Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/h8Vj3NVoveJD9fq7zE9-acfWb1o.roa
File: h8Vj3NVoveJD9fq7zE9-acfWb1o.roa (raw, json)
Hash identifier: /ttsTpBUh9VS3z9zih6xVwhjpM1phzkA9NJhKewFGrs=
Subject key identifier: 87:C5:63:DC:D5:68:BD:E2:43:F5:FA:BB:CC:4F:7E:69:C7:D6:6F:5A
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0194BE4F7771AB801159809AD117C3D68041
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/h8Vj3NVoveJD9fq7zE9-acfWb1o.roa
Signing time: Fri 31 Jan 2025 21:41:06 +0000
ROA not before: Fri 31 Jan 2025 21:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Feb 2025 16:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:be:4f:77:71:ab:80:11:59:80:9a:d1:17:c3:d6:80:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 31 21:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87c563dcd568bde243f5fabbcc4f7e69c7d66f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:09:ed:48:81:15:0a:f8:1d:89:5f:79:3d:05:
2e:bc:2d:af:92:60:4e:85:24:85:c6:01:69:93:38:
fd:b8:01:0b:6f:72:26:8d:65:43:53:f9:95:7e:6d:
ab:a9:52:07:96:7f:f0:27:d3:20:e1:24:27:cc:89:
2c:6b:d6:63:9a:ad:6b:a6:75:c1:05:fb:c1:9a:ed:
9a:8e:9a:11:63:e2:9b:30:ad:ea:4e:64:02:c2:37:
0a:5b:c8:75:34:52:1d:f5:f1:e3:d3:96:e8:f7:6b:
fd:22:f6:64:59:1c:32:4e:28:0e:a0:87:33:4c:02:
ec:6b:63:fd:68:d1:27:be:1a:11:27:07:2f:47:ff:
e4:10:c8:93:48:c8:54:a4:e1:01:49:1e:0c:0f:f9:
d6:33:82:16:1e:07:a7:7c:1e:c8:8b:86:33:05:7a:
16:49:be:1a:f4:b3:9c:e3:f5:12:6b:a9:73:9f:26:
0c:26:cf:83:1d:e2:08:95:20:a5:30:9f:a9:e4:29:
4e:6a:80:cb:a3:2c:26:70:c0:11:54:ba:ee:f5:3c:
30:c7:72:3c:54:3f:1b:1c:91:e4:6f:6c:10:8c:32:
18:b2:65:78:c9:7e:82:10:09:3e:97:f8:61:66:0e:
95:09:08:f1:11:4f:b3:b6:3a:d8:c9:42:bc:5e:50:
0b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C5:63:DC:D5:68:BD:E2:43:F5:FA:BB:CC:4F:7E:69:C7:D6:6F:5A
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/h8Vj3NVoveJD9fq7zE9-acfWb1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.141.0/24
213.254.179.0/24
IPv6:
2a01:e943::/48
2a01:e945::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
b7:ec:65:2f:34:ea:ab:5d:cb:33:60:16:ba:7c:ca:c1:c7:ea:
51:77:84:ca:86:f5:c9:8f:90:84:60:de:f8:3b:7c:23:92:7a:
8b:f2:1e:6f:f2:1a:59:e3:a9:0b:e1:9f:c0:6c:ea:95:17:ef:
d2:f4:db:34:8f:81:d0:5b:d9:49:68:a8:8c:dc:13:e0:bb:23:
bb:51:43:a6:d6:a8:ff:e5:1d:90:6a:89:da:74:89:1d:7e:f1:
8f:00:ec:55:b6:c7:92:c2:9f:18:ad:12:8e:00:b7:cd:e0:f6:
e7:75:05:30:2d:75:32:ab:8a:51:9e:29:99:8e:f7:78:a1:1a:
56:2e:de:23:1a:fc:68:2c:18:71:7f:14:e2:26:c0:8a:da:3e:
96:34:37:cb:9e:e2:a0:39:b3:4b:ee:91:74:4c:98:ab:f5:fc:
d4:64:68:ca:e5:54:6c:43:94:f5:92:e4:70:a5:5f:52:d3:71:
ca:ef:40:33:fe:66:9e:8a:e0:6a:26:9a:d8:9d:e2:63:00:b1:
7a:20:de:9a:ff:7a:72:33:a0:7f:98:e4:f4:ef:33:8e:99:db:
4b:c7:bd:1e:6f:5b:0e:86:70:97:53:e2:05:25:cd:cc:10:6b:
83:c3:0b:47:b7:4b:60:91:43:68:37:08:df:c8:dd:df:d2:04:
c6:70:0a:56
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZS+T3dxq4ARWYCa0RfD1oBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTMxMjE0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M1NjNkY2Q1NjhiZGUyNDNmNWZhYmJjYzRmN2U2OWM3ZDY2ZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/gntSIEVCvgdiV95PQUuvC2vkmBO
hSSFxgFpkzj9uAELb3ImjWVDU/mVfm2rqVIHln/wJ9Mg4SQnzIksa9Zjmq1rpnXB
BfvBmu2ajpoRY+KbMK3qTmQCwjcKW8h1NFId9fHj05bo92v9IvZkWRwyTigOoIcz
TALsa2P9aNEnvhoRJwcvR//kEMiTSMhUpOEBSR4MD/nWM4IWHgenfB7Ii4YzBXoW
Sb4a9LOc4/USa6lznyYMJs+DHeIIlSClMJ+p5ClOaoDLoywmcMARVLru9Twwx3I8
VD8bHJHkb2wQjDIYsmV4yX6CEAk+l/hhZg6VCQjxEU+ztjrYyUK8XlALgwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIfFY9zVaL3iQ/X6u8xPfmnH1m9aMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvaDhWajNOVm92ZUpEOWZxN3pFOS1hY2ZXYjFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAAjsWAwQA
1GiNAwQA1f6zMCEEAgACMBsDBwAqAelDAAADBwAqAelFAAADBwAqAelHAAAwDQYJ
KoZIhvcNAQELBQADggEBALfsZS806qtdyzNgFrp8ysHH6lF3hMqG9cmPkIRg3vg7
fCOSeovyHm/yGlnjqQvhn8Bs6pUX79L02zSPgdBb2UloqIzcE+C7I7tRQ6bWqP/l
HZBqidp0iR1+8Y8A7FW2x5LCnxitEo4At83g9ud1BTAtdTKrilGeKZmO93ihGlYu
3iMa/GgsGHF/FOImwIraPpY0N8ue4qA5s0vukXRMmKv1/NRkaMrlVGxDlPWS5HCl
X1LTccrvQDP+Zp6K4Gommtid4mMAsXog3pr/enIzoH+Y5PTvM46Z20vHvR5vWw6G
cJdT4gUlzcwQa4PDC0e3S2CRQ2g3CN/I3d/SBMZwClY=
-----END CERTIFICATE-----
Generated at Sat May 10 13:24:38 2025 by rpki-client