Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/X0Dr1RA-9RG01OHqmH3_ydkyaKg.roa
File: X0Dr1RA-9RG01OHqmH3_ydkyaKg.roa (raw, json)
Hash identifier: J7r6FlyeCXcdjfz7ixJ1f8763jPSEtTRhtM8S5Blybs=
Subject key identifier: 5F:40:EB:D5:10:3E:F5:11:B4:D4:E1:EA:98:7D:FF:C9:D9:32:68:A8
Certificate issuer: /CN=1329cd3ee2fe126a82ca2a58c87ed5838fe2af57
Certificate serial: 0195893A3C02A348666F09AF310CED5AE8D1
Authority key identifier: 13:29:CD:3E:E2:FE:12:6A:82:CA:2A:58:C8:7E:D5:83:8F:E2:AF:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/X0Dr1RA-9RG01OHqmH3_ydkyaKg.roa
Signing time: Wed 12 Mar 2025 07:20:49 +0000
ROA not before: Wed 12 Mar 2025 07:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59497
IP address blocks: 185.189.184.0/22 maxlen: 22
185.189.184.0/24 maxlen: 24
185.189.185.0/24 maxlen: 24
185.189.186.0/24 maxlen: 24
185.189.187.0/24 maxlen: 24
194.8.156.0/22 maxlen: 22
194.8.156.0/24 maxlen: 24
195.140.228.0/22 maxlen: 22
195.140.228.0/24 maxlen: 24
195.178.18.0/23 maxlen: 23
195.178.18.0/24 maxlen: 24
2a09:87c0::/29 maxlen: 29
2a09:87c0::/48 maxlen: 48
2a09:87c0:10::/47 maxlen: 47
2a09:87c0:12::/48 maxlen: 48
2a09:87c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Mar 2025 11:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:3a:3c:02:a3:48:66:6f:09:af:31:0c:ed:5a:e8:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1329cd3ee2fe126a82ca2a58c87ed5838fe2af57
Validity
Not Before: Mar 12 07:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f40ebd5103ef511b4d4e1ea987dffc9d93268a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:e9:77:27:3d:28:01:22:31:7b:09:8a:8a:
57:2d:d9:a9:57:f8:97:e7:8a:b1:e1:f0:43:1e:22:
87:cb:4c:21:47:0b:c2:7a:f0:fc:8f:6d:0e:e1:cc:
98:63:fd:38:db:05:cd:b9:7f:f3:8a:a2:7a:28:74:
bf:06:ad:a3:34:83:f3:27:d0:11:1b:95:7f:ea:b1:
2d:2a:7c:40:80:34:f6:2b:7c:81:bf:0f:55:74:4c:
bc:d3:21:2a:e4:e1:a7:5c:95:6d:a7:40:a4:3a:5e:
34:b7:58:54:02:04:69:af:54:28:13:8b:4f:06:03:
8e:ee:15:cf:d6:ec:8b:c6:d7:13:70:f7:37:cd:b2:
84:89:c1:0e:f3:ca:01:07:1f:f8:6b:20:83:e6:89:
7a:6e:e7:c5:c1:e2:8d:c1:bb:61:e3:34:a3:55:fd:
f8:39:f9:a8:f0:dc:98:99:85:86:ca:36:97:59:aa:
52:4e:a9:e5:2c:ea:c7:4a:d9:b7:bf:a1:b0:95:38:
c0:77:87:5b:75:4e:36:fe:0a:f6:c7:d7:64:19:c8:
f6:42:48:b6:a3:06:79:09:b8:b4:32:2f:df:08:b4:
f8:cb:5c:5a:32:6a:79:e4:0d:1b:d9:b4:92:4c:63:
bb:6b:20:0d:73:d2:ef:44:4f:36:ce:6e:70:f1:66:
9a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:40:EB:D5:10:3E:F5:11:B4:D4:E1:EA:98:7D:FF:C9:D9:32:68:A8
X509v3 Authority Key Identifier:
keyid:13:29:CD:3E:E2:FE:12:6A:82:CA:2A:58:C8:7E:D5:83:8F:E2:AF:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/X0Dr1RA-9RG01OHqmH3_ydkyaKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/EynNPuL-EmqCyipYyH7Vg4_ir1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.184.0/22
194.8.156.0/22
195.140.228.0/22
195.178.18.0/23
IPv6:
2a09:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:30:d3:d2:16:17:db:00:15:f5:4e:e5:d0:e4:f6:1f:9f:0f:
14:cc:0f:ee:b0:64:3a:23:ce:15:a1:75:9f:38:b7:42:56:d2:
4f:cc:82:f2:a2:cb:79:1e:d1:1a:2d:c3:a0:bc:0a:9f:55:34:
fe:c3:49:05:69:44:a8:29:94:cc:8c:02:4f:66:72:c1:f3:04:
40:99:5a:82:d0:0d:94:18:b6:0e:14:a0:dd:0a:e3:cc:4e:5b:
99:71:28:f7:6a:bd:32:da:fe:24:03:cc:1f:aa:66:9c:27:6e:
1a:90:24:81:fa:7d:5a:be:39:1d:b7:4e:0f:d6:33:d5:bf:93:
4b:81:1e:00:a9:0b:20:1d:d3:cf:1a:92:ba:70:71:fd:fe:f4:
27:07:01:09:bc:a3:4b:80:a5:17:0c:e2:e9:b6:97:51:42:1c:
d0:ae:7b:dd:dd:db:41:24:f2:02:c1:c8:ae:22:be:11:59:d4:
26:37:c1:97:ca:78:e2:95:31:81:36:a3:dc:62:54:10:ce:82:
50:ea:0f:5f:70:6a:0b:ad:fd:55:fe:24:09:e1:e4:36:9b:30:
db:d0:e6:07:2e:df:f9:6b:da:82:7d:be:2f:90:1a:8c:50:3b:
9c:28:c5:d6:0f:a7:c2:33:17:21:76:5e:d1:60:2d:a9:81:9e:
4a:c8:e3:0e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZWJOjwCo0hmbwmvMQztWujRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMjljZDNlZTJmZTEyNmE4MmNhMmE1OGM4N2VkNTgzOGZl
MmFmNTcwHhcNMjUwMzEyMDcyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQwZWJkNTEwM2VmNTExYjRkNGUxZWE5ODdkZmZjOWQ5MzI2OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtLpdyc9KAEiMXsJiopXLdmpV/iX
54qx4fBDHiKHy0whRwvCevD8j20O4cyYY/042wXNuX/ziqJ6KHS/Bq2jNIPzJ9AR
G5V/6rEtKnxAgDT2K3yBvw9VdEy80yEq5OGnXJVtp0CkOl40t1hUAgRpr1QoE4tP
BgOO7hXP1uyLxtcTcPc3zbKEicEO88oBBx/4ayCD5ol6bufFweKNwbth4zSjVf34
Ofmo8NyYmYWGyjaXWapSTqnlLOrHStm3v6GwlTjAd4dbdU42/gr2x9dkGcj2Qki2
owZ5Cbi0Mi/fCLT4y1xaMmp55A0b2bSSTGO7ayANc9LvRE82zm5w8WaaLwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFF9A69UQPvURtNTh6ph9/8nZMmioMB8GA1UdIwQY
MBaAFBMpzT7i/hJqgsoqWMh+1YOP4q9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXluTlB1TC1FbXFDeWlwWXlIN1ZnNF9pcjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hZjU4YjYtOWU4Zi00MDZlLWFjMWMt
MmZjMDMwYTYwY2VhLzEvWDBEcjFSQS05UkcwMU9IcW1IM195ZGt5YUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hZjU4YjYtOWU4Zi00MDZlLWFjMWMtMmZjMDMwYTYwY2Vh
LzEvRXluTlB1TC1FbXFDeWlwWXlIN1ZnNF9pcjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCub24AwQC
wgicAwQCw4zkAwQBw7ISMA0EAgACMAcDBQMqCYfAMA0GCSqGSIb3DQEBCwUAA4IB
AQB/MNPSFhfbABX1TuXQ5PYfnw8UzA/usGQ6I84VoXWfOLdCVtJPzILyost5HtEa
LcOgvAqfVTT+w0kFaUSoKZTMjAJPZnLB8wRAmVqC0A2UGLYOFKDdCuPMTluZcSj3
ar0y2v4kA8wfqmacJ24akCSB+n1avjkdt04P1jPVv5NLgR4AqQsgHdPPGpK6cHH9
/vQnBwEJvKNLgKUXDOLptpdRQhzQrnvd3dtBJPICwciuIr4RWdQmN8GXynjilTGB
NqPcYlQQzoJQ6g9fcGoLrf1V/iQJ4eQ2mzDb0OYHLt/5a9qCfb4vkBqMUDucKMXW
D6fCMxchdl7RYC2pgZ5KyOMO
-----END CERTIFICATE-----
Generated at Mon Apr 28 19:52:26 2025 by rpki-client