Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/2B5FV1fALCas8LgrDbwnycHsz-E.roa
File: 2B5FV1fALCas8LgrDbwnycHsz-E.roa (raw, json)
Hash identifier: sLuOGMKI50h0friQb0VLlCHo4moEIqxOK6y1Gj9ag8g=
Subject key identifier: D8:1E:45:57:57:C0:2C:26:AC:F0:B8:2B:0D:BC:27:C9:C1:EC:CF:E1
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 0194F0A2AE35F461151DEB36A8F3B2E7EDF3
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/2B5FV1fALCas8LgrDbwnycHsz-E.roa
Signing time: Mon 10 Feb 2025 16:13:00 +0000
ROA not before: Mon 10 Feb 2025 16:13:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 80.68.159.0/24 maxlen: 24
91.90.193.0/24 maxlen: 24
91.90.195.0/24 maxlen: 24
91.196.7.0/24 maxlen: 24
91.210.164.0/23 maxlen: 23
91.210.167.0/24 maxlen: 24
92.118.149.0/24 maxlen: 24
92.118.150.0/24 maxlen: 24
92.118.151.0/24 maxlen: 24
176.126.163.0/24 maxlen: 24
185.39.30.0/24 maxlen: 24
185.190.251.0/24 maxlen: 24
185.237.224.0/23 maxlen: 23
185.253.44.0/23 maxlen: 23
185.253.46.0/23 maxlen: 23
193.162.47.0/24 maxlen: 24
2a0a:8c41::/32 maxlen: 32
2a0a:8c42::/32 maxlen: 32
2a0a:8c43::/32 maxlen: 32
2a0a:8c44::/32 maxlen: 32
2a0a:8c45::/32 maxlen: 32
2a0a:8c47::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Feb 2025 15:40:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:a2:ae:35:f4:61:15:1d:eb:36:a8:f3:b2:e7:ed:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Feb 10 16:13:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d81e455757c02c26acf0b82b0dbc27c9c1eccfe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cf:1d:a5:0e:3d:4a:b4:c2:9f:e4:dc:13:f7:
80:c6:32:1b:ca:2a:b0:01:ed:5b:ca:64:8a:5b:8b:
6b:a6:71:44:67:bb:71:c5:84:d9:84:ac:62:41:79:
24:f7:fc:0c:b6:f1:8f:7b:a4:57:69:11:26:38:e9:
f4:30:a1:50:cd:ee:cc:c8:b1:38:6d:0c:ad:bb:12:
c9:1a:71:d0:d9:27:5b:d6:a2:b5:66:91:6e:99:c6:
9c:5a:82:72:b0:81:28:b2:9d:5a:02:6b:7b:3d:ee:
6a:ab:97:63:1e:9c:19:06:1f:71:0a:cf:6a:83:e2:
78:e7:a8:4b:46:55:c8:0e:aa:c1:f2:2b:b9:14:c7:
8f:7d:07:de:aa:1e:de:dc:fa:75:72:79:ed:a3:06:
92:f5:6e:8a:77:38:85:fa:f1:c3:a5:b1:6e:ca:fc:
ba:4f:89:f4:41:61:eb:6a:b8:36:d9:16:ba:a9:dd:
b2:51:82:e8:fd:41:50:81:15:07:01:1d:99:b1:45:
23:78:74:da:08:b2:39:9b:c0:d1:cd:64:b7:9e:27:
c8:25:a4:1e:8d:3c:a5:80:38:d7:0c:cd:2f:fc:8f:
d0:89:d6:7b:ce:7e:44:49:6e:a5:7b:9e:e0:60:22:
57:16:db:4b:d2:4c:f4:be:01:ec:ae:72:a0:a6:35:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1E:45:57:57:C0:2C:26:AC:F0:B8:2B:0D:BC:27:C9:C1:EC:CF:E1
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/2B5FV1fALCas8LgrDbwnycHsz-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.159.0/24
91.90.193.0/24
91.90.195.0/24
91.196.7.0/24
91.210.164.0/23
91.210.167.0/24
92.118.149.0-92.118.151.255
176.126.163.0/24
185.39.30.0/24
185.190.251.0/24
185.237.224.0/23
185.253.44.0/22
193.162.47.0/24
IPv6:
2a0a:8c41::-2a0a:8c45:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:8c47::/32
Signature Algorithm: sha256WithRSAEncryption
91:d8:b9:70:ac:6d:7e:c7:b8:c1:db:a6:ef:92:94:de:d9:5e:
5c:9d:f8:e7:6f:97:42:10:1e:66:94:ab:1d:40:71:23:ca:8b:
68:d7:35:31:c1:52:ca:17:62:26:40:c3:35:aa:fc:12:bd:d6:
9b:a4:3c:99:b5:34:fb:9b:df:ef:12:9c:29:0c:19:a6:7f:e9:
cb:34:4d:cc:c6:77:b0:60:0a:14:03:38:f2:89:21:af:94:94:
80:32:40:7a:b5:cd:7d:ab:84:4a:9d:4f:be:42:20:53:09:26:
7f:2f:68:e4:0d:56:0b:3f:17:bd:37:2f:67:4a:c3:b5:76:a9:
6f:3f:30:89:96:91:83:28:71:5f:20:20:2d:b3:f1:16:b1:b1:
6e:dd:7b:24:4e:1c:d8:3b:78:80:a4:c1:1a:7e:66:dc:a6:3b:
32:92:b3:34:9a:e2:9a:86:82:c5:3b:c3:90:67:d7:66:20:dc:
1d:b5:78:d0:5a:0b:47:40:17:a2:d3:54:7a:39:aa:43:68:7b:
b9:07:47:da:c2:53:99:cc:bf:f4:64:7e:95:5a:64:52:8e:29:
30:ba:4b:91:e4:aa:37:7e:7c:53:8e:86:f2:c6:e4:e1:ca:1a:
6b:e0:7c:09:af:da:c9:a2:e5:70:fd:ba:6b:e6:db:9c:5f:83:
67:ba:b4:7c
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZTwoq419GEVHes2qPOy5+3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjUwMjEwMTYxMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFlNDU1NzU3YzAyYzI2YWNmMGI4MmIwZGJjMjdjOWMxZWNjZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA288dpQ49SrTCn+TcE/eAxjIbyiqw
Ae1bymSKW4trpnFEZ7txxYTZhKxiQXkk9/wMtvGPe6RXaREmOOn0MKFQze7MyLE4
bQytuxLJGnHQ2Sdb1qK1ZpFumcacWoJysIEosp1aAmt7Pe5qq5djHpwZBh9xCs9q
g+J456hLRlXIDqrB8iu5FMePfQfeqh7e3Pp1cnntowaS9W6KdziF+vHDpbFuyvy6
T4n0QWHrarg22Ra6qd2yUYLo/UFQgRUHAR2ZsUUjeHTaCLI5m8DRzWS3nifIJaQe
jTylgDjXDM0v/I/QidZ7zn5ESW6le57gYCJXFttL0kz0vgHsrnKgpjXn7QIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFNgeRVdXwCwmrPC4Kw28J8nB7M/hMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvMkI1RlYxZkFMQ2FzOExnckRid255Y0hzei1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wXAQCAAEwVgMEAFBEnwME
AFtawQMEAFtawwMEAFvEBwMEAVvSpAMEAFvSpzAMAwQAXHaVAwQDXHaQAwQAsH6j
AwQAuSceAwQAub77AwQBue3gAwQCuf0sAwQAwaIvMB0EAgACMBcwDgMFACoKjEED
BQEqCoxEAwUAKgqMRzANBgkqhkiG9w0BAQsFAAOCAQEAkdi5cKxtfse4wdum75KU
3tleXJ3452+XQhAeZpSrHUBxI8qLaNc1McFSyhdiJkDDNar8Er3Wm6Q8mbU0+5vf
7xKcKQwZpn/pyzRNzMZ3sGAKFAM48okhr5SUgDJAerXNfauESp1PvkIgUwkmfy9o
5A1WCz8XvTcvZ0rDtXapbz8wiZaRgyhxXyAgLbPxFrGxbt17JE4c2Dt4gKTBGn5m
3KY7MpKzNJrimoaCxTvDkGfXZiDcHbV40FoLR0AXotNUejmqQ2h7uQdH2sJTmcy/
9GR+lVpkUo4pMLpLkeSqN358U46G8sbk4coaa+B8Ca/ayaLlcP26a+bbnF+DZ7q0
fA==
-----END CERTIFICATE-----
Generated at Thu May 1 17:41:47 2025 by rpki-client