Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/IJ7PIwm6LjTrFkbkCohKM0s0GO4.roa
File: IJ7PIwm6LjTrFkbkCohKM0s0GO4.roa (raw, json)
Hash identifier: 1uQXHM0kwOfoLOYnu69//d+3yR4Xy+VYzeDl65g7E2k=
Subject key identifier: 20:9E:CF:23:09:BA:2E:34:EB:16:46:E4:0A:88:4A:33:4B:34:18:EE
Certificate issuer: /CN=713b9404a0c43223addc8ea1b10ab74b777a2a01
Certificate serial: 018CC424C3539B2E99605AC964BA2C7F9590
Authority key identifier: 71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/IJ7PIwm6LjTrFkbkCohKM0s0GO4.roa
Signing time: Mon 01 Jan 2024 08:29:52 +0000
ROA not before: Mon 01 Jan 2024 08:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25234
IP address blocks: 81.95.96.0/20 maxlen: 20
45.10.97.0/24 maxlen: 24
31.15.8.0/21 maxlen: 21
185.12.196.0/22 maxlen: 22
2a10:bbc0::/32 maxlen: 32
2a02:4a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c3:53:9b:2e:99:60:5a:c9:64:ba:2c:7f:95:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=713b9404a0c43223addc8ea1b10ab74b777a2a01
Validity
Not Before: Jan 1 08:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=209ecf2309ba2e34eb1646e40a884a334b3418ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:ef:55:6f:f8:74:39:54:1d:f9:2c:da:70:
c3:e3:e1:51:1f:69:b5:ff:ea:d1:61:da:6f:ce:c5:
b8:c7:d9:62:8b:6d:45:cc:20:60:e6:90:e7:54:40:
50:83:5a:62:eb:54:ef:b0:5b:e2:15:11:4f:9d:93:
b1:b8:f7:e1:57:7a:3b:8a:c5:7f:ac:7e:3d:0b:d0:
9e:0f:3c:13:48:b9:c6:62:d4:82:db:bf:de:9c:6e:
db:da:48:de:24:84:e6:f6:c8:31:4c:2d:d1:12:5d:
f6:19:df:b2:81:ca:e6:0c:e5:14:93:26:c5:2d:5d:
30:d9:a5:0e:1c:a0:e8:b9:26:1c:d5:7c:04:d2:b1:
ed:2a:d8:3b:0a:47:fa:1d:58:f6:62:9f:56:cb:92:
f2:a2:0f:af:50:21:cf:67:7c:d0:61:b8:b1:6a:db:
bf:45:01:97:9d:48:f4:ae:96:d2:fc:c7:11:d5:08:
2f:2c:73:a9:e6:fd:4b:ef:bf:8b:48:6d:10:61:73:
23:fc:24:c2:68:cb:c7:4d:3d:7c:38:e1:f5:26:63:
73:0b:00:a2:c4:f8:42:9a:3c:5b:e0:91:a4:f9:17:
fa:3a:5d:9d:57:9f:22:c9:7b:30:82:f6:2b:dd:53:
7a:16:c2:c3:4f:b9:19:13:a0:31:ec:57:af:1c:ce:
e5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:9E:CF:23:09:BA:2E:34:EB:16:46:E4:0A:88:4A:33:4B:34:18:EE
X509v3 Authority Key Identifier:
keyid:71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/IJ7PIwm6LjTrFkbkCohKM0s0GO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/cTuUBKDEMiOt3I6hsQq3S3d6KgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.8.0/21
45.10.97.0/24
81.95.96.0/20
185.12.196.0/22
IPv6:
2a02:4a8::/32
2a10:bbc0::/32
Signature Algorithm: sha256WithRSAEncryption
29:66:61:a5:a8:66:6c:db:79:72:19:72:36:11:78:27:b8:7b:
e5:24:3c:77:f7:bb:fd:64:fc:85:57:4e:2e:e9:3a:47:86:da:
5b:1a:d5:1e:4f:fe:0f:2e:a0:9c:84:9d:2a:25:b9:37:9a:18:
07:75:6e:1d:bb:32:e3:94:27:33:62:13:0a:45:7e:bd:6f:78:
e9:0e:bc:aa:c6:5f:b4:f8:90:74:2c:63:d2:2c:5a:1d:0a:f3:
e0:2b:0c:dd:aa:21:fd:2a:f9:09:08:34:28:fa:58:56:cd:47:
dd:c4:9a:19:da:cd:d6:c6:1c:8a:18:3f:e3:b8:7d:31:8a:34:
75:cb:e8:bb:e4:34:12:e6:f1:29:7b:87:78:21:ad:95:7f:ce:
7c:a3:73:2e:34:ce:d6:9b:67:27:5a:42:49:ab:1d:ea:79:66:
aa:74:52:8f:f5:62:c5:ff:d0:d5:71:01:07:00:6f:5d:26:b1:
71:7c:50:17:9b:9b:b4:9a:fb:6f:af:63:52:d9:ac:d4:dc:09:
33:f8:ac:0d:41:e8:9f:3a:83:24:94:4f:3f:2a:52:a8:e8:b7:
26:3a:02:91:a7:84:d6:9d:44:ac:f6:68:bc:ef:19:ec:4d:5c:
42:88:76:62:86:db:ca:57:2c:74:f1:3f:f9:37:9a:dd:98:1f:
44:c6:ce:ca
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzEJMNTmy6ZYFrJZLosf5WQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxM2I5NDA0YTBjNDMyMjNhZGRjOGVhMWIxMGFiNzRiNzc3
YTJhMDEwHhcNMjQwMTAxMDgyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDllY2YyMzA5YmEyZTM0ZWIxNjQ2ZTQwYTg4NGEzMzRiMzQxOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC/vVW/4dDlUHfks2nDD4+FRH2m1
/+rRYdpvzsW4x9lii21FzCBg5pDnVEBQg1pi61TvsFviFRFPnZOxuPfhV3o7isV/
rH49C9CeDzwTSLnGYtSC27/enG7b2kjeJITm9sgxTC3REl32Gd+ygcrmDOUUkybF
LV0w2aUOHKDouSYc1XwE0rHtKtg7Ckf6HVj2Yp9Wy5Lyog+vUCHPZ3zQYbixatu/
RQGXnUj0rpbS/McR1QgvLHOp5v1L77+LSG0QYXMj/CTCaMvHTT18OOH1JmNzCwCi
xPhCmjxb4JGk+Rf6Ol2dV58iyXswgvYr3VN6FsLDT7kZE6Ax7FevHM7lAwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCCezyMJui406xZG5AqISjNLNBjuMB8GA1UdIwQY
MBaAFHE7lASgxDIjrdyOobEKt0t3eioBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUt
N2E1MzFkNDgzNzQ3LzEvSUo3UEl3bTZMalRyRmtia0NvaEtNMHMwR080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUtN2E1MzFkNDgzNzQ3
LzEvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDHw8IAwQA
LQphAwQEUV9gAwQCuQzEMBQEAgACMA4DBQAqAgSoAwUAKhC7wDANBgkqhkiG9w0B
AQsFAAOCAQEAKWZhpahmbNt5chlyNhF4J7h75SQ8d/e7/WT8hVdOLuk6R4baWxrV
Hk/+Dy6gnISdKiW5N5oYB3VuHbsy45QnM2ITCkV+vW946Q68qsZftPiQdCxj0ixa
HQrz4CsM3aoh/Sr5CQg0KPpYVs1H3cSaGdrN1sYcihg/47h9MYo0dcvou+Q0Eubx
KXuHeCGtlX/OfKNzLjTO1ptnJ1pCSasd6nlmqnRSj/Vixf/Q1XEBBwBvXSaxcXxQ
F5ubtJr7b69jUtms1NwJM/isDUHonzqDJJRPPypSqOi3JjoCkaeE1p1ErPZovO8Z
7E1cQoh2YobbylcsdPE/+Tea3ZgfRMbOyg==
-----END CERTIFICATE-----
Generated at Sun May 11 06:36:13 2025 by rpki-client