Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/iR0rj5dtsKVc-1u8rEYKhbGUJPU.roa
File: iR0rj5dtsKVc-1u8rEYKhbGUJPU.roa (raw, json)
Hash identifier: t9hXUPxGkOCmPrV9CptCCf1YC6fvbMi45UQ6g9Sucxw=
Subject key identifier: 89:1D:2B:8F:97:6D:B0:A5:5C:FB:5B:BC:AC:46:0A:85:B1:94:24:F5
Certificate issuer: /CN=a898496b8d1dd825b487038fb87ca199b13b93df
Certificate serial: 019427B51EBBD658D163CC2E9D0C29A5EF1A
Authority key identifier: A8:98:49:6B:8D:1D:D8:25:B4:87:03:8F:B8:7C:A1:99:B1:3B:93:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/iR0rj5dtsKVc-1u8rEYKhbGUJPU.roa
Signing time: Thu 02 Jan 2025 15:49:28 +0000
ROA not before: Thu 02 Jan 2025 15:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56533
IP address blocks: 195.211.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 07:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:1e:bb:d6:58:d1:63:cc:2e:9d:0c:29:a5:ef:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a898496b8d1dd825b487038fb87ca199b13b93df
Validity
Not Before: Jan 2 15:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=891d2b8f976db0a55cfb5bbcac460a85b19424f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:81:48:c8:4f:0a:df:c8:eb:93:30:70:bb:14:
d8:33:ad:19:b2:70:15:8a:6b:6d:69:96:96:63:90:
ff:ef:13:50:0e:1e:0c:b7:c3:a7:3e:df:3c:59:d9:
ee:bc:03:f9:c0:40:cb:e0:01:f8:a9:cf:c0:3e:52:
b0:99:f7:2c:05:d4:bc:21:75:2c:dc:a0:92:70:2a:
a7:87:07:38:5d:65:04:a9:be:06:76:5c:17:0b:f5:
da:32:0c:1a:9c:2c:01:14:fe:af:f2:7b:d9:39:f0:
13:fa:fa:7c:27:50:69:40:69:67:6f:86:93:86:b7:
bc:dd:9a:f2:63:cc:78:7a:61:8a:a4:18:1e:8d:12:
86:10:00:8a:90:ae:be:5e:b9:f2:c0:77:93:5c:26:
9d:d9:68:8a:4e:bc:1b:77:87:c3:8a:d3:86:fa:98:
61:96:18:b2:06:62:ce:28:b7:37:0f:26:64:13:27:
74:cf:a1:96:5f:12:5a:e8:6e:0b:df:35:d4:72:65:
f8:55:c3:da:4b:0f:7e:90:56:4d:fc:12:af:e4:d5:
41:9c:5b:eb:e9:98:eb:09:11:b3:a8:2e:7d:a9:72:
2a:10:cc:5c:64:f2:17:d0:8a:af:9f:00:4c:de:3a:
82:77:06:a0:d0:7b:3f:0e:19:84:10:73:de:96:86:
23:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1D:2B:8F:97:6D:B0:A5:5C:FB:5B:BC:AC:46:0A:85:B1:94:24:F5
X509v3 Authority Key Identifier:
keyid:A8:98:49:6B:8D:1D:D8:25:B4:87:03:8F:B8:7C:A1:99:B1:3B:93:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/iR0rj5dtsKVc-1u8rEYKhbGUJPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/qJhJa40d2CW0hwOPuHyhmbE7k98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.250.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:63:41:87:04:50:c8:aa:8b:3d:10:e2:a6:58:3a:6a:2b:76:
6f:04:34:f1:94:c4:d9:7c:a4:d4:29:3f:dd:15:d5:87:e3:aa:
5e:1e:3b:aa:c9:38:6a:6a:b2:da:3d:e6:e9:c4:b5:ad:69:b9:
aa:d7:48:7d:e9:06:ef:fc:70:47:a3:09:c8:fd:b9:0a:8a:0f:
3a:8e:c8:17:2e:95:75:3d:06:75:7d:e0:ab:7a:e3:74:ac:bd:
70:2a:6c:36:0c:a9:a4:09:20:74:fb:c8:81:96:b1:44:3e:7b:
ee:bb:15:f8:6a:b1:b1:d5:4c:7e:54:b3:95:12:25:df:77:9a:
d3:34:40:02:7f:08:66:e3:e8:a7:50:c1:97:23:a7:e4:cb:e2:
81:34:76:73:5c:93:57:b8:56:86:0f:12:04:f1:64:af:3c:b1:
56:a7:aa:d4:72:07:c0:17:52:db:d3:56:38:db:9e:29:d1:43:
2e:49:be:a7:20:8e:17:c9:d1:ca:66:8e:72:52:0d:03:19:06:
f7:c6:47:7b:79:cb:24:3c:0a:49:29:32:04:72:6a:d2:e8:c5:
79:e0:cc:bf:fc:c0:3e:2e:3b:87:f5:72:08:9e:06:ce:f1:af:
9f:4a:e6:d9:30:ac:9e:ab:26:91:86:4b:e7:a6:63:90:44:7a:
fc:a5:47:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntR671ljRY8wunQwppe8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OTg0OTZiOGQxZGQ4MjViNDg3MDM4ZmI4N2NhMTk5YjEz
YjkzZGYwHhcNMjUwMTAyMTU0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFkMmI4Zjk3NmRiMGE1NWNmYjViYmNhYzQ2MGE4NWIxOTQyNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oFIyE8K38jrkzBwuxTYM60ZsnAV
imttaZaWY5D/7xNQDh4Mt8OnPt88WdnuvAP5wEDL4AH4qc/APlKwmfcsBdS8IXUs
3KCScCqnhwc4XWUEqb4GdlwXC/XaMgwanCwBFP6v8nvZOfAT+vp8J1BpQGlnb4aT
hre83ZryY8x4emGKpBgejRKGEACKkK6+XrnywHeTXCad2WiKTrwbd4fDitOG+phh
lhiyBmLOKLc3DyZkEyd0z6GWXxJa6G4L3zXUcmX4VcPaSw9+kFZN/BKv5NVBnFvr
6ZjrCRGzqC59qXIqEMxcZPIX0IqvnwBM3jqCdwag0Hs/DhmEEHPeloYjrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkdK4+XbbClXPtbvKxGCoWxlCT1MB8GA1UdIwQY
MBaAFKiYSWuNHdgltIcDj7h8oZmxO5PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUpoSmE0MGQyQ1cwaHdPUHVIeWhtYkU3azk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84NjAzZTEtOWI2Yi00M2E2LWI5NWUt
MzY4NzhmNjU3ZTEyLzEvaVIwcmo1ZHRzS1ZjLTF1OHJFWUtoYkdVSlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84NjAzZTEtOWI2Yi00M2E2LWI5NWUtMzY4NzhmNjU3ZTEy
LzEvcUpoSmE0MGQyQ1cwaHdPUHVIeWhtYkU3azk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9P6MA0G
CSqGSIb3DQEBCwUAA4IBAQAcY0GHBFDIqos9EOKmWDpqK3ZvBDTxlMTZfKTUKT/d
FdWH46peHjuqyThqarLaPebpxLWtabmq10h96Qbv/HBHownI/bkKig86jsgXLpV1
PQZ1feCreuN0rL1wKmw2DKmkCSB0+8iBlrFEPnvuuxX4arGx1Ux+VLOVEiXfd5rT
NEACfwhm4+inUMGXI6fky+KBNHZzXJNXuFaGDxIE8WSvPLFWp6rUcgfAF1Lb01Y4
254p0UMuSb6nII4XydHKZo5yUg0DGQb3xkd7ecskPApJKTIEcmrS6MV54My//MA+
LjuH9XIIngbO8a+fSubZMKyeqyaRhkvnpmOQRHr8pUcy
-----END CERTIFICATE-----
Generated at Sat May 10 08:29:35 2025 by rpki-client