Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/4Ks_KCIahagzADkAAZPVoRXTQrQ.roa
File: 4Ks_KCIahagzADkAAZPVoRXTQrQ.roa (raw, json)
Hash identifier: G1CeWwBVfjb/mDpJUnuSF/xhIgnDc7OCLTRULrneLDs=
Subject key identifier: E0:AB:3F:28:22:1A:85:A8:33:00:39:00:01:93:D5:A1:15:D3:42:B4
Certificate issuer: /CN=117a04a927019c3ce2d0c9db3a314977a0a7b35c
Certificate serial: 01936E3D952CAFCBC571C54B68A1B29BD66D
Authority key identifier: 11:7A:04:A9:27:01:9C:3C:E2:D0:C9:DB:3A:31:49:77:A0:A7:B3:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EXoEqScBnDzi0MnbOjFJd6Cns1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/4Ks_KCIahagzADkAAZPVoRXTQrQ.roa
Signing time: Wed 27 Nov 2024 15:29:09 +0000
ROA not before: Wed 27 Nov 2024 15:29:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211298
IP address blocks: 87.236.176.0/24 maxlen: 24
185.247.137.0/24 maxlen: 24
193.163.125.0/24 maxlen: 24
2a06:4880::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 05 Dec 2024 18:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:3d:95:2c:af:cb:c5:71:c5:4b:68:a1:b2:9b:d6:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117a04a927019c3ce2d0c9db3a314977a0a7b35c
Validity
Not Before: Nov 27 15:29:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0ab3f28221a85a8330039000193d5a115d342b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:20:f2:65:09:1e:d4:bf:b1:25:c8:01:51:
d7:60:56:9c:29:d2:c1:86:ca:42:a9:32:9b:5e:21:
96:b6:bf:96:0c:78:bc:b9:11:b8:13:ed:10:56:89:
3c:b3:85:1d:18:eb:5f:67:10:e7:f2:cf:cb:50:e6:
88:33:3c:18:c9:f6:b3:fc:b1:09:af:8a:36:db:b7:
01:a4:d5:4f:b6:50:06:a6:13:36:47:b3:21:db:7c:
2d:7a:d5:8b:90:07:a0:bf:23:37:6a:4e:6b:33:5e:
6b:48:fb:b4:87:04:e7:32:db:ff:06:3c:18:f5:5f:
f0:0c:09:72:17:85:f0:a2:2e:c5:da:44:34:23:d6:
7a:29:78:cd:a8:ec:35:90:42:f4:8d:08:84:d1:7c:
d7:14:c2:fb:4b:17:e4:30:83:4b:df:f2:3e:19:f2:
bb:44:4b:f0:5b:43:08:bd:64:9d:dd:95:02:8d:de:
ed:52:09:88:9e:0c:46:a8:16:6d:b4:fd:7d:e3:96:
c3:05:fc:49:94:6d:a5:c3:74:e2:a7:62:7f:1a:17:
d3:e4:7d:07:1e:92:ac:ba:f9:28:d8:2b:c6:bd:86:
cd:eb:d0:9d:ad:c5:6b:c2:ef:1f:33:ac:ca:30:ca:
d0:f3:db:86:2f:83:69:ab:ea:9c:19:0e:ca:9e:fc:
69:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AB:3F:28:22:1A:85:A8:33:00:39:00:01:93:D5:A1:15:D3:42:B4
X509v3 Authority Key Identifier:
keyid:11:7A:04:A9:27:01:9C:3C:E2:D0:C9:DB:3A:31:49:77:A0:A7:B3:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EXoEqScBnDzi0MnbOjFJd6Cns1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/4Ks_KCIahagzADkAAZPVoRXTQrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9de98e-17b4-47ff-a9c9-11c3009f44df/1/EXoEqScBnDzi0MnbOjFJd6Cns1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.176.0/24
185.247.137.0/24
193.163.125.0/24
IPv6:
2a06:4880::/32
Signature Algorithm: sha256WithRSAEncryption
7b:6b:2a:fe:5d:d8:aa:ef:fd:c8:43:9f:4f:0a:fd:73:5a:12:
e9:ce:be:3a:94:0d:4c:9f:c3:a7:84:07:22:70:12:42:e8:19:
7e:31:f7:c2:5c:ef:24:59:90:8c:ee:c8:94:2d:82:7a:ac:9a:
c9:8f:36:78:1e:27:43:3f:b1:5d:00:aa:97:43:a3:84:56:48:
8a:c9:fa:73:13:61:b0:d1:a9:09:99:af:c4:bb:b3:8d:cc:50:
20:28:c3:18:b5:3e:d4:d3:5a:a9:e8:0b:c1:af:e6:13:c4:f3:
08:1f:8f:0f:22:d8:85:5c:34:5b:77:89:72:c4:be:a6:d0:3a:
ba:4b:b1:71:06:23:59:d6:24:f4:a8:bc:20:06:fb:6a:11:33:
dd:e8:40:e2:60:7a:6b:61:a9:02:52:fe:ac:8b:a1:62:fe:db:
30:7f:0e:97:c1:8f:bd:7f:2f:f8:83:4c:60:9d:8c:a0:71:11:
dd:b8:40:44:a0:6a:6b:c4:33:f0:ea:9f:4b:02:64:21:58:f8:
c8:84:ba:16:d9:33:51:a1:eb:da:c2:f1:86:19:cb:2b:03:1e:
7a:0a:62:4c:82:cd:a9:9b:22:01:6d:9a:9c:dc:38:8b:98:e4:
05:4a:e1:fc:35:26:b2:51:3b:f7:52:30:c1:c6:e2:27:8f:c8:
69:f8:e1:2a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZNuPZUsr8vFccVLaKGym9ZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2EwNGE5MjcwMTljM2NlMmQwYzlkYjNhMzE0OTc3YTBh
N2IzNWMwHhcNMjQxMTI3MTUyOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGFiM2YyODIyMWE4NWE4MzMwMDM5MDAwMTkzZDVhMTE1ZDM0MmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywQg8mUJHtS/sSXIAVHXYFacKdLB
hspCqTKbXiGWtr+WDHi8uRG4E+0QVok8s4UdGOtfZxDn8s/LUOaIMzwYyfaz/LEJ
r4o227cBpNVPtlAGphM2R7Mh23wtetWLkAegvyM3ak5rM15rSPu0hwTnMtv/BjwY
9V/wDAlyF4Xwoi7F2kQ0I9Z6KXjNqOw1kEL0jQiE0XzXFML7SxfkMINL3/I+GfK7
REvwW0MIvWSd3ZUCjd7tUgmIngxGqBZttP1945bDBfxJlG2lw3Tip2J/GhfT5H0H
HpKsuvko2CvGvYbN69CdrcVrwu8fM6zKMMrQ89uGL4Npq+qcGQ7KnvxpbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOCrPygiGoWoMwA5AAGT1aEV00K0MB8GA1UdIwQY
MBaAFBF6BKknAZw84tDJ2zoxSXegp7NcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVhvRXFTY0JuRHppME1uYk9qRkpkNkNuczF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85ZGU5OGUtMTdiNC00N2ZmLWE5Yzkt
MTFjMzAwOWY0NGRmLzEvNEtzX0tDSWFoYWd6QURrQUFaUFZvUlhUUXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85ZGU5OGUtMTdiNC00N2ZmLWE5YzktMTFjMzAwOWY0NGRm
LzEvRVhvRXFTY0JuRHppME1uYk9qRkpkNkNuczF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAV+ywAwQA
ufeJAwQAwaN9MA0EAgACMAcDBQAqBkiAMA0GCSqGSIb3DQEBCwUAA4IBAQB7ayr+
Xdiq7/3IQ59PCv1zWhLpzr46lA1Mn8OnhAcicBJC6Bl+MffCXO8kWZCM7siULYJ6
rJrJjzZ4HidDP7FdAKqXQ6OEVkiKyfpzE2Gw0akJma/Eu7ONzFAgKMMYtT7U01qp
6AvBr+YTxPMIH48PItiFXDRbd4lyxL6m0Dq6S7FxBiNZ1iT0qLwgBvtqETPd6EDi
YHprYakCUv6si6Fi/tswfw6XwY+9fy/4g0xgnYygcRHduEBEoGprxDPw6p9LAmQh
WPjIhLoW2TNRoevawvGGGcsrAx56CmJMgs2pmyIBbZqc3DiLmOQFSuH8NSayUTv3
UjDBxuInj8hp+OEq
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:28:50 2025 by rpki-client