Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/4Xq3zPhSwzd5wenl4t1_giN-YhM.roa
File: 4Xq3zPhSwzd5wenl4t1_giN-YhM.roa (raw, json)
Hash identifier: /wc3wUFe6GKf280YwJlRvUTuRUonM+E2qfxzJNPciM8=
Subject key identifier: E1:7A:B7:CC:F8:52:C3:37:79:C1:E9:E5:E2:DD:7F:82:23:7E:62:13
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 0194D7096CB21292CB0FDA76B0B421122483
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/4Xq3zPhSwzd5wenl4t1_giN-YhM.roa
Signing time: Wed 05 Feb 2025 16:55:06 +0000
ROA not before: Wed 05 Feb 2025 16:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 15:15:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:09:6c:b2:12:92:cb:0f:da:76:b0:b4:21:12:24:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Feb 5 16:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e17ab7ccf852c33779c1e9e5e2dd7f82237e6213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:58:6b:ab:2f:5e:d1:d6:1c:05:ab:58:68:
33:e0:13:68:8f:01:4b:25:4b:73:dc:34:25:a7:d1:
4e:83:38:22:04:c4:e9:08:90:45:fb:7f:ff:f5:7d:
2e:1a:45:41:be:38:b9:dc:8f:b5:b8:20:bf:d8:bd:
e7:ec:e6:bc:f8:f2:28:38:2c:b0:6a:8a:19:dc:7d:
dc:98:c6:64:73:8d:29:0b:ea:a9:42:29:7d:28:73:
3c:e3:8d:6e:50:05:24:e5:98:07:1c:2b:e6:05:1b:
5a:4a:78:a7:02:27:67:74:16:94:48:3a:22:9c:34:
d9:8b:2f:e9:b7:b4:74:56:3c:06:35:21:66:eb:51:
21:a0:97:1c:d3:09:96:f7:ec:eb:49:da:06:23:e3:
82:51:bb:89:1a:78:3e:0c:00:ca:a0:e5:4f:4a:af:
3e:45:40:b5:51:3e:30:4c:cf:43:5a:dd:c2:f8:c8:
9b:00:cf:78:05:31:11:31:7c:f4:f1:7e:1c:2e:ff:
72:14:71:16:37:71:ba:2b:f0:1b:ce:be:ba:9f:d4:
df:24:1f:3a:69:a7:10:e9:d3:bb:61:7c:bc:28:40:
e1:6e:dd:10:82:06:6f:b3:b5:0a:6e:9f:71:2b:b0:
b0:b9:9a:95:3d:d0:6e:6b:ca:41:48:34:b2:ee:2c:
20:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7A:B7:CC:F8:52:C3:37:79:C1:E9:E5:E2:DD:7F:82:23:7E:62:13
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/4Xq3zPhSwzd5wenl4t1_giN-YhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.184.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:7b:98:e2:8c:f9:60:0a:aa:cc:47:c7:a2:dd:39:d5:75:57:
90:c9:3f:16:87:c7:ed:31:f6:14:45:6a:bd:7d:cf:25:68:49:
14:c3:3a:df:05:91:e4:3b:32:c8:ec:ed:af:74:ca:55:19:7a:
14:86:41:63:5b:be:92:0f:09:e4:a9:bc:d3:dc:c3:25:20:57:
eb:e9:22:aa:bc:77:56:e4:c6:c5:eb:ff:e8:20:cb:82:8c:13:
3f:f5:b1:03:a2:f4:59:ef:a8:94:aa:ec:6f:b4:f7:fd:3c:b9:
53:e6:32:85:1b:22:62:f9:80:67:57:74:95:91:6a:eb:1a:36:
1c:91:33:4d:cb:ab:04:b2:d5:06:3f:6e:aa:90:34:df:d6:89:
fc:c5:fa:3d:6a:40:6e:8c:66:c3:7b:84:93:d4:68:73:0a:1b:
0b:b7:76:ef:c5:99:1a:33:f4:1a:b9:55:43:b6:45:be:cd:ed:
df:bc:2b:12:b3:5c:6e:cc:97:3d:b0:6d:df:3d:30:58:09:7b:
2c:25:f5:21:7f:7a:ba:7e:5a:42:0e:73:89:68:fe:67:b4:f5:
51:d7:f7:d2:31:79:1b:37:4a:f6:d7:d7:34:18:b7:31:75:65:
22:1e:d6:5a:fa:02:22:e7:7f:16:6e:b5:4c:bf:9c:e9:16:ec:
b3:cc:4d:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTXCWyyEpLLD9p2sLQhEiSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwMjA1MTY1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdhYjdjY2Y4NTJjMzM3NzljMWU5ZTVlMmRkN2Y4MjIzN2U2MjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpxYa6svXtHWHAWrWGgz4BNojwFL
JUtz3DQlp9FOgzgiBMTpCJBF+3//9X0uGkVBvji53I+1uCC/2L3n7Oa8+PIoOCyw
aooZ3H3cmMZkc40pC+qpQil9KHM8441uUAUk5ZgHHCvmBRtaSninAidndBaUSDoi
nDTZiy/pt7R0VjwGNSFm61EhoJcc0wmW9+zrSdoGI+OCUbuJGng+DADKoOVPSq8+
RUC1UT4wTM9DWt3C+MibAM94BTERMXz08X4cLv9yFHEWN3G6K/Abzr66n9TfJB86
aacQ6dO7YXy8KEDhbt0QggZvs7UKbp9xK7CwuZqVPdBua8pBSDSy7iwgTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOF6t8z4UsM3ecHp5eLdf4IjfmITMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvNFhxM3pQaFN3emQ1d2VubDR0MV9naU4tWWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ES4MA0G
CSqGSIb3DQEBCwUAA4IBAQBce5jijPlgCqrMR8ei3TnVdVeQyT8Wh8ftMfYURWq9
fc8laEkUwzrfBZHkOzLI7O2vdMpVGXoUhkFjW76SDwnkqbzT3MMlIFfr6SKqvHdW
5MbF6//oIMuCjBM/9bEDovRZ76iUquxvtPf9PLlT5jKFGyJi+YBnV3SVkWrrGjYc
kTNNy6sEstUGP26qkDTf1on8xfo9akBujGbDe4ST1GhzChsLt3bvxZkaM/QauVVD
tkW+ze3fvCsSs1xuzJc9sG3fPTBYCXssJfUhf3q6flpCDnOJaP5ntPVR1/fSMXkb
N0r219c0GLcxdWUiHtZa+gIi538WbrVMv5zpFuyzzE09
-----END CERTIFICATE-----
Generated at Tue May 13 22:50:40 2025 by rpki-client