Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/eYkBpM2u33BYok6mZftzeE9g6D8.roa
File: eYkBpM2u33BYok6mZftzeE9g6D8.roa (raw, json)
Hash identifier: eNjUZkT6FeXH8yCsEaRF43zD7E/898GAivSbmGL8WyM=
Subject key identifier: 79:89:01:A4:CD:AE:DF:70:58:A2:4E:A6:65:FB:73:78:4F:60:E8:3F
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0196684712F1759CE3874BA79C9CB164E216
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/eYkBpM2u33BYok6mZftzeE9g6D8.roa
Signing time: Thu 24 Apr 2025 14:50:10 +0000
ROA not before: Thu 24 Apr 2025 14:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 188.190.3.0/24 maxlen: 24
188.190.5.0/24 maxlen: 24
188.190.18.0/24 maxlen: 24
188.190.21.0/24 maxlen: 24
188.190.22.0/24 maxlen: 24
188.190.23.0/24 maxlen: 24
188.190.24.0/24 maxlen: 24
188.190.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 14:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:47:12:f1:75:9c:e3:87:4b:a7:9c:9c:b1:64:e2:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Apr 24 14:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=798901a4cdaedf7058a24ea665fb73784f60e83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:00:a2:13:f8:39:70:aa:1e:44:aa:4e:16:4f:
b9:00:82:73:bd:17:54:2d:a1:52:ec:06:41:4d:98:
18:e9:5e:4a:e4:f6:66:74:fb:d9:e3:fa:8f:1b:93:
01:0b:4b:fc:8f:b1:58:01:08:ba:06:f6:99:80:c2:
cb:64:45:e1:6b:38:dd:f1:3a:3d:ca:89:b5:c7:2e:
cf:c8:82:17:05:d3:46:c6:fc:48:fe:ca:aa:77:10:
c7:e6:b9:e2:7a:e0:4e:b9:92:6d:1a:22:18:6f:05:
e9:e4:d0:80:1f:0d:09:f1:fa:ba:e5:f0:ff:4c:20:
7f:ba:e6:f8:b5:f6:ed:3b:7e:9b:d7:31:3e:95:99:
53:8f:47:86:1d:c0:3e:b9:de:dd:7d:0f:19:62:37:
54:3e:e2:84:90:54:6b:32:54:d4:2e:f9:77:55:1e:
93:c1:5c:02:f4:01:7e:e8:3b:fc:6f:1d:94:ab:3b:
31:14:58:77:9e:c8:07:a6:30:9d:72:fd:a8:86:31:
d6:42:38:4e:d3:bd:6f:38:5d:6a:40:e0:3f:04:6c:
f3:3f:41:40:08:47:b4:1b:06:25:1f:75:c1:66:de:
e5:53:c5:9c:cf:05:6b:f3:d7:5e:46:96:8e:9d:7c:
12:4c:17:db:4b:37:59:94:7c:34:44:2e:a8:3e:62:
1d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:89:01:A4:CD:AE:DF:70:58:A2:4E:A6:65:FB:73:78:4F:60:E8:3F
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/eYkBpM2u33BYok6mZftzeE9g6D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.3.0/24
188.190.5.0/24
188.190.18.0/24
188.190.21.0-188.190.25.255
Signature Algorithm: sha256WithRSAEncryption
b4:5a:3d:e5:d8:c9:22:fd:36:1b:30:99:01:2b:55:ba:09:f1:
9e:2b:87:3e:45:a0:05:1a:72:2c:31:4c:f4:16:e6:2f:0b:a3:
61:2f:a9:0e:ba:fc:7e:95:46:cd:ab:a1:f9:e4:21:96:d2:b2:
db:a9:18:55:01:71:a6:bd:13:4b:4a:78:64:87:be:58:e9:c7:
27:97:45:6d:a6:b1:36:c0:9a:39:f4:17:d4:63:3c:cd:86:25:
9e:6f:4d:f8:42:ec:2e:a8:4c:5d:ce:02:4a:92:0f:67:be:77:
46:6f:46:2d:83:2e:81:ee:e6:97:d9:fc:f2:f2:18:fc:28:aa:
c4:ec:98:ca:40:8b:a1:99:aa:f3:56:b3:78:6e:77:67:f7:58:
55:65:7a:10:02:31:5e:e8:20:48:51:03:65:4d:81:7d:c0:3f:
50:b3:21:62:fb:1d:23:18:0c:e1:59:31:d8:60:30:5d:17:49:
34:7b:ea:18:6e:27:3a:a1:12:f7:5d:0b:c7:a8:30:a3:c1:56:
1f:c1:46:6f:84:65:72:29:3a:f2:0f:33:f7:1f:08:67:7c:8d:
18:ea:d0:15:a9:1f:18:b8:fd:6d:b3:c6:fc:53:06:c1:b9:24:
1f:65:1c:42:27:9c:72:64:62:d1:26:72:7b:80:66:6a:f6:bb:
f3:59:8d:91
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZoRxLxdZzjh0unnJyxZOIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjUwNDI0MTQ1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTg5MDFhNGNkYWVkZjcwNThhMjRlYTY2NWZiNzM3ODRmNjBlODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygCiE/g5cKoeRKpOFk+5AIJzvRdU
LaFS7AZBTZgY6V5K5PZmdPvZ4/qPG5MBC0v8j7FYAQi6BvaZgMLLZEXhazjd8To9
yom1xy7PyIIXBdNGxvxI/sqqdxDH5rnieuBOuZJtGiIYbwXp5NCAHw0J8fq65fD/
TCB/uub4tfbtO36b1zE+lZlTj0eGHcA+ud7dfQ8ZYjdUPuKEkFRrMlTULvl3VR6T
wVwC9AF+6Dv8bx2UqzsxFFh3nsgHpjCdcv2ohjHWQjhO071vOF1qQOA/BGzzP0FA
CEe0GwYlH3XBZt7lU8WczwVr89deRpaOnXwSTBfbSzdZlHw0RC6oPmIdpQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHmJAaTNrt9wWKJOpmX7c3hPYOg/MB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvZVlrQnBNMnUzM0JZb2s2bVpmdHplRTlnNkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAvL4DAwQA
vL4FAwQAvL4SMAwDBAC8vhUDBAG8vhgwDQYJKoZIhvcNAQELBQADggEBALRaPeXY
ySL9NhswmQErVboJ8Z4rhz5FoAUaciwxTPQW5i8Lo2EvqQ66/H6VRs2rofnkIZbS
stupGFUBcaa9E0tKeGSHvljpxyeXRW2msTbAmjn0F9RjPM2GJZ5vTfhC7C6oTF3O
AkqSD2e+d0ZvRi2DLoHu5pfZ/PLyGPwoqsTsmMpAi6GZqvNWs3hud2f3WFVlehAC
MV7oIEhRA2VNgX3AP1CzIWL7HSMYDOFZMdhgMF0XSTR76hhuJzqhEvddC8eoMKPB
Vh/BRm+EZXIpOvIPM/cfCGd8jRjq0BWpHxi4/W2zxvxTBsG5JB9lHEInnHJkYtEm
cnuAZmr2u/NZjZE=
-----END CERTIFICATE-----
Generated at Sun May 11 10:43:03 2025 by rpki-client