Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/OqvKtk70EKzhKvtHlUi6MUDS-Eg.roa
File: OqvKtk70EKzhKvtHlUi6MUDS-Eg.roa (raw, json)
Hash identifier: IWgdfnu7W82U0qkOoxne8RXf5KqRa6335Ez/RW+oTRk=
Subject key identifier: 3A:AB:CA:B6:4E:F4:10:AC:E1:2A:FB:47:95:48:BA:31:40:D2:F8:48
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 01958F6DC29DF2D30C0C746380A578989D91
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/OqvKtk70EKzhKvtHlUi6MUDS-Eg.roa
Signing time: Thu 13 Mar 2025 12:14:49 +0000
ROA not before: Thu 13 Mar 2025 12:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199478
IP address blocks: 213.170.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 15:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:6d:c2:9d:f2:d3:0c:0c:74:63:80:a5:78:98:9d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 13 12:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aabcab64ef410ace12afb479548ba3140d2f848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6f:16:a4:8e:c8:dd:7a:5d:8a:92:45:25:9f:
c3:c6:86:35:37:1f:38:93:2b:70:1f:11:b3:8f:31:
57:1e:50:ca:7b:24:4b:0d:3a:92:e1:78:bf:a3:5b:
51:24:36:26:5f:47:9e:3e:05:ae:e4:69:86:fb:b9:
86:a7:67:c2:13:46:3b:2b:d5:6e:4d:b5:d1:4e:31:
ea:dd:7a:72:e4:a4:93:d3:76:64:8a:17:b6:02:85:
ab:2c:6c:4c:b3:7d:eb:24:d0:12:1f:59:e6:c2:f4:
ab:c5:52:c1:e0:39:a4:c4:c3:92:a8:29:43:c3:04:
20:85:04:79:8d:f4:63:0f:11:8c:9f:56:fc:6e:06:
69:93:bc:4b:5e:dc:93:7f:82:36:d6:d3:5c:53:b4:
1b:01:20:93:ab:97:e5:13:10:7f:fc:99:aa:92:0c:
f0:de:ef:e6:a0:b4:43:e2:1d:71:1c:bf:20:ce:35:
d9:b6:7b:aa:31:11:84:f1:c1:af:34:99:d8:16:73:
02:6d:dd:3f:9e:4d:35:e0:6f:fd:ac:6a:76:80:fb:
05:c6:dd:74:f6:8f:dc:7a:b1:49:e2:03:0d:f9:eb:
df:c4:ee:d5:fe:a1:fb:6d:f0:44:98:92:b3:99:c9:
e3:1e:18:53:51:1c:b2:ae:81:98:84:b2:c6:b0:96:
9f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AB:CA:B6:4E:F4:10:AC:E1:2A:FB:47:95:48:BA:31:40:D2:F8:48
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/OqvKtk70EKzhKvtHlUi6MUDS-Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.170.248.0/24
Signature Algorithm: sha256WithRSAEncryption
83:92:93:62:ad:b8:3d:25:25:75:08:a4:52:91:cc:0e:e1:ef:
d0:00:db:d0:53:00:ab:85:f3:ad:d9:3d:e9:82:9e:b9:0d:f5:
7b:d8:09:62:a6:95:26:4c:8e:a0:63:f4:bd:27:ea:6c:88:da:
b9:a7:8c:e1:77:d8:cd:97:6b:12:4c:3f:f0:50:c5:08:15:0e:
ae:33:51:ec:7f:d0:05:06:55:14:47:df:91:b5:90:21:1b:aa:
8f:88:fb:9a:b2:3f:8b:22:43:f6:8c:7b:6d:8d:54:8d:20:78:
05:79:64:ad:67:3d:e2:46:0f:64:c4:70:83:14:a0:fc:67:75:
ef:4b:e0:ee:51:e5:64:7b:e2:73:a1:80:b4:34:84:4b:93:24:
2a:f6:2f:1e:ef:f1:da:f2:4e:07:98:6a:ce:b8:af:d6:09:e3:
d2:4f:70:75:5f:1a:e9:ca:a7:f7:a8:51:96:18:98:9e:93:a7:
b1:93:4d:e6:f0:e2:3d:e3:7f:16:b0:81:9c:60:6b:b2:5a:9d:
56:10:ba:c0:f0:f4:5c:46:3c:b2:6d:b8:fd:0d:c4:d1:e8:22:
35:39:e9:6a:df:74:ce:b4:d7:7a:77:d7:f3:d0:30:f2:82:be:
0c:55:e1:c1:4b:74:43:93:56:22:1a:e4:c9:b6:3a:38:db:39:
12:b5:a0:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWPbcKd8tMMDHRjgKV4mJ2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMzEzMTIxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWFiY2FiNjRlZjQxMGFjZTEyYWZiNDc5NTQ4YmEzMTQwZDJmODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwm8WpI7I3XpdipJFJZ/DxoY1Nx84
kytwHxGzjzFXHlDKeyRLDTqS4Xi/o1tRJDYmX0eePgWu5GmG+7mGp2fCE0Y7K9Vu
TbXRTjHq3Xpy5KST03Zkihe2AoWrLGxMs33rJNASH1nmwvSrxVLB4DmkxMOSqClD
wwQghQR5jfRjDxGMn1b8bgZpk7xLXtyTf4I21tNcU7QbASCTq5flExB//Jmqkgzw
3u/moLRD4h1xHL8gzjXZtnuqMRGE8cGvNJnYFnMCbd0/nk014G/9rGp2gPsFxt10
9o/cerFJ4gMN+evfxO7V/qH7bfBEmJKzmcnjHhhTURyyroGYhLLGsJaf8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqryrZO9BCs4Sr7R5VIujFA0vhIMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvT3F2S3RrNzBFS3poS3Z0SGxVaTZNVURTLUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ar4MA0G
CSqGSIb3DQEBCwUAA4IBAQCDkpNirbg9JSV1CKRSkcwO4e/QANvQUwCrhfOt2T3p
gp65DfV72AlippUmTI6gY/S9J+psiNq5p4zhd9jNl2sSTD/wUMUIFQ6uM1Hsf9AF
BlUUR9+RtZAhG6qPiPuasj+LIkP2jHttjVSNIHgFeWStZz3iRg9kxHCDFKD8Z3Xv
S+DuUeVke+JzoYC0NIRLkyQq9i8e7/Ha8k4HmGrOuK/WCePST3B1Xxrpyqf3qFGW
GJiek6exk03m8OI9438WsIGcYGuyWp1WELrA8PRcRjyybbj9DcTR6CI1Oelq33TO
tNd6d9fz0DDygr4MVeHBS3RDk1YiGuTJtjo42zkStaCH
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:22:27 2025 by rpki-client