Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/8nzBV_yRl_3fo9nLjuNCUXuJfrk.roa
File: 8nzBV_yRl_3fo9nLjuNCUXuJfrk.roa (raw, json)
Hash identifier: /0FzUKobFB278sA13ySAC5FjtWp43xP0S4lqtpBLFKY=
Subject key identifier: F2:7C:C1:57:FC:91:97:FD:DF:A3:D9:CB:8E:E3:42:51:7B:89:7E:B9
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0196819383CE491187F4FEC819471621220F
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/8nzBV_yRl_3fo9nLjuNCUXuJfrk.roa
Signing time: Tue 29 Apr 2025 12:44:10 +0000
ROA not before: Tue 29 Apr 2025 12:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
89.36.33.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.144.71.0/24 maxlen: 24
2a0c:2501::/32 maxlen: 32
2a0c:2501::/48 maxlen: 48
2a14:6780::/29 maxlen: 48
2a14:6780::/32 maxlen: 32
2a14:6781::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Apr 2025 01:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:93:83:ce:49:11:87:f4:fe:c8:19:47:16:21:22:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 29 12:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27cc157fc9197fddfa3d9cb8ee342517b897eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d9:bf:c1:18:f7:b3:94:05:56:22:94:58:aa:
00:e5:33:2d:71:59:05:58:4b:3d:e5:ca:2e:5b:b6:
1f:05:43:28:44:b2:c7:b5:7a:b1:dd:f9:c6:59:7d:
01:89:bc:98:0d:56:53:94:97:d1:4c:be:bc:d0:23:
1e:27:01:58:6d:de:99:cb:5e:8e:93:60:bf:90:78:
c6:de:33:a0:f1:ba:0a:38:75:f2:fa:84:6f:0f:71:
77:13:3d:53:60:8e:85:49:83:13:54:fc:94:f8:87:
b2:e9:c0:e1:24:57:62:34:7c:b4:df:60:84:57:78:
8e:1b:2d:f1:a9:d3:d1:58:67:d6:9e:0d:cd:63:1b:
88:fd:58:4a:2f:fc:35:36:4a:36:15:eb:2e:cd:e8:
b8:c9:a7:77:4d:86:d4:e0:a6:48:f1:5a:9c:0e:6f:
b8:86:18:8f:16:3c:9d:8d:c0:07:23:06:a7:c6:dd:
0b:90:de:4e:2b:d0:67:98:4b:70:05:ef:90:ce:0f:
0c:da:6a:6b:55:5f:b3:ca:23:16:5a:0f:34:44:e5:
64:69:19:99:7e:7c:53:95:71:e1:fb:04:42:56:66:
8c:ea:60:43:a0:2e:82:4d:c3:a5:78:14:ba:84:8e:
12:0d:70:5a:16:ab:31:2b:fd:f6:29:e7:80:44:07:
a7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7C:C1:57:FC:91:97:FD:DF:A3:D9:CB:8E:E3:42:51:7B:89:7E:B9
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/8nzBV_yRl_3fo9nLjuNCUXuJfrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/23
185.121.133.0/24
185.144.71.0/24
IPv6:
2a0c:2501::/32
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
1c:5d:4d:99:1e:b1:ce:c9:cf:26:4b:5b:fd:eb:04:67:88:ed:
5e:ed:c6:14:90:88:e2:b0:70:81:c1:18:2b:86:4d:38:23:6c:
ff:80:b6:a7:6a:89:f5:f6:d4:37:9d:46:95:63:73:d7:d3:ac:
36:d2:4b:9e:51:bc:e3:20:57:09:70:06:48:ab:82:4b:d3:44:
19:cb:36:22:2a:89:20:e0:e4:ee:11:4c:ac:f4:64:cc:83:c0:
09:5e:75:6a:7b:75:aa:de:60:c1:43:e9:20:bf:96:f4:18:07:
92:2f:00:6f:23:28:24:38:55:e2:fc:e3:15:2c:da:b2:7c:38:
33:b7:d4:6f:59:12:57:c2:1f:9b:89:9d:4f:8d:28:0d:c1:b0:
d4:56:88:70:bb:72:1c:82:6d:da:ce:89:ef:62:ca:fb:66:ba:
9e:a9:df:11:59:62:07:5f:75:83:06:d2:4b:c2:ad:05:91:3e:
2c:44:a5:a8:eb:15:63:9e:72:68:8b:c4:33:4d:4d:03:f7:de:
8a:16:c0:48:b5:a0:2e:56:d8:a3:a4:7d:7d:c2:f1:98:14:de:
45:e7:68:b9:7c:d4:56:03:ee:8e:69:12:22:02:1f:00:d3:da:
fa:2a:01:1f:14:18:35:b4:fd:7e:34:18:7d:68:5d:aa:2b:e8:
8c:b7:1d:04
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZaBk4POSRGH9P7IGUcWISIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDI5MTI0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdjYzE1N2ZjOTE5N2ZkZGZhM2Q5Y2I4ZWUzNDI1MTdiODk3ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudm/wRj3s5QFViKUWKoA5TMtcVkF
WEs95couW7YfBUMoRLLHtXqx3fnGWX0BibyYDVZTlJfRTL680CMeJwFYbd6Zy16O
k2C/kHjG3jOg8boKOHXy+oRvD3F3Ez1TYI6FSYMTVPyU+Iey6cDhJFdiNHy032CE
V3iOGy3xqdPRWGfWng3NYxuI/VhKL/w1Nko2Fesuzei4yad3TYbU4KZI8VqcDm+4
hhiPFjydjcAHIwanxt0LkN5OK9BnmEtwBe+Qzg8M2mprVV+zyiMWWg80ROVkaRmZ
fnxTlXHh+wRCVmaM6mBDoC6CTcOleBS6hI4SDXBaFqsxK/32KeeARAenOQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPJ8wVf8kZf936PZy47jQlF7iX65MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvOG56QlZfeVJsXzNmbzluTGp1TkNVWHVKZnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBWSQgAwQA
uXmFAwQAuZBHMBQEAgACMA4DBQAqDCUBAwUDKhRngDANBgkqhkiG9w0BAQsFAAOC
AQEAHF1NmR6xzsnPJktb/esEZ4jtXu3GFJCI4rBwgcEYK4ZNOCNs/4C2p2qJ9fbU
N51GlWNz19OsNtJLnlG84yBXCXAGSKuCS9NEGcs2IiqJIODk7hFMrPRkzIPACV51
ant1qt5gwUPpIL+W9BgHki8AbyMoJDhV4vzjFSzasnw4M7fUb1kSV8Ifm4mdT40o
DcGw1FaIcLtyHIJt2s6J72LK+2a6nqnfEVliB191gwbSS8KtBZE+LESlqOsVY55y
aIvEM01NA/feihbASLWgLlbYo6R9fcLxmBTeRedouXzUVgPujmkSIgIfANPa+ioB
HxQYNbT9fjQYfWhdqivojLcdBA==
-----END CERTIFICATE-----
Generated at Tue May 13 00:27:53 2025 by rpki-client