Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/r3O7DHpaybIj_SzQN2GhWjElNIE.roa
File: r3O7DHpaybIj_SzQN2GhWjElNIE.roa (raw, json)
Hash identifier: zgJIpA1nn1LiRCyHsi5eZXJItGdG08ljYfABp5yGUXc=
Subject key identifier: AF:73:BB:0C:7A:5A:C9:B2:23:FD:2C:D0:37:61:A1:5A:31:25:34:81
Certificate issuer: /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial: 01938B7E99537F34D08C4EAEFDCD0CD52C61
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/r3O7DHpaybIj_SzQN2GhWjElNIE.roa
Signing time: Tue 03 Dec 2024 07:49:10 +0000
ROA not before: Tue 03 Dec 2024 07:49:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50265
IP address blocks: 85.198.80.0/22 maxlen: 22
89.169.0.0/22 maxlen: 22
89.169.44.0/22 maxlen: 22
91.233.88.0/24 maxlen: 24
193.106.68.0/22 maxlen: 24
2a00:46e0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 10 Dec 2024 14:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:7e:99:53:7f:34:d0:8c:4e:ae:fd:cd:0c:d5:2c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
Validity
Not Before: Dec 3 07:49:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af73bb0c7a5ac9b223fd2cd03761a15a31253481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7c:16:bd:0e:28:3f:31:0f:aa:d9:de:50:ff:
9f:7c:08:b8:04:fd:3d:7f:b0:bf:26:48:93:8e:a6:
a2:7f:83:fd:51:3c:9e:38:81:35:9c:ac:72:02:b7:
12:a6:a1:0e:77:01:22:e8:f1:f4:61:74:6d:97:a9:
8b:37:1c:5d:85:2b:af:48:19:b2:32:a3:7c:ae:ec:
bf:64:38:7b:f0:a3:ed:00:57:b9:f3:7d:f0:a1:f1:
02:f8:00:e0:e3:b1:45:58:ca:3d:c0:f6:dc:90:35:
a6:7f:66:31:df:36:31:a3:be:36:d6:51:9b:d9:b9:
31:93:30:01:18:fb:90:4c:9a:0f:93:99:fe:82:41:
77:b4:5e:e1:15:ba:33:4a:e4:93:3c:b0:55:58:59:
d1:d2:28:e0:0b:89:f8:1a:8f:8c:f3:ee:20:c7:5d:
f0:e7:64:80:64:18:5b:7b:54:7e:19:a2:ad:b3:e4:
eb:8c:ad:62:3f:60:46:56:6d:57:ca:e9:80:a3:8e:
4d:40:fa:1b:b2:6d:8e:3f:37:8b:e2:db:74:25:db:
0e:c7:a6:ea:30:e1:10:f6:5a:91:6d:86:96:dd:dc:
f4:e5:89:85:92:ff:fd:75:38:79:77:d2:26:39:56:
5c:b6:31:d7:2c:bd:84:3a:0d:03:28:15:c3:a7:0d:
5c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:73:BB:0C:7A:5A:C9:B2:23:FD:2C:D0:37:61:A1:5A:31:25:34:81
X509v3 Authority Key Identifier:
keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/r3O7DHpaybIj_SzQN2GhWjElNIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.80.0/22
89.169.0.0/22
89.169.44.0/22
91.233.88.0/24
193.106.68.0/22
IPv6:
2a00:46e0::/32
Signature Algorithm: sha256WithRSAEncryption
ae:8c:b3:a8:5e:dc:c2:b4:ae:11:d8:62:af:5c:20:68:1c:83:
3e:61:a1:21:c5:a8:f8:96:6a:a2:26:97:e3:ab:a6:a6:2d:a7:
e9:67:6b:dc:96:97:27:bb:5f:03:66:69:0d:dd:ac:e2:10:61:
72:44:93:93:91:39:de:0c:99:0b:da:97:81:1a:c0:46:54:4a:
54:b8:1f:c5:37:e4:17:eb:da:4f:3c:ab:66:2d:91:3c:87:06:
15:f4:fd:51:9c:15:8c:68:0d:7f:2d:af:c7:77:e5:11:37:c4:
a3:f3:93:e1:0a:db:78:94:0d:9b:51:96:1a:ac:6e:a4:b7:76:
cc:41:12:ff:94:4d:f7:e1:05:1c:19:8a:43:f9:ce:eb:8c:fa:
0f:91:69:0c:5f:08:6d:2b:76:1a:cf:09:49:5e:e7:05:39:f2:
41:28:27:7b:d5:6e:74:60:22:8b:65:cb:39:f7:11:bd:ad:b4:
74:72:7f:cc:3c:d7:22:74:ea:b3:27:69:39:cd:41:ee:13:45:
8c:32:05:50:5d:12:09:2f:a5:a1:a8:a3:27:b3:45:57:c8:51:
d5:07:01:28:54:77:0c:db:b3:cf:9a:f6:a5:a4:c5:28:4a:67:
51:a6:b9:0c:00:2f:5b:97:bb:9e:5a:53:4d:c2:5f:bf:08:c0:
c0:46:4b:69
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZOLfplTfzTQjE6u/c0M1SxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjQxMjAzMDc0OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjczYmIwYzdhNWFjOWIyMjNmZDJjZDAzNzYxYTE1YTMxMjUzNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXwWvQ4oPzEPqtneUP+ffAi4BP09
f7C/JkiTjqaif4P9UTyeOIE1nKxyArcSpqEOdwEi6PH0YXRtl6mLNxxdhSuvSBmy
MqN8ruy/ZDh78KPtAFe5833wofEC+ADg47FFWMo9wPbckDWmf2Yx3zYxo7421lGb
2bkxkzABGPuQTJoPk5n+gkF3tF7hFbozSuSTPLBVWFnR0ijgC4n4Go+M8+4gx13w
52SAZBhbe1R+GaKts+TrjK1iP2BGVm1XyumAo45NQPobsm2OPzeL4tt0JdsOx6bq
MOEQ9lqRbYaW3dz05YmFkv/9dTh5d9ImOVZctjHXLL2EOg0DKBXDpw1cnQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK9zuwx6WsmyI/0s0DdhoVoxJTSBMB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEvcjNPN0RIcGF5YklqX1N6UU4yR2hXakVsTklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVcZQAwQC
WakAAwQCWaksAwQAW+lYAwQCwWpEMA0EAgACMAcDBQAqAEbgMA0GCSqGSIb3DQEB
CwUAA4IBAQCujLOoXtzCtK4R2GKvXCBoHIM+YaEhxaj4lmqiJpfjq6amLafpZ2vc
lpcnu18DZmkN3aziEGFyRJOTkTneDJkL2peBGsBGVEpUuB/FN+QX69pPPKtmLZE8
hwYV9P1RnBWMaA1/La/Hd+URN8Sj85PhCtt4lA2bUZYarG6kt3bMQRL/lE334QUc
GYpD+c7rjPoPkWkMXwhtK3YazwlJXucFOfJBKCd71W50YCKLZcs59xG9rbR0cn/M
PNcidOqzJ2k5zUHuE0WMMgVQXRIJL6WhqKMns0VXyFHVBwEoVHcM27PPmvalpMUo
SmdRprkMAC9bl7ueWlNNwl+/CMDARktp
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:17 2025 by rpki-client