Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mF3nDgk0bde9h14DFtws-POjPPc.roa
File: mF3nDgk0bde9h14DFtws-POjPPc.roa (raw, json)
Hash identifier: LUpP6O0lVBr4knVYzpFotjqnluxndSoCAXNi4QDw99c=
Subject key identifier: 98:5D:E7:0E:09:34:6D:D7:BD:87:5E:03:16:DC:2C:F8:F3:A3:3C:F7
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0196A90EF00CA1019661FBF211C8EEE94C4B
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mF3nDgk0bde9h14DFtws-POjPPc.roa
Signing time: Wed 07 May 2025 04:44:10 +0000
ROA not before: Wed 07 May 2025 04:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214294
IP address blocks: 195.216.178.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 08 May 2025 16:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:0e:f0:0c:a1:01:96:61:fb:f2:11:c8:ee:e9:4c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: May 7 04:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=985de70e09346dd7bd875e0316dc2cf8f3a33cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:57:82:6f:e3:92:9f:7f:9b:27:f1:35:67:27:
e5:5c:22:62:5c:b1:ac:c5:54:dd:36:e4:a2:dd:f4:
0f:71:10:a9:f8:c3:23:1a:e2:90:e1:e9:cb:bc:5d:
f2:8c:e3:c5:e7:76:c8:a3:3f:26:a2:90:0c:8d:70:
bd:57:fb:7b:b2:9e:71:eb:0f:ef:a8:39:68:01:2c:
c9:94:9a:9d:34:85:7d:4b:7a:9e:da:bd:28:c6:44:
17:69:43:14:8f:c9:d2:14:a4:3b:ea:0a:e9:ea:87:
a7:1c:b8:91:01:d2:34:47:f2:67:cf:d2:d9:19:8e:
18:42:c7:70:26:17:d5:b3:21:33:ee:9e:5c:ca:aa:
ff:1f:80:a1:59:2c:59:d0:0f:57:1a:a4:54:e9:2e:
f3:6c:3b:21:ec:8a:0b:56:6b:5d:44:65:cc:d8:a3:
e4:7d:5c:54:ce:b9:2f:f9:36:0c:af:f3:95:2f:46:
da:50:6d:57:6c:01:27:70:3d:ea:a7:f7:47:df:38:
91:83:fe:de:af:fe:0d:41:37:66:ae:93:38:c3:6d:
90:18:8c:e8:69:0c:7e:42:38:83:22:f6:ba:bd:f5:
1c:61:36:d3:fc:3a:59:83:34:0e:de:4f:bb:22:5c:
c8:9b:17:e3:79:35:eb:e9:01:49:27:de:ab:31:e5:
cc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5D:E7:0E:09:34:6D:D7:BD:87:5E:03:16:DC:2C:F8:F3:A3:3C:F7
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mF3nDgk0bde9h14DFtws-POjPPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.178.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:64:74:29:1b:62:0d:a4:c4:b1:cc:d9:54:22:3b:26:e6:1f:
fc:7e:c2:b5:56:53:0b:4e:10:77:74:66:6a:fe:02:1d:9d:db:
5b:20:fc:93:c9:e5:01:a1:12:8e:3c:dd:3d:1e:26:05:42:94:
7d:a7:93:c4:4c:41:54:05:ae:99:91:24:1b:91:3c:2b:1b:25:
88:50:b6:03:0c:d5:6b:3b:43:6a:83:0e:74:27:00:12:fd:17:
07:4e:be:96:47:68:23:17:9b:62:a4:63:c3:c4:87:68:74:60:
17:04:21:6d:9b:84:30:9a:b8:56:5c:a1:45:5a:d6:2a:c9:75:
15:79:6b:8e:4c:7b:67:be:d7:ad:b6:15:f7:a9:2f:f3:3c:9e:
54:ab:13:49:5f:50:11:79:3f:3e:db:48:3e:1a:61:69:a0:a3:
db:c9:d8:a1:e4:6e:96:64:84:f7:ff:4e:2c:42:bc:05:ac:19:
f1:8c:ee:31:bf:68:57:13:6d:b3:cc:b2:53:cc:e0:7d:dd:1b:
71:2a:ee:c2:55:c1:a7:4c:a3:ae:fd:76:81:5c:b5:9d:b3:b8:
ab:30:d0:ff:4b:2a:2e:9b:15:0f:d8:48:86:7c:5c:48:ff:69:
0f:75:2f:b7:b9:bb:8f:ed:85:47:8e:82:27:d2:f7:b3:00:99:
a5:41:79:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZapDvAMoQGWYfvyEcju6UxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNTA3MDQ0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVkZTcwZTA5MzQ2ZGQ3YmQ4NzVlMDMxNmRjMmNmOGYzYTMzY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0leCb+OSn3+bJ/E1ZyflXCJiXLGs
xVTdNuSi3fQPcRCp+MMjGuKQ4enLvF3yjOPF53bIoz8mopAMjXC9V/t7sp5x6w/v
qDloASzJlJqdNIV9S3qe2r0oxkQXaUMUj8nSFKQ76grp6oenHLiRAdI0R/Jnz9LZ
GY4YQsdwJhfVsyEz7p5cyqr/H4ChWSxZ0A9XGqRU6S7zbDsh7IoLVmtdRGXM2KPk
fVxUzrkv+TYMr/OVL0baUG1XbAEncD3qp/dH3ziRg/7er/4NQTdmrpM4w22QGIzo
aQx+QjiDIva6vfUcYTbT/DpZgzQO3k+7IlzImxfjeTXr6QFJJ96rMeXMXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhd5w4JNG3XvYdeAxbcLPjzozz3MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbUYzbkRnazBiZGU5aDE0REZ0d3MtUE9qUFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9iyMA0G
CSqGSIb3DQEBCwUAA4IBAQBPZHQpG2INpMSxzNlUIjsm5h/8fsK1VlMLThB3dGZq
/gIdndtbIPyTyeUBoRKOPN09HiYFQpR9p5PETEFUBa6ZkSQbkTwrGyWIULYDDNVr
O0Nqgw50JwAS/RcHTr6WR2gjF5tipGPDxIdodGAXBCFtm4QwmrhWXKFFWtYqyXUV
eWuOTHtnvtetthX3qS/zPJ5UqxNJX1AReT8+20g+GmFpoKPbydih5G6WZIT3/04s
QrwFrBnxjO4xv2hXE22zzLJTzOB93RtxKu7CVcGnTKOu/XaBXLWds7irMND/Syou
mxUP2EiGfFxI/2kPdS+3ubuP7YVHjoIn0vezAJmlQXmM
-----END CERTIFICATE-----
Generated at Sat May 10 22:25:19 2025 by rpki-client