Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/07VyCx32Zq1dcX6qBHB7hwl3DAE.roa
File: 07VyCx32Zq1dcX6qBHB7hwl3DAE.roa (raw, json)
Hash identifier: gT7NFbcgEU3ugcpnBUgsLdptJzr2vCHk/s1SHPn28tU=
Subject key identifier: D3:B5:72:0B:1D:F6:66:AD:5D:71:7E:AA:04:70:7B:87:09:77:0C:01
Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Certificate serial: 01944037145CBCAFE0AD81F76BB08BC1C84F
Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/07VyCx32Zq1dcX6qBHB7hwl3DAE.roa
Signing time: Tue 07 Jan 2025 10:02:18 +0000
ROA not before: Tue 07 Jan 2025 10:02:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49632
IP address blocks: 188.125.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 10:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:37:14:5c:bc:af:e0:ad:81:f7:6b:b0:8b:c1:c8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Validity
Not Before: Jan 7 10:02:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3b5720b1df666ad5d717eaa04707b8709770c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e9:75:65:7e:54:d2:77:c5:2a:f0:97:d7:b6:
ee:33:65:09:97:c8:22:d5:91:a0:61:b8:ab:90:9b:
78:e8:b5:e2:8a:7b:d5:1e:a5:6e:25:7c:ec:60:32:
43:2b:9c:99:38:63:8f:19:09:58:9d:2f:71:18:db:
d3:8d:fa:46:be:67:c9:c3:b6:19:6d:13:34:8a:1e:
c2:82:56:3e:2a:ed:b2:7d:19:5d:e0:f9:1e:f4:63:
d2:46:68:60:1d:e1:45:f3:4b:1a:f3:8a:8e:44:72:
9a:74:93:ea:de:6f:ec:78:1d:34:a3:4c:35:ed:2d:
9e:84:d1:c7:60:cb:62:69:6a:40:d0:de:51:c4:6f:
b7:b2:a9:75:01:f8:cd:57:de:a7:f8:da:8e:ca:13:
86:2c:b0:3f:d7:a8:fe:b5:98:e0:69:e3:0c:d3:bb:
93:1c:a2:66:e0:ad:9d:30:67:54:08:48:18:65:fa:
95:ce:98:11:5c:5f:7d:e2:3c:0c:72:00:1a:0a:93:
f6:d8:92:c5:ef:16:f2:1d:15:f5:81:84:44:df:69:
95:ba:76:b7:fc:81:18:cd:f7:29:97:8e:f8:d3:b6:
f4:ae:c8:73:a5:e8:36:1f:11:97:27:8b:c5:87:ce:
20:a1:45:82:83:a1:9a:7b:11:89:4d:c8:31:3c:86:
89:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B5:72:0B:1D:F6:66:AD:5D:71:7E:AA:04:70:7B:87:09:77:0C:01
X509v3 Authority Key Identifier:
keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/07VyCx32Zq1dcX6qBHB7hwl3DAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
79:be:9a:01:d3:23:84:34:58:29:09:c5:41:61:4a:4d:98:fb:
c8:12:92:66:56:76:05:5c:22:08:2f:05:a3:ed:2a:8d:6d:e0:
88:40:37:9e:03:cc:51:fa:2b:d7:07:27:3e:02:4b:7f:9e:8f:
78:53:00:ec:c8:20:34:5f:d4:6f:4e:28:77:0d:83:26:2b:4f:
af:1b:50:9e:91:b4:01:d3:ec:36:1c:b0:eb:d4:a1:53:02:dd:
09:85:3c:63:4f:df:3e:ec:3e:85:a5:7f:16:c7:7f:49:b5:b3:
d8:19:80:69:c3:32:17:0a:51:a8:88:89:49:09:fe:3e:4c:29:
1c:f2:2d:b6:4a:73:83:ff:a3:59:96:2e:a4:85:c6:7f:61:df:
59:da:9b:46:65:c5:ec:a0:86:35:a4:3b:06:0e:ef:51:a0:90:
57:2d:08:a6:70:7f:dd:5e:44:2f:6a:9c:c7:0f:cb:f7:48:ca:
35:02:03:bb:3e:cb:c5:65:3b:d2:4b:0f:f0:ad:d4:cb:3a:9e:
fb:71:70:d9:d3:8a:7e:57:82:5e:bf:30:a2:71:cf:b0:27:6c:
ab:43:a7:40:6d:b6:bb:5e:00:8c:d2:81:b2:b3:e5:6e:07:05:
f3:1b:a3:ae:39:ab:15:c6:a4:a7:50:07:22:46:b7:de:a7:95:
ca:40:0e:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRANxRcvK/grYH3a7CLwchPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw
YTdkZGIwHhcNMjUwMTA3MTAwMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2I1NzIwYjFkZjY2NmFkNWQ3MTdlYWEwNDcwN2I4NzA5NzcwYzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyel1ZX5U0nfFKvCX17buM2UJl8gi
1ZGgYbirkJt46LXiinvVHqVuJXzsYDJDK5yZOGOPGQlYnS9xGNvTjfpGvmfJw7YZ
bRM0ih7CglY+Ku2yfRld4Pke9GPSRmhgHeFF80sa84qORHKadJPq3m/seB00o0w1
7S2ehNHHYMtiaWpA0N5RxG+3sql1AfjNV96n+NqOyhOGLLA/16j+tZjgaeMM07uT
HKJm4K2dMGdUCEgYZfqVzpgRXF994jwMcgAaCpP22JLF7xbyHRX1gYRE32mVuna3
/IEYzfcpl47407b0rshzpeg2HxGXJ4vFh84goUWCg6GaexGJTcgxPIaJdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNO1cgsd9matXXF+qgRwe4cJdwwBMB8GA1UdIwQY
MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt
MDRhYzE3ODgxYWE5LzEvMDdWeUN4MzJacTFkY1g2cUJIQjdod2wzREFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5
LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvH2uMA0G
CSqGSIb3DQEBCwUAA4IBAQB5vpoB0yOENFgpCcVBYUpNmPvIEpJmVnYFXCIILwWj
7SqNbeCIQDeeA8xR+ivXByc+Akt/no94UwDsyCA0X9RvTih3DYMmK0+vG1CekbQB
0+w2HLDr1KFTAt0JhTxjT98+7D6FpX8Wx39JtbPYGYBpwzIXClGoiIlJCf4+TCkc
8i22SnOD/6NZli6khcZ/Yd9Z2ptGZcXsoIY1pDsGDu9RoJBXLQimcH/dXkQvapzH
D8v3SMo1AgO7PsvFZTvSSw/wrdTLOp77cXDZ04p+V4JevzCicc+wJ2yrQ6dAbba7
XgCM0oGys+VuBwXzG6OuOasVxqSnUAciRrfep5XKQA7f
-----END CERTIFICATE-----
Generated at Mon May 12 02:51:22 2025 by rpki-client