Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ECIYQrag7221hfl7FVJZA6yZriU.roa
File: ECIYQrag7221hfl7FVJZA6yZriU.roa (raw, json)
Hash identifier: T+Xm9GgYNdU8GoOdpzUYWa7VsErm+HJw2UHWMmSNPBI=
Subject key identifier: 10:22:18:42:B6:A0:EF:6D:B5:85:F9:7B:15:52:59:03:AC:99:AE:25
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0195D7A0D2DAE240A398D92F44C5A671CF07
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ECIYQrag7221hfl7FVJZA6yZriU.roa
Signing time: Thu 27 Mar 2025 12:43:15 +0000
ROA not before: Thu 27 Mar 2025 12:43:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214172
IP address blocks: 194.87.119.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Mar 2025 11:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:a0:d2:da:e2:40:a3:98:d9:2f:44:c5:a6:71:cf:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 27 12:43:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10221842b6a0ef6db585f97b15525903ac99ae25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:76:a5:ce:3d:8a:0c:e5:55:d5:41:06:5c:d2:
b7:66:50:e4:aa:cd:9c:b2:c2:06:26:98:c7:2e:1e:
ea:af:f0:7f:4a:b9:31:fd:84:ce:c8:57:1c:d8:f2:
a9:cc:38:45:b3:9a:4f:43:9b:62:84:83:3f:6f:49:
05:56:d2:58:e8:e7:50:90:e8:e4:77:40:5f:32:1c:
e1:bc:81:0a:4f:5d:34:50:5a:5f:8d:fb:fc:46:d5:
c7:d0:7c:60:96:be:68:70:e8:e4:f6:ca:ed:07:09:
74:a2:2f:f8:60:2f:9e:44:ec:fd:cc:f1:45:bd:a5:
6a:90:2d:a7:b5:2f:67:a7:d0:a7:73:a4:6e:a8:f8:
0e:19:92:61:33:05:3e:c1:db:55:fb:14:47:f3:b0:
fd:32:18:31:b7:fe:36:12:0e:d3:ee:09:db:d2:a7:
e0:45:f3:16:b7:1d:94:1e:48:25:5e:ca:dd:02:13:
ef:de:d0:e9:87:7d:b0:35:42:03:e1:36:47:37:91:
02:8d:7c:6a:5e:18:55:4f:ba:5a:7c:0a:06:66:62:
09:9a:44:2a:a8:b6:d2:d7:7c:42:62:72:ac:c8:7a:
14:75:73:07:54:9d:6a:ea:a6:0f:2c:e9:db:9f:71:
5a:4c:f0:e5:36:b2:f1:1f:4a:1b:aa:55:b5:96:47:
3e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:22:18:42:B6:A0:EF:6D:B5:85:F9:7B:15:52:59:03:AC:99:AE:25
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ECIYQrag7221hfl7FVJZA6yZriU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.119.0/24
194.87.168.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:50:22:04:df:55:e4:8f:0c:3f:46:28:27:55:29:8b:92:dd:
89:17:78:4a:8c:17:6f:76:97:68:74:9e:05:39:20:1d:15:2b:
cf:49:7e:00:6b:18:e5:b1:80:84:9d:4d:38:c3:96:b6:fa:a4:
5a:dd:b1:12:34:01:06:78:73:74:a6:12:32:7d:52:09:90:1e:
96:0d:7e:f8:f7:64:e6:b5:96:ce:9a:99:44:37:66:70:f6:40:
2b:6e:8a:5b:ab:76:cc:65:64:7b:c8:20:46:59:a1:5d:d8:98:
44:15:4a:fc:70:88:9f:fa:40:da:1c:a2:48:03:46:96:ff:34:
d7:eb:53:fd:b3:58:4b:1e:70:13:7d:20:dd:35:2c:72:11:a4:
64:dc:4c:3f:d4:7b:29:35:bb:33:17:03:d6:14:ad:64:92:d1:
7c:d7:4f:3f:54:44:b0:10:7e:62:0c:9a:32:82:aa:26:4a:4f:
9c:e8:ca:95:c6:79:99:d7:6c:d4:97:18:80:28:9f:84:75:7b:
ae:b9:c3:84:3f:8d:e6:9f:6b:74:94:cc:01:42:b9:73:5c:17:
c7:05:70:ad:fa:4e:cf:bd:f5:c4:90:9c:1e:a7:db:b8:8d:61:
f5:73:67:12:b9:50:e3:1d:34:46:97:07:43:42:85:ac:ba:49:
d8:0e:5f:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXXoNLa4kCjmNkvRMWmcc8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzI3MTI0MzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDIyMTg0MmI2YTBlZjZkYjU4NWY5N2IxNTUyNTkwM2FjOTlhZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Xalzj2KDOVV1UEGXNK3ZlDkqs2c
ssIGJpjHLh7qr/B/Srkx/YTOyFcc2PKpzDhFs5pPQ5tihIM/b0kFVtJY6OdQkOjk
d0BfMhzhvIEKT100UFpfjfv8RtXH0Hxglr5ocOjk9srtBwl0oi/4YC+eROz9zPFF
vaVqkC2ntS9np9Cnc6RuqPgOGZJhMwU+wdtV+xRH87D9Mhgxt/42Eg7T7gnb0qfg
RfMWtx2UHkglXsrdAhPv3tDph32wNUID4TZHN5ECjXxqXhhVT7pafAoGZmIJmkQq
qLbS13xCYnKsyHoUdXMHVJ1q6qYPLOnbn3FaTPDlNrLxH0obqlW1lkc+ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBAiGEK2oO9ttYX5exVSWQOsma4lMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRUNJWVFyYWc3MjIxaGZsN0ZWSlpBNnlacmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwld3AwQA
wleoMA0GCSqGSIb3DQEBCwUAA4IBAQBtUCIE31Xkjww/RignVSmLkt2JF3hKjBdv
dpdodJ4FOSAdFSvPSX4AaxjlsYCEnU04w5a2+qRa3bESNAEGeHN0phIyfVIJkB6W
DX7492TmtZbOmplEN2Zw9kArbopbq3bMZWR7yCBGWaFd2JhEFUr8cIif+kDaHKJI
A0aW/zTX61P9s1hLHnATfSDdNSxyEaRk3Ew/1HspNbszFwPWFK1kktF8108/VESw
EH5iDJoygqomSk+c6MqVxnmZ12zUlxiAKJ+EdXuuucOEP43mn2t0lMwBQrlzXBfH
BXCt+k7PvfXEkJwep9u4jWH1c2cSuVDjHTRGlwdDQoWsuknYDl+2
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:41:32 2025 by rpki-client