Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/iiolaZ7PKzC6hXTal9tjGKNZ554.roa
File: iiolaZ7PKzC6hXTal9tjGKNZ554.roa (raw, json)
Hash identifier: pbqkhdE0RTE2nbk5RCmWQWB7cG3tD8vsIfVkDmJFoog=
Subject key identifier: 8A:2A:25:69:9E:CF:2B:30:BA:85:74:DA:97:DB:63:18:A3:59:E7:9E
Certificate issuer: /CN=dafef97ca010bad4ff59ef7d2b6bc9077860aab2
Certificate serial: 019547945C4A073CEBA613000F16FAE1A3BF
Authority key identifier: DA:FE:F9:7C:A0:10:BA:D4:FF:59:EF:7D:2B:6B:C9:07:78:60:AA:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2v75fKAQutT_We99K2vJB3hgqrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/iiolaZ7PKzC6hXTal9tjGKNZ554.roa
Signing time: Thu 27 Feb 2025 13:24:20 +0000
ROA not before: Thu 27 Feb 2025 13:24:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201078
IP address blocks: 82.163.160.0/22 maxlen: 22
85.194.233.0/24 maxlen: 24
185.85.4.0/22 maxlen: 22
185.158.60.0/22 maxlen: 22
185.201.104.0/22 maxlen: 22
2a05:a900::/29 maxlen: 32
2a05:a900::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Feb 2025 14:46:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:94:5c:4a:07:3c:eb:a6:13:00:0f:16:fa:e1:a3:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafef97ca010bad4ff59ef7d2b6bc9077860aab2
Validity
Not Before: Feb 27 13:24:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a2a25699ecf2b30ba8574da97db6318a359e79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f2:ca:b2:c8:98:e4:5c:e6:2d:0f:6d:5c:e8:
40:e8:68:81:30:c8:51:23:40:a7:d7:2a:ea:e3:5a:
ac:8f:17:eb:be:a7:bc:10:b6:53:49:a8:2f:75:cc:
40:94:61:ef:7e:a3:e0:f9:ce:0d:4c:a0:f7:78:7a:
5d:87:b0:59:63:e8:ca:17:69:0e:16:4a:04:fe:84:
a7:69:79:84:73:33:0d:1a:cf:a9:da:c1:9b:49:2b:
49:93:75:b7:6b:ff:03:ab:8d:9e:6e:82:1e:ae:f1:
4c:36:da:63:58:e9:17:85:92:97:3c:45:c0:df:cd:
42:36:33:de:36:36:96:44:ba:38:08:8e:9b:43:eb:
3b:bd:06:9d:e4:f0:78:a0:ac:00:e2:c6:31:47:8c:
65:4e:b1:43:03:8d:8f:54:4d:f3:64:bb:ba:6f:65:
32:dc:0a:9b:94:e5:47:7c:56:78:8b:e4:c7:2d:cb:
c6:21:f2:e0:5d:7a:c3:b7:4c:b3:66:72:52:c2:4d:
20:41:b8:f8:b7:e7:ab:ea:b4:d5:ef:71:3c:06:61:
e8:f1:7f:5b:7f:72:f1:9b:e9:4a:a1:1d:86:de:27:
18:3f:b3:a0:21:59:63:a9:4f:2b:e6:4f:7a:4f:5a:
b2:8e:97:af:77:1e:64:9e:35:0b:b1:ce:92:38:d1:
41:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2A:25:69:9E:CF:2B:30:BA:85:74:DA:97:DB:63:18:A3:59:E7:9E
X509v3 Authority Key Identifier:
keyid:DA:FE:F9:7C:A0:10:BA:D4:FF:59:EF:7D:2B:6B:C9:07:78:60:AA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2v75fKAQutT_We99K2vJB3hgqrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/iiolaZ7PKzC6hXTal9tjGKNZ554.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2921e6-81c6-4447-9d78-bfa94eb1aa02/1/2v75fKAQutT_We99K2vJB3hgqrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.160.0/22
85.194.233.0/24
185.85.4.0/22
185.158.60.0/22
185.201.104.0/22
IPv6:
2a05:a900::/29
Signature Algorithm: sha256WithRSAEncryption
56:e7:c6:2d:85:bc:14:62:45:60:ef:d4:ce:2b:d7:8d:ee:6b:
77:0d:a5:62:ca:a4:4c:59:66:11:85:31:da:3e:0b:d8:8b:cc:
c9:1f:0a:b6:16:7e:1b:e2:b4:2c:d1:ce:e0:15:bc:22:4a:a1:
e4:34:91:76:9c:35:14:4d:82:40:35:74:6b:ab:f5:2a:dc:cb:
3e:20:49:00:ef:25:c9:1a:07:76:aa:47:22:09:56:c1:c3:99:
55:c0:a5:57:9b:d2:9f:b3:77:56:0d:69:65:e5:34:05:07:5e:
48:aa:87:c9:dd:6e:37:0c:6e:e6:70:88:01:6e:23:e9:9e:c6:
3a:96:a4:81:03:a0:a5:d1:a8:29:68:fc:47:3c:74:8a:0c:2b:
0c:49:65:1d:56:8a:a5:15:ba:28:57:2e:6e:ad:9f:33:a1:6f:
8b:b2:49:40:ce:79:b0:35:3e:f6:af:c5:74:0f:bb:2e:07:e2:
a9:50:5e:06:90:bd:65:16:be:6d:f3:a1:e5:ac:66:ec:98:84:
ea:f2:be:9f:21:69:93:97:e9:93:7c:48:5c:30:6b:62:80:4a:
b3:5a:3b:05:69:5f:b7:f7:7e:4b:bb:84:91:d4:48:9b:50:15:
b9:90:e5:1f:9f:a6:e5:94:15:58:be:98:b5:1f:99:ba:10:8d:
69:6a:2b:7b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZVHlFxKBzzrphMADxb64aO/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmVmOTdjYTAxMGJhZDRmZjU5ZWY3ZDJiNmJjOTA3Nzg2
MGFhYjIwHhcNMjUwMjI3MTMyNDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJhMjU2OTllY2YyYjMwYmE4NTc0ZGE5N2RiNjMxOGEzNTllNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvLKssiY5FzmLQ9tXOhA6GiBMMhR
I0Cn1yrq41qsjxfrvqe8ELZTSagvdcxAlGHvfqPg+c4NTKD3eHpdh7BZY+jKF2kO
FkoE/oSnaXmEczMNGs+p2sGbSStJk3W3a/8Dq42eboIervFMNtpjWOkXhZKXPEXA
381CNjPeNjaWRLo4CI6bQ+s7vQad5PB4oKwA4sYxR4xlTrFDA42PVE3zZLu6b2Uy
3AqblOVHfFZ4i+THLcvGIfLgXXrDt0yzZnJSwk0gQbj4t+er6rTV73E8BmHo8X9b
f3Lxm+lKoR2G3icYP7OgIVljqU8r5k96T1qyjpevdx5knjULsc6SONFB5QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIoqJWmezyswuoV02pfbYxijWeeeMB8GA1UdIwQY
MBaAFNr++XygELrU/1nvfStryQd4YKqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnY3NWZLQVF1dFRfV2U5OUsydkpCM2hncXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yOTIxZTYtODFjNi00NDQ3LTlkNzgt
YmZhOTRlYjFhYTAyLzEvaWlvbGFaN1BLekM2aFhUYWw5dGpHS05aNTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yOTIxZTYtODFjNi00NDQ3LTlkNzgtYmZhOTRlYjFhYTAy
LzEvMnY3NWZLQVF1dFRfV2U5OUsydkpCM2hncXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCUqOgAwQA
VcLpAwQCuVUEAwQCuZ48AwQCucloMA0EAgACMAcDBQMqBakAMA0GCSqGSIb3DQEB
CwUAA4IBAQBW58YthbwUYkVg79TOK9eN7mt3DaViyqRMWWYRhTHaPgvYi8zJHwq2
Fn4b4rQs0c7gFbwiSqHkNJF2nDUUTYJANXRrq/Uq3Ms+IEkA7yXJGgd2qkciCVbB
w5lVwKVXm9Kfs3dWDWll5TQFB15IqofJ3W43DG7mcIgBbiPpnsY6lqSBA6Cl0agp
aPxHPHSKDCsMSWUdVoqlFbooVy5urZ8zoW+LsklAznmwNT72r8V0D7suB+KpUF4G
kL1lFr5t86HlrGbsmITq8r6fIWmTl+mTfEhcMGtigEqzWjsFaV+3935Lu4SR1Eib
UBW5kOUfn6bllBVYvpi1H5m6EI1pait7
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:17:52 2025 by rpki-client