Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d4Akel-yYcTEkuUhrgW-d4a5POs.roa
File: d4Akel-yYcTEkuUhrgW-d4a5POs.roa (raw, json)
Hash identifier: t3lvS5D4WF6ZH1d1J5BumCMvp76avLEzqhcnNB6g6io=
Subject key identifier: 77:80:24:7A:5F:B2:61:C4:C4:92:E5:21:AE:05:BE:77:86:B9:3C:EB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019692FB63BB9818CAB1FBE9E3E11A646A97
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d4Akel-yYcTEkuUhrgW-d4a5POs.roa
Signing time: Fri 02 May 2025 21:51:10 +0000
ROA not before: Fri 02 May 2025 21:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209639
IP address blocks: 83.219.97.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 May 2025 11:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:92:fb:63:bb:98:18:ca:b1:fb:e9:e3:e1:1a:64:6a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 2 21:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7780247a5fb261c4c492e521ae05be7786b93ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:94:b3:1b:e7:8f:ac:db:da:4c:3e:a8:7f:03:
b0:1d:ba:11:a3:03:d5:b2:0b:d9:42:d8:4d:a3:56:
f5:47:d1:46:a3:74:57:a2:94:20:71:77:b8:a0:60:
83:80:39:89:55:17:3f:f6:f3:36:f4:e4:09:af:3d:
24:5e:b3:a2:fc:e2:b6:c6:34:b9:ad:3e:2f:56:cd:
28:87:1a:a9:6f:b2:ce:47:d1:12:ed:6b:91:5e:02:
46:52:0a:6c:b9:27:ef:4b:e4:58:4a:b9:4f:a7:aa:
24:b0:39:36:c7:38:16:72:04:8d:03:13:2b:23:17:
c0:5f:bc:79:a4:0a:7b:e6:fd:9c:a6:98:9f:d6:25:
20:c1:6d:19:5f:f1:f9:ae:81:bc:b4:f2:95:1b:61:
28:9b:6b:72:9b:e4:ff:94:33:04:2b:c5:df:1c:03:
92:36:2b:ec:80:d7:f1:ca:e3:ed:83:65:68:9f:fc:
f5:68:87:96:a2:d1:c8:aa:22:01:19:79:c8:94:56:
0d:2c:81:17:b7:77:c6:9c:3a:c3:6b:83:60:a0:77:
47:d8:14:59:5a:bb:f5:36:f1:19:cc:df:67:50:7e:
fe:1b:b0:6b:61:97:75:ca:69:6e:84:39:7f:5e:f0:
c6:c5:bb:a3:ab:0f:39:ea:b3:ca:8f:7c:93:2e:4b:
f4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:80:24:7A:5F:B2:61:C4:C4:92:E5:21:AE:05:BE:77:86:B9:3C:EB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d4Akel-yYcTEkuUhrgW-d4a5POs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.219.97.0/24
87.121.221.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d4:12:05:73:a8:63:06:e9:5b:7a:c8:ad:9a:49:1a:2c:4c:
3a:94:71:10:5e:1d:0b:69:15:e8:80:26:82:d6:3f:f0:d4:41:
e2:b1:34:aa:65:fb:1b:36:ce:f0:d5:3b:33:5b:52:c7:1d:44:
ea:dd:b0:19:ba:59:ee:2a:7e:97:d8:77:bc:de:63:37:51:03:
7a:05:09:b1:31:48:86:fd:dc:d0:2b:76:b4:10:7d:ca:64:27:
8e:b3:bc:2c:73:77:d7:37:07:72:f5:b6:0d:06:a1:a7:f1:3d:
38:82:d5:4a:f8:cf:a5:52:80:0a:42:ae:70:33:ae:cb:a3:4d:
88:47:f9:05:65:43:cc:e6:1a:88:a1:44:66:22:21:ea:9f:3f:
0d:b2:9f:09:25:13:07:57:a4:d8:90:d5:fc:77:7b:19:bc:ea:
ee:f6:9f:1a:43:ea:68:03:c1:6d:11:5b:aa:13:23:e1:94:a4:
66:c3:52:44:38:b6:62:b6:c2:f3:d9:5b:64:d1:af:51:91:83:
73:fd:3e:e2:99:24:37:92:e2:37:e0:fc:c6:a1:67:35:a6:cf:
ab:98:49:f8:0d:ec:bd:7e:9d:ee:b4:b2:02:ef:a7:6a:1b:14:
c8:3a:fb:03:9a:35:d7:bd:43:28:4a:30:18:a4:49:39:ba:92:
59:56:6d:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZaS+2O7mBjKsfvp4+EaZGqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTAyMjE1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzgwMjQ3YTVmYjI2MWM0YzQ5MmU1MjFhZTA1YmU3Nzg2YjkzY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZSzG+ePrNvaTD6ofwOwHboRowPV
sgvZQthNo1b1R9FGo3RXopQgcXe4oGCDgDmJVRc/9vM29OQJrz0kXrOi/OK2xjS5
rT4vVs0ohxqpb7LOR9ES7WuRXgJGUgpsuSfvS+RYSrlPp6oksDk2xzgWcgSNAxMr
IxfAX7x5pAp75v2cppif1iUgwW0ZX/H5roG8tPKVG2Eom2tym+T/lDMEK8XfHAOS
NivsgNfxyuPtg2Von/z1aIeWotHIqiIBGXnIlFYNLIEXt3fGnDrDa4NgoHdH2BRZ
Wrv1NvEZzN9nUH7+G7BrYZd1ymluhDl/XvDGxbujqw856rPKj3yTLkv0/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHeAJHpfsmHExJLlIa4FvneGuTzrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZDRBa2VsLXlZY1RFa3VVaHJnVy1kNGE1UE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAU9thAwQA
V3ndAwQAsH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUAA4IBAQCN1BIFc6hj
BulbesitmkkaLEw6lHEQXh0LaRXogCaC1j/w1EHisTSqZfsbNs7w1TszW1LHHUTq
3bAZulnuKn6X2He83mM3UQN6BQmxMUiG/dzQK3a0EH3KZCeOs7wsc3fXNwdy9bYN
BqGn8T04gtVK+M+lUoAKQq5wM67Lo02IR/kFZUPM5hqIoURmIiHqnz8Nsp8JJRMH
V6TYkNX8d3sZvOru9p8aQ+poA8FtEVuqEyPhlKRmw1JEOLZitsLz2Vtk0a9RkYNz
/T7imSQ3kuI34PzGoWc1ps+rmEn4Dey9fp3utLIC76dqGxTIOvsDmjXXvUMoSjAY
pEk5upJZVm0h
-----END CERTIFICATE-----
Generated at Tue May 13 17:46:05 2025 by rpki-client