Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/XPtvPanElj_HyVdFX-WcNVRCU8o.roa
File: XPtvPanElj_HyVdFX-WcNVRCU8o.roa (raw, json)
Hash identifier: nWoOKkIzpvVQyP9SU6Qd0gX2lBOR2mT3Tjn/QeQvOlM=
Subject key identifier: 5C:FB:6F:3D:A9:C4:96:3F:C7:C9:57:45:5F:E5:9C:35:54:42:53:CA
Certificate issuer: /CN=99efbb2b1653422837937dd27de354e68f9e01a3
Certificate serial: 019423D74664B1616E61671720136BFC54F9
Authority key identifier: 99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/XPtvPanElj_HyVdFX-WcNVRCU8o.roa
Signing time: Wed 01 Jan 2025 21:48:18 +0000
ROA not before: Wed 01 Jan 2025 21:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48325
IP address blocks: 185.137.240.0/22 maxlen: 24
185.137.240.0/24 maxlen: 24
185.137.241.0/24 maxlen: 24
185.137.242.0/23 maxlen: 23
2a07:b80::/32 maxlen: 32
2a07:b81::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 06 Jan 2025 13:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:46:64:b1:61:6e:61:67:17:20:13:6b:fc:54:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99efbb2b1653422837937dd27de354e68f9e01a3
Validity
Not Before: Jan 1 21:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cfb6f3da9c4963fc7c957455fe59c35544253ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:24:b8:9d:e8:c2:d3:93:98:e8:c4:f9:ad:b3:
c3:26:76:1d:25:c1:fa:33:91:f4:cb:27:5e:1b:4c:
0e:bb:1d:4a:86:e4:7c:ca:97:f2:bf:87:29:11:3c:
f4:79:67:8c:3c:6b:d5:64:e6:b7:6c:44:97:b8:36:
a4:00:7f:8b:bf:a4:21:63:fc:be:17:af:bf:d4:72:
84:9b:6a:b5:93:f8:23:ab:a0:98:6a:23:f1:d8:a7:
fd:bf:21:86:64:8e:48:60:31:be:69:b8:b0:e8:87:
c1:a6:77:ec:6f:f2:6b:f6:0d:a3:a1:be:5d:2d:9a:
8d:14:9e:74:0c:ac:1b:2d:f1:13:bc:08:b4:c1:f3:
d1:12:0f:e8:03:17:18:dd:27:40:61:77:e3:3a:92:
a2:98:25:ee:d7:22:13:31:46:31:45:90:2f:8c:d4:
97:b8:4e:d3:d6:59:5f:d1:c9:57:64:10:24:3f:a9:
1c:62:fe:a9:c5:c4:2f:43:01:20:a1:0f:52:4e:af:
21:51:c5:48:5d:78:e7:66:32:be:25:b0:97:b4:1e:
2c:12:e8:21:31:47:a8:fe:01:73:28:23:d8:11:5d:
49:f8:62:a3:22:e2:82:96:ee:04:cb:e7:30:a9:bd:
83:45:55:4a:68:a2:00:1a:98:e3:1b:f8:f0:a2:82:
0b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FB:6F:3D:A9:C4:96:3F:C7:C9:57:45:5F:E5:9C:35:54:42:53:CA
X509v3 Authority Key Identifier:
keyid:99:EF:BB:2B:16:53:42:28:37:93:7D:D2:7D:E3:54:E6:8F:9E:01:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/me-7KxZTQig3k33SfeNU5o-eAaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/XPtvPanElj_HyVdFX-WcNVRCU8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/326bbc-d061-4af1-8964-41d79efb49a9/1/me-7KxZTQig3k33SfeNU5o-eAaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.240.0/22
IPv6:
2a07:b80::/31
Signature Algorithm: sha256WithRSAEncryption
8f:3c:da:76:a9:27:9a:bb:5a:78:d6:6f:58:33:11:d6:25:11:
0f:8e:52:46:e4:85:36:4a:06:60:a1:aa:73:df:44:33:74:5a:
19:c1:ea:15:f7:61:d1:85:c7:b5:8c:56:a2:28:d6:53:bc:d8:
7a:89:24:55:3e:fe:e5:ee:be:6c:70:cc:4a:c1:73:42:6c:33:
e1:d5:51:ad:02:56:43:e8:48:15:49:09:97:d4:e8:29:32:4b:
8d:c7:37:0e:a5:b5:21:17:e9:2e:c2:58:cb:79:87:ec:4f:19:
bb:5c:a6:35:66:d4:cc:04:5b:5b:9e:4b:5d:c2:1b:6b:cc:93:
ab:81:50:72:c5:b8:98:47:cc:b9:27:21:a8:70:25:85:55:2e:
99:0e:04:3d:38:0e:82:73:9c:61:1f:0a:0b:d9:a7:1e:f8:44:
c1:41:dd:42:29:6b:14:1b:fe:d1:06:d2:1f:89:49:ca:f4:c3:
d2:00:4f:87:ec:50:5a:1a:37:c3:9f:27:2a:13:1e:9c:20:c0:
07:2a:53:f0:7c:6e:33:e7:2f:3c:45:d6:b6:51:0d:b8:9a:d4:
06:12:c8:83:f6:1a:64:fb:c8:c5:92:d0:c8:49:9b:f5:5e:1a:
96:a0:4e:36:b8:76:6c:19:fe:a0:c4:65:c7:34:d8:95:c1:11:
9e:d8:b8:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj10ZksWFuYWcXIBNr/FT5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZWZiYjJiMTY1MzQyMjgzNzkzN2RkMjdkZTM1NGU2OGY5
ZTAxYTMwHhcNMjUwMTAxMjE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZiNmYzZGE5YzQ5NjNmYzdjOTU3NDU1ZmU1OWMzNTU0NDI1M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCS4nejC05OY6MT5rbPDJnYdJcH6
M5H0yydeG0wOux1KhuR8ypfyv4cpETz0eWeMPGvVZOa3bESXuDakAH+Lv6QhY/y+
F6+/1HKEm2q1k/gjq6CYaiPx2Kf9vyGGZI5IYDG+abiw6IfBpnfsb/Jr9g2job5d
LZqNFJ50DKwbLfETvAi0wfPREg/oAxcY3SdAYXfjOpKimCXu1yITMUYxRZAvjNSX
uE7T1llf0clXZBAkP6kcYv6pxcQvQwEgoQ9STq8hUcVIXXjnZjK+JbCXtB4sEugh
MUeo/gFzKCPYEV1J+GKjIuKClu4Ey+cwqb2DRVVKaKIAGpjjG/jwooILKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFz7bz2pxJY/x8lXRV/lnDVUQlPKMB8GA1UdIwQY
MBaAFJnvuysWU0IoN5N90n3jVOaPngGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWUtN0t4WlRRaWczazMzU2ZlTlU1by1lQWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjZiYmMtZDA2MS00YWYxLTg5NjQt
NDFkNzllZmI0OWE5LzEvWFB0dlBhbkVsal9IeVZkRlgtV2NOVlJDVThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjZiYmMtZDA2MS00YWYxLTg5NjQtNDFkNzllZmI0OWE5
LzEvbWUtN0t4WlRRaWczazMzU2ZlTlU1by1lQWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYnwMA0E
AgACMAcDBQEqBwuAMA0GCSqGSIb3DQEBCwUAA4IBAQCPPNp2qSeau1p41m9YMxHW
JREPjlJG5IU2SgZgoapz30QzdFoZweoV92HRhce1jFaiKNZTvNh6iSRVPv7l7r5s
cMxKwXNCbDPh1VGtAlZD6EgVSQmX1OgpMkuNxzcOpbUhF+kuwljLeYfsTxm7XKY1
ZtTMBFtbnktdwhtrzJOrgVByxbiYR8y5JyGocCWFVS6ZDgQ9OA6Cc5xhHwoL2ace
+ETBQd1CKWsUG/7RBtIfiUnK9MPSAE+H7FBaGjfDnycqEx6cIMAHKlPwfG4z5y88
Rda2UQ24mtQGEsiD9hpk+8jFktDISZv1XhqWoE42uHZsGf6gxGXHNNiVwRGe2LgU
-----END CERTIFICATE-----
Generated at Tue Apr 29 07:06:50 2025 by rpki-client