Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/IOYstFfoYU5lVSa0Skx0LSzPsGo.roa
File: IOYstFfoYU5lVSa0Skx0LSzPsGo.roa (raw, json)
Hash identifier: QVssybWzuEn1yTpy9YW8DOvelzlvOZ6zdLJRBhKeDAE=
Subject key identifier: 20:E6:2C:B4:57:E8:61:4E:65:55:26:B4:4A:4C:74:2D:2C:CF:B0:6A
Certificate issuer: /CN=e0691dbafa3a8de070b07022de9adf74341fb4f2
Certificate serial: 019420D5F2522B658AB6E92B7EAFBB32B2BD
Authority key identifier: E0:69:1D:BA:FA:3A:8D:E0:70:B0:70:22:DE:9A:DF:74:34:1F:B4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/IOYstFfoYU5lVSa0Skx0LSzPsGo.roa
Signing time: Wed 01 Jan 2025 07:47:59 +0000
ROA not before: Wed 01 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210474
IP address blocks: 212.23.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 07:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f2:52:2b:65:8a:b6:e9:2b:7e:af:bb:32:b2:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0691dbafa3a8de070b07022de9adf74341fb4f2
Validity
Not Before: Jan 1 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20e62cb457e8614e655526b44a4c742d2ccfb06a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0c:b8:60:a7:68:e1:77:ca:c7:f9:31:f9:05:
3b:ed:36:3a:d9:1b:b9:25:e6:9c:7e:a8:e3:6e:c7:
bb:83:55:f8:a3:e1:4a:02:58:93:47:2f:d9:57:0c:
f6:d7:55:c7:fe:06:d0:4b:16:35:7f:ed:aa:46:f6:
25:b9:d1:c4:db:18:f5:34:fb:05:0b:59:30:bb:1d:
63:39:fa:66:4d:7d:ef:e2:f3:47:65:c7:a1:a2:b6:
24:c8:82:f1:6f:04:31:a0:d7:1b:0e:d6:12:b7:5f:
1d:4f:34:b2:af:f1:c7:2e:17:b3:c7:a8:a5:96:c7:
37:c9:c7:51:25:cf:cb:5d:cc:08:52:8f:26:66:53:
10:1e:6b:57:22:8d:b7:28:23:11:f1:af:ad:d0:83:
84:c6:e2:0f:18:63:21:05:d4:9e:8b:b4:ce:cf:a5:
5e:3f:a6:68:f2:d0:aa:bf:5b:04:b2:35:43:7b:89:
ad:ee:c2:37:64:2c:18:4f:6e:57:e7:0a:20:08:e2:
73:84:97:05:99:6e:75:d2:cd:f0:77:c0:23:5f:34:
09:76:bd:29:63:b5:a7:41:49:08:17:e1:db:80:06:
ec:bf:9e:66:82:6a:89:a2:32:11:46:1c:42:cb:af:
ab:c9:8a:e5:2d:72:86:69:7d:88:fe:95:02:8e:c0:
99:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E6:2C:B4:57:E8:61:4E:65:55:26:B4:4A:4C:74:2D:2C:CF:B0:6A
X509v3 Authority Key Identifier:
keyid:E0:69:1D:BA:FA:3A:8D:E0:70:B0:70:22:DE:9A:DF:74:34:1F:B4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/IOYstFfoYU5lVSa0Skx0LSzPsGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/4Gkduvo6jeBwsHAi3prfdDQftPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.216.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:51:b0:41:c8:88:52:1a:7d:b1:05:0d:d1:be:47:73:f3:b2:
ac:32:61:e4:cd:fa:3a:32:b8:3c:19:cd:69:d2:1f:53:aa:90:
6e:83:74:fd:58:77:97:53:f8:7d:93:73:b5:9b:4c:60:56:f5:
f1:77:ae:e2:93:36:37:ac:fc:9a:57:99:8a:82:97:36:c4:c0:
df:64:16:9b:be:a8:b6:d0:57:65:6e:75:a4:cd:6e:76:18:4b:
46:27:c3:1c:79:9f:13:44:ea:44:ca:29:29:25:b8:e3:8d:7d:
b5:cd:ea:1b:1a:50:25:f3:62:b3:cd:80:55:fd:6d:5c:2d:4a:
a5:c4:e2:fc:9c:ce:8f:73:b8:bf:d6:e1:5c:48:6d:fb:1b:0b:
bf:da:9a:a4:76:af:eb:d7:56:fa:07:17:f6:dc:b5:90:1b:07:
d2:86:56:52:53:9d:26:f4:7e:eb:bf:a2:d9:7f:eb:3c:d4:0d:
f5:7a:06:18:67:b3:50:40:28:74:2d:06:1e:1c:c1:94:fd:c9:
00:b0:2c:67:9a:a2:9f:b5:4f:bc:f2:8c:98:64:81:7b:5d:e2:
4e:ef:04:e2:25:1b:79:b5:2c:86:05:e1:8d:7a:b4:ff:d8:5d:
b3:9d:8e:13:82:e3:53:e0:14:71:26:29:b1:5a:35:09:75:a5:
30:65:9e:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1fJSK2WKtukrfq+7MrK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjkxZGJhZmEzYThkZTA3MGIwNzAyMmRlOWFkZjc0MzQx
ZmI0ZjIwHhcNMjUwMTAxMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGU2MmNiNDU3ZTg2MTRlNjU1NTI2YjQ0YTRjNzQyZDJjY2ZiMDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwy4YKdo4XfKx/kx+QU77TY62Ru5
Jeacfqjjbse7g1X4o+FKAliTRy/ZVwz211XH/gbQSxY1f+2qRvYludHE2xj1NPsF
C1kwux1jOfpmTX3v4vNHZcehorYkyILxbwQxoNcbDtYSt18dTzSyr/HHLhezx6il
lsc3ycdRJc/LXcwIUo8mZlMQHmtXIo23KCMR8a+t0IOExuIPGGMhBdSei7TOz6Ve
P6Zo8tCqv1sEsjVDe4mt7sI3ZCwYT25X5wogCOJzhJcFmW510s3wd8AjXzQJdr0p
Y7WnQUkIF+HbgAbsv55mgmqJojIRRhxCy6+ryYrlLXKGaX2I/pUCjsCZWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDmLLRX6GFOZVUmtEpMdC0sz7BqMB8GA1UdIwQY
MBaAFOBpHbr6Oo3gcLBwIt6a33Q0H7TyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdrZHV2bzZqZUJ3c0hBaTNwcmZkRFFmdFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNzVjN2QtZTViMy00NDJmLWEwODQt
ZmQ0OWViM2YxOWIxLzEvSU9Zc3RGZm9ZVTVsVlNhMFNreDBMU3pQc0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNzVjN2QtZTViMy00NDJmLWEwODQtZmQ0OWViM2YxOWIx
LzEvNEdrZHV2bzZqZUJ3c0hBaTNwcmZkRFFmdFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfYMA0G
CSqGSIb3DQEBCwUAA4IBAQAaUbBByIhSGn2xBQ3Rvkdz87KsMmHkzfo6Mrg8Gc1p
0h9TqpBug3T9WHeXU/h9k3O1m0xgVvXxd67ikzY3rPyaV5mKgpc2xMDfZBabvqi2
0FdlbnWkzW52GEtGJ8MceZ8TROpEyikpJbjjjX21zeobGlAl82KzzYBV/W1cLUql
xOL8nM6Pc7i/1uFcSG37Gwu/2pqkdq/r11b6Bxf23LWQGwfShlZSU50m9H7rv6LZ
f+s81A31egYYZ7NQQCh0LQYeHMGU/ckAsCxnmqKftU+88oyYZIF7XeJO7wTiJRt5
tSyGBeGNerT/2F2znY4TguNT4BRxJimxWjUJdaUwZZ7t
-----END CERTIFICATE-----
Generated at Thu May 8 10:29:15 2025 by rpki-client