Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/iIXS4-Zt3Rqrk-cHHxHeFG4-I9Y.roa
File: iIXS4-Zt3Rqrk-cHHxHeFG4-I9Y.roa (raw, json)
Hash identifier: V46OyZFkO9aNLLKhq8HmhFKUNiJ0/mPxouDsLIJk7VQ=
Subject key identifier: 88:85:D2:E3:E6:6D:DD:1A:AB:93:E7:07:1F:11:DE:14:6E:3E:23:D6
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 01938CB89FAA5E3EE7D85C56F72B60CC8933
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/iIXS4-Zt3Rqrk-cHHxHeFG4-I9Y.roa
Signing time: Tue 03 Dec 2024 13:32:09 +0000
ROA not before: Tue 03 Dec 2024 13:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 46.243.24.0/21 maxlen: 24
78.41.64.0/21 maxlen: 24
82.146.96.0/19 maxlen: 24
85.158.208.0/21 maxlen: 24
87.237.8.0/21 maxlen: 24
88.82.32.0/19 maxlen: 24
89.35.16.0/21 maxlen: 24
89.250.176.0/20 maxlen: 24
94.140.160.0/19 maxlen: 24
94.158.248.0/24 maxlen: 24
178.132.8.0/21 maxlen: 24
185.47.0.0/22 maxlen: 24
185.48.100.0/22 maxlen: 24
185.78.180.0/22 maxlen: 24
185.81.224.0/22 maxlen: 24
185.174.64.0/22 maxlen: 24
188.64.72.0/21 maxlen: 24
188.118.0.0/18 maxlen: 24
195.110.54.0/23 maxlen: 24
213.193.200.0/21 maxlen: 24
213.193.224.0/21 maxlen: 24
2001:4c40::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Dec 2024 13:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:b8:9f:aa:5e:3e:e7:d8:5c:56:f7:2b:60:cc:89:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Dec 3 13:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8885d2e3e66ddd1aab93e7071f11de146e3e23d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dc:54:b3:1f:85:44:27:8a:48:6c:98:25:1c:
7c:47:54:c1:62:82:f4:a1:be:1f:f2:69:1a:99:de:
25:cf:da:cf:1f:70:ff:9e:7a:bb:bd:76:f2:cd:07:
56:96:06:db:11:e8:6a:0b:38:e5:9c:76:6c:a1:2f:
20:dd:df:5c:8e:b7:be:19:64:3c:7a:6b:e3:48:ac:
f2:7a:97:b8:bf:58:a6:6c:d5:fc:cc:42:d8:f3:ff:
5c:9b:7e:0f:17:6c:b1:e9:31:34:42:79:59:64:f9:
37:36:75:60:7f:ec:cf:85:00:5c:8a:5a:f3:c7:4d:
49:4a:aa:e7:1b:04:44:90:96:01:d9:ff:1a:14:63:
2f:5b:21:bb:54:85:34:89:86:4b:6f:65:73:27:3e:
72:c1:ae:b5:d4:b6:30:3e:a4:18:a5:44:6a:fb:df:
36:2e:76:52:62:c2:95:db:17:0e:94:4e:60:12:6d:
f3:29:6a:90:25:e9:1d:62:a2:b6:43:d6:80:ad:84:
57:8e:9e:95:48:c7:e5:fb:48:d2:0d:73:fd:eb:87:
33:a0:c4:33:dd:47:43:24:83:ea:92:0f:83:25:97:
0f:b2:af:1f:e2:b6:02:af:59:52:71:f9:56:94:a1:
c4:c8:a1:c4:60:48:a8:d8:21:38:3d:8f:65:83:47:
be:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:85:D2:E3:E6:6D:DD:1A:AB:93:E7:07:1F:11:DE:14:6E:3E:23:D6
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/iIXS4-Zt3Rqrk-cHHxHeFG4-I9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.24.0/21
78.41.64.0/21
82.146.96.0/19
85.158.208.0/21
87.237.8.0/21
88.82.32.0/19
89.35.16.0/21
89.250.176.0/20
94.140.160.0/19
94.158.248.0/24
178.132.8.0/21
185.47.0.0/22
185.48.100.0/22
185.78.180.0/22
185.81.224.0/22
185.174.64.0/22
188.64.72.0/21
188.118.0.0/18
195.110.54.0/23
213.193.200.0/21
213.193.224.0/21
IPv6:
2001:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
82:b6:18:25:50:43:3a:a3:0b:3b:0e:2f:8d:4c:89:65:a7:f7:
e9:04:6c:a6:22:ed:28:91:c8:3e:d6:ea:e8:63:67:57:df:ac:
76:b8:be:36:6a:55:37:f0:4d:67:ab:9a:ea:4b:88:fb:47:ef:
62:9a:26:92:b3:93:a6:ea:ab:7a:b3:cf:de:a4:27:d2:e3:17:
a1:ee:7c:69:81:bf:7e:58:2d:7a:5f:f5:00:ea:b3:42:3b:a5:
df:48:a1:fa:1e:e0:e9:39:c4:47:db:d2:1f:fa:29:2a:fb:c5:
a6:41:45:2b:cc:32:36:6d:bc:e6:a1:b1:2d:9b:47:c2:1f:81:
01:fc:4c:8d:1a:22:20:96:45:1b:06:4d:d3:54:12:7b:bf:a8:
d5:1f:80:3a:17:86:5f:9d:fe:1c:54:c3:4b:c0:11:f5:a4:9b:
5d:15:84:f9:df:14:79:29:5b:e1:4f:00:50:ef:6d:18:64:8b:
b6:72:9c:11:f1:58:02:9b:c0:9a:6c:39:eb:81:5e:55:ae:59:
29:e3:91:6c:f1:c4:93:6b:81:d2:6d:d3:1a:01:f3:34:6b:c3:
be:f4:51:8a:bf:ee:3b:ed:04:04:c2:0a:f8:c5:91:cc:fd:1e:
3b:0a:7e:51:fd:cb:a8:31:ba:3f:8b:19:32:36:ec:f0:bc:1e:
a0:96:50:4a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZOMuJ+qXj7n2FxW9ytgzIkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMjAzMTMzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODg1ZDJlM2U2NmRkZDFhYWI5M2U3MDcxZjExZGUxNDZlM2UyM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtxUsx+FRCeKSGyYJRx8R1TBYoL0
ob4f8mkamd4lz9rPH3D/nnq7vXbyzQdWlgbbEehqCzjlnHZsoS8g3d9cjre+GWQ8
emvjSKzyepe4v1imbNX8zELY8/9cm34PF2yx6TE0QnlZZPk3NnVgf+zPhQBcilrz
x01JSqrnGwREkJYB2f8aFGMvWyG7VIU0iYZLb2VzJz5ywa611LYwPqQYpURq+982
LnZSYsKV2xcOlE5gEm3zKWqQJekdYqK2Q9aArYRXjp6VSMfl+0jSDXP964czoMQz
3UdDJIPqkg+DJZcPsq8f4rYCr1lScflWlKHEyKHEYEio2CE4PY9lg0e+ewIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFIiF0uPmbd0aq5PnBx8R3hRuPiPWMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvaUlYUzQtWnQzUnFyay1jSEh4SGVGRzQtSTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfgMEAy7z
GAMEA04pQAMEBVKSYAMEA1We0AMEA1ftCAMEBVhSIAMEA1kjEAMEBFn6sAMEBV6M
oAMEAF6e+AMEA7KECAMEArkvAAMEArkwZAMEArlOtAMEArlR4AMEArmuQAMEA7xA
SAMEBrx2AAMEAcNuNgMEA9XByAMEA9XB4DANBAIAAjAHAwUAIAFMQDANBgkqhkiG
9w0BAQsFAAOCAQEAgrYYJVBDOqMLOw4vjUyJZaf36QRspiLtKJHIPtbq6GNnV9+s
dri+NmpVN/BNZ6ua6kuI+0fvYpomkrOTpuqrerPP3qQn0uMXoe58aYG/flgtel/1
AOqzQjul30ih+h7g6TnER9vSH/opKvvFpkFFK8wyNm285qGxLZtHwh+BAfxMjRoi
IJZFGwZN01QSe7+o1R+AOheGX53+HFTDS8AR9aSbXRWE+d8UeSlb4U8AUO9tGGSL
tnKcEfFYApvAmmw564FeVa5ZKeORbPHEk2uB0m3TGgHzNGvDvvRRir/uO+0EBMIK
+MWRzP0eOwp+Uf3LqDG6P4sZMjbs8LweoJZQSg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:03:15 2025 by rpki-client