Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/3o8q902jUhV-QKzxc98e7aKiazw.roa
File: 3o8q902jUhV-QKzxc98e7aKiazw.roa (raw, json)
Hash identifier: Y44m/4HYZ15PKLj0v82ZWTcV2YL3W/mWx1Bl9w7oEIs=
Subject key identifier: DE:8F:2A:F7:4D:A3:52:15:7E:40:AC:F1:73:DF:1E:ED:A2:A2:6B:3C
Certificate issuer: /CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Certificate serial: 019421B25907644506982E6DC2ED0CF899D7
Authority key identifier: EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/3o8q902jUhV-QKzxc98e7aKiazw.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213291
IP address blocks: 195.242.7.0/24 maxlen: 24
195.242.8.0/21 maxlen: 24
195.242.16.0/20 maxlen: 24
2a13:5947::/40 maxlen: 48
2a13:5947:130::/48 maxlen: 48
2a13:5947:150::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Feb 2025 11:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:59:07:64:45:06:98:2e:6d:c2:ed:0c:f8:99:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de8f2af74da352157e40acf173df1eeda2a26b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1f:ea:ad:9e:82:eb:92:ea:e2:c4:f8:3e:63:
69:03:fb:90:65:fb:13:81:dd:7d:4f:e9:a8:5d:bb:
00:4e:d3:83:d1:09:0a:6d:b3:1e:60:59:fe:53:8c:
f3:cc:8e:fd:65:74:99:99:5c:49:9d:3d:9d:c8:f6:
fa:a6:7b:ad:37:43:f0:e2:fe:e3:c6:69:b1:40:de:
95:82:a4:2f:4f:86:ef:91:00:6c:33:71:de:ab:b4:
9a:5e:19:02:44:82:e1:23:59:67:27:fe:b9:02:1f:
a9:94:ba:1d:a8:44:9b:5d:ec:a4:ac:7c:6f:d8:68:
f7:f7:15:99:b8:77:85:d3:32:b5:e6:29:4a:65:b7:
22:14:cf:44:ff:60:42:cc:51:94:38:f5:ee:26:96:
33:04:fc:68:58:ea:28:48:0b:ca:d0:90:8e:a9:1e:
9b:13:74:6f:98:36:0f:56:59:82:6b:a4:ac:77:fa:
c2:13:4f:e3:45:33:94:30:1b:45:ce:ec:9f:3b:79:
5b:70:2a:e8:92:81:8d:c3:18:0b:ee:db:c9:89:03:
7d:35:0e:0a:79:25:79:8c:00:8b:07:95:aa:df:89:
cc:be:a5:29:c5:29:7b:e4:95:ce:11:90:a6:3b:1b:
c7:83:cf:2a:54:0b:e9:38:68:8a:6c:d7:e7:67:7a:
bb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8F:2A:F7:4D:A3:52:15:7E:40:AC:F1:73:DF:1E:ED:A2:A2:6B:3C
X509v3 Authority Key Identifier:
keyid:EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/3o8q902jUhV-QKzxc98e7aKiazw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/6uJlMXnK_l_2ZRxgWLZ60tLISF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.7.0-195.242.31.255
IPv6:
2a13:5947::/40
2a13:5947:130::/48
2a13:5947:150::/48
Signature Algorithm: sha256WithRSAEncryption
9b:10:3a:6a:0f:6d:d1:d2:68:4e:fa:15:2b:d8:fb:8d:ab:33:
da:0f:3c:53:68:f2:e9:83:4d:a1:07:4e:63:28:1d:03:a2:6c:
2a:b6:34:3f:a7:25:e7:5c:c6:7d:a7:5e:64:b1:da:ef:b6:57:
b8:09:5f:51:86:ff:5e:41:87:f2:c9:16:16:02:49:34:17:8f:
7a:c5:7a:48:fc:c5:74:5a:99:81:b1:cd:5f:88:e8:3d:b2:fd:
65:9c:48:ab:4d:86:62:e0:d7:20:9c:13:50:bd:85:5f:0c:15:
fe:71:cd:93:1d:18:c9:c4:e0:b1:8c:93:2a:46:64:8e:4c:87:
64:fd:f9:cb:a6:a9:ce:d9:08:95:0b:e9:b4:20:af:ad:48:49:
01:32:72:c3:34:48:67:0c:bf:9f:03:96:89:ab:20:c2:5f:ab:
9b:af:05:7a:ba:fb:00:4b:61:67:ae:49:b0:d3:9e:e9:ad:7c:
6b:57:65:20:b3:3e:2b:4f:ba:d2:66:8d:e9:74:98:b6:3b:01:
8d:18:8a:38:ae:59:95:ad:e6:69:84:94:ad:d5:4f:b6:38:27:
0a:ba:f4:11:99:02:24:81:6e:f1:75:7c:d3:2c:11:70:f0:18:
0b:05:ba:bd:3f:9f:84:2f:b4:61:a2:60:82:44:de:e9:5f:12:
d0:ec:db:e8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQhslkHZEUGmC5twu0M+JnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZTI2NTMxNzljYWZlNWZmNjY1MWM2MDU4YjY3YWQyZDJj
ODQ4NWUwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThmMmFmNzRkYTM1MjE1N2U0MGFjZjE3M2RmMWVlZGEyYTI2YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5R/qrZ6C65Lq4sT4PmNpA/uQZfsT
gd19T+moXbsATtOD0QkKbbMeYFn+U4zzzI79ZXSZmVxJnT2dyPb6pnutN0Pw4v7j
xmmxQN6VgqQvT4bvkQBsM3Heq7SaXhkCRILhI1lnJ/65Ah+plLodqESbXeykrHxv
2Gj39xWZuHeF0zK15ilKZbciFM9E/2BCzFGUOPXuJpYzBPxoWOooSAvK0JCOqR6b
E3RvmDYPVlmCa6Ssd/rCE0/jRTOUMBtFzuyfO3lbcCrokoGNwxgL7tvJiQN9NQ4K
eSV5jACLB5Wq34nMvqUpxSl75JXOEZCmOxvHg88qVAvpOGiKbNfnZ3q7qwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN6PKvdNo1IVfkCs8XPfHu2ioms8MB8GA1UdIwQY
MBaAFOriZTF5yv5f9mUcYFi2etLSyEheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTkt
OTkyZDc5N2Y0YmJiLzEvM284cTkwMmpVaFYtUUt6eGM5OGU3YUtpYXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTktOTkyZDc5N2Y0YmJi
LzEvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAUBAIAATAOMAwDBADD8gcD
BAXD8gAwIAQCAAIwGgMGACoTWUcAAwcAKhNZRwEwAwcAKhNZRwFQMA0GCSqGSIb3
DQEBCwUAA4IBAQCbEDpqD23R0mhO+hUr2PuNqzPaDzxTaPLpg02hB05jKB0Domwq
tjQ/pyXnXMZ9p15ksdrvtle4CV9Rhv9eQYfyyRYWAkk0F496xXpI/MV0WpmBsc1f
iOg9sv1lnEirTYZi4NcgnBNQvYVfDBX+cc2THRjJxOCxjJMqRmSOTIdk/fnLpqnO
2QiVC+m0IK+tSEkBMnLDNEhnDL+fA5aJqyDCX6ubrwV6uvsAS2Fnrkmw057prXxr
V2Ugsz4rT7rSZo3pdJi2OwGNGIo4rlmVreZphJSt1U+2OCcKuvQRmQIkgW7xdXzT
LBFw8BgLBbq9P5+EL7RhomCCRN7pXxLQ7Nvo
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:57:49 2025 by rpki-client