:e2:d8:ba:c5:54:23:55:dc:38:a6:
21:cf:eb:7a:c7:c1:f5:18:87:7d:aa:ae:c5:39:2a:
d3:ba:7b:d8:d6:4f:f7:fd:91:90:af:7e:62:72:97:
30:e9:a7:13:2d:df:b1:fc:23:29:24:6c:1e:8e:56:
ce:05:07:07:f0:06:df:b9:e0:b5:92:13:ed:7a:53:
b9:1e:d2:3c:5c:64:55:27:d0:f7:7c:66:83:1c:64:
ed:29:b9:51:9c:72:44:ff:27:df:6f:3a:35:04:f0:
ef:86:77:94:a5:56:d3:39:58:86:1a:cd:6a:a0:d1:
82:bd:11:c3:a7:80:06:ab:f5:df:aa:48:22:5a:a0:
85:2d:f2:e7:d8:01:15:07:ae:73:d5:9c:bf:e4:73:
79:19:95:d0:3d:02:f7:25:47:0d:14:24:a6:9c:f4:
e4:f0:2b:5d:b7:7e:7f:24:3f:cc:7a:28:13:a9:e9:
16:62:fe:96:b9:74:98:4b:dc:06:34:2e:d3:c6:b0:
b3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:53:23:88:22:25:03:88:AE:A7:7A:66:C4:01:19:59:8C:92:08:AD
X509v3 Authority Key Identifier:
keyid:A6:A8:F3:43:6F:D8:3E:8A:F6:10:F2:16:80:89:96:E9:0A:CA:C7:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqjzQ2_YPor2EPIWgImW6QrKx10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5b1657-abf0-4d36-a892-abe5c8e2bad6/1/U1MjiCIlA4iup3pmxAEZWYySCK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5b1657-abf0-4d36-a892-abe5c8e2bad6/1/pqjzQ2_YPor2EPIWgImW6QrKx10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.40.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:51:d1:e0:05:f7:81:26:3a:9e:03:c7:9a:40:9b:f0:b8:8e:
b6:b5:2a:fb:18:9a:be:1e:3e:53:61:19:e0:53:4d:46:f6:7f:
e3:4b:9b:fe:3e:cb:a5:02:3b:1d:2a:6a:99:c2:36:41:7f:ea:
0c:f9:82:3f:a3:b8:aa:46:f3:f0:f4:f4:72:6e:8e:4a:e8:43:
2e:8f:16:96:50:a9:d9:df:f2:73:a6:7a:9d:03:6a:7b:b5:fe:
72:d4:36:e2:52:90:f2:fe:0c:8c:5a:8b:d9:19:4b:a4:2e:c3:
72:1c:fb:dd:ff:77:23:e6:8d:8d:22:c4:b1:89:e1:d2:67:07:
c2:c1:f5:db:16:a9:f6:37:10:04:16:ef:55:56:4d:6c:8f:f1:
e7:24:ba:fb:1b:3a:f2:00:22:94:03:15:22:a6:72:04:d4:c8:
13:7f:43:de:b6:30:5b:4c:00:67:c4:2f:54:10:39:34:b1:04:
27:d1:82:3a:7c:24:f5:21:02:ec:b1:a2:58:27:e4:c8:1c:8e:
c2:8a:4a:7e:25:37:3b:87:21:2a:59:bd:54:28:bb:d8:f7:a5:
0b:10:bf:d6:61:b6:12:4b:a6:40:d2:b3:19:e1:db:1e:c1:68:
1c:bf:1d:3a:b3:a6:96:82:01:00:4e:de:f8:03:17:ab:4a:23:
8f:94:0e:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXOfFaKSApZkDVINTi6MLOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YThmMzQzNmZkODNlOGFmNjEwZjIxNjgwODk5NmU5MGFj
YWM3NWQwHhcNMjUwMzI1MTgwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzUzMjM4ODIyMjUwMzg4YWVhNzdhNjZjNDAxMTk1OThjOTIwOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsstvQYGH6J3exYW8UuKy8jOL6yYv
XPxEq7OXgo31bh7h7dfCH+yP33DBZN1jO1o8SLpwkmAxK+3ChQ9MyfRKJOLYusVU
I1XcOKYhz+t6x8H1GId9qq7FOSrTunvY1k/3/ZGQr35icpcw6acTLd+x/CMpJGwe
jlbOBQcH8AbfueC1khPtelO5HtI8XGRVJ9D3fGaDHGTtKblRnHJE/yffbzo1BPDv
hneUpVbTOViGGs1qoNGCvRHDp4AGq/XfqkgiWqCFLfLn2AEVB65z1Zy/5HN5GZXQ
PQL3JUcNFCSmnPTk8Ctdt35/JD/MeigTqekWYv6WuXSYS9wGNC7TxrCz3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNTI4giJQOIrqd6ZsQBGVmMkgitMB8GA1UdIwQY
MBaAFKao80Nv2D6K9hDyFoCJlukKysddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFqelEyX1lQb3IyRVBJV2dJbVc2UXJLeDEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi81YjE2NTctYWJmMC00ZDM2LWE4OTIt
YWJlNWM4ZTJiYWQ2LzEvVTFNamlDSWxBNGl1cDNwbXhBRVpXWXlTQ0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi81YjE2NTctYWJmMC00ZDM2LWE4OTItYWJlNWM4ZTJiYWQ2
LzEvcHFqelEyX1lQb3IyRVBJV2dJbVc2UXJLeDEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXugoMA0G
CSqGSIb3DQEBCwUAA4IBAQCKUdHgBfeBJjqeA8eaQJvwuI62tSr7GJq+Hj5TYRng
U01G9n/jS5v+PsulAjsdKmqZwjZBf+oM+YI/o7iqRvPw9PRybo5K6EMujxaWUKnZ
3/JzpnqdA2p7tf5y1DbiUpDy/gyMWovZGUukLsNyHPvd/3cj5o2NIsSxieHSZwfC
wfXbFqn2NxAEFu9VVk1sj/HnJLr7GzryACKUAxUipnIE1MgTf0PetjBbTABnxC9U
EDk0sQQn0YI6fCT1IQLssaJYJ+TIHI7Cikp+JTc7hyEqWb1UKLvY96ULEL/WYbYS
S6ZA0rMZ4dsewWgcvx06s6aWggEATt74AxerSiOPlA7q
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:00:50 2025 by rpki-client