Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/igFfNIotV5zwibbYRjtuUa0eDmc.roa
File: igFfNIotV5zwibbYRjtuUa0eDmc.roa (raw, json)
Hash identifier: 8LqYy32iMycNvIQwRFXjUTZ/hRBHJ+SB7kbAvRCR5lc=
Subject key identifier: 8A:01:5F:34:8A:2D:57:9C:F0:89:B6:D8:46:3B:6E:51:AD:1E:0E:67
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01943BEE48840EEF294A5ED74B35479B4A59
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/igFfNIotV5zwibbYRjtuUa0eDmc.roa
Signing time: Mon 06 Jan 2025 14:04:19 +0000
ROA not before: Mon 06 Jan 2025 14:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 193.124.227.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 21:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:ee:48:84:0e:ef:29:4a:5e:d7:4b:35:47:9b:4a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 6 14:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a015f348a2d579cf089b6d8463b6e51ad1e0e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d1:c2:98:b2:71:52:f8:a9:09:76:a2:48:f2:
b9:75:7c:7b:9f:06:ae:68:9b:40:8b:b2:4a:c6:17:
89:1c:8f:8b:9f:65:67:c8:b9:5f:d2:b4:6d:2a:bb:
d7:0b:e9:ae:fb:fd:44:e5:65:07:9f:87:ca:76:21:
de:df:c6:90:88:7e:a1:b5:e5:7e:e5:d0:ec:e7:25:
f6:d9:15:fd:eb:38:bc:64:6b:90:5f:83:e1:da:cb:
73:52:bf:0a:38:93:03:d4:bf:8c:98:13:2a:32:e2:
57:0d:a2:dd:54:2e:a2:4b:2f:a4:76:aa:d7:99:74:
9c:c2:07:5e:a2:80:11:05:0f:fb:e7:65:f0:64:74:
6a:b8:f3:61:68:99:4c:a9:50:54:bd:bd:47:bd:9e:
99:38:99:a3:aa:c5:a3:db:2e:eb:17:b3:5a:c0:c3:
be:1f:26:b9:6c:81:e7:e1:83:7c:09:a1:75:08:34:
c4:20:0b:ca:d4:85:01:46:08:49:a3:18:65:86:0b:
b9:fd:a3:ed:85:e7:07:e8:5b:c8:3b:39:6b:6a:a6:
ca:f1:2d:9c:08:87:28:15:43:a4:08:e0:79:06:b3:
ce:89:5b:39:24:8d:7a:92:c0:f4:80:25:25:21:05:
a5:b5:ec:59:c1:0e:c8:23:60:51:6e:c4:ef:a2:2c:
a8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:01:5F:34:8A:2D:57:9C:F0:89:B6:D8:46:3B:6E:51:AD:1E:0E:67
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/igFfNIotV5zwibbYRjtuUa0eDmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.87.53.0/24
195.133.55.0/24
212.192.247.0/24
Signature Algorithm: sha256WithRSAEncryption
00:8d:aa:e7:59:96:57:b0:36:e2:6f:2c:a7:5d:f9:76:01:c3:
9b:c1:42:e2:05:ac:09:c0:40:20:d2:8a:6c:ba:ec:01:74:77:
ca:56:3d:8c:50:4f:fb:97:42:31:fc:db:b7:ac:a2:05:f2:49:
f1:11:a8:7b:ba:d2:4d:80:93:0a:5a:7e:d9:82:71:7e:69:46:
e6:20:ec:1f:e4:50:6a:84:bb:89:06:f1:b7:b4:72:93:1a:83:
ba:48:14:5b:fc:33:d4:27:e3:d4:d9:a9:61:6c:55:78:38:85:
ab:de:d8:30:4c:94:ff:ce:fe:46:d3:6c:8b:2b:9d:9a:cd:90:
d8:ff:25:2b:f7:08:9b:5b:fb:43:2d:b6:f0:40:87:51:56:7f:
d0:1d:2c:e9:35:95:66:17:83:51:67:a4:31:91:55:43:3d:44:
c4:00:55:18:aa:1a:7d:59:a4:92:8b:1b:24:80:07:fa:f5:39:
a5:12:0b:32:46:b5:41:35:1d:cc:e1:58:fb:ce:9d:b7:81:3c:
c1:6f:df:df:b0:52:de:c5:c2:82:c7:64:dc:58:8f:fb:89:c8:
d4:80:71:2a:6d:5a:1a:dc:05:f7:a2:35:11:a8:0f:c9:2e:d7:
91:0b:9c:c5:83:e9:ce:c8:66:29:5f:66:ea:f1:7b:f2:df:d4:
da:1e:21:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQ77kiEDu8pSl7XSzVHm0pZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTA2MTQwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTAxNWYzNDhhMmQ1NzljZjA4OWI2ZDg0NjNiNmU1MWFkMWUwZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NHCmLJxUvipCXaiSPK5dXx7nwau
aJtAi7JKxheJHI+Ln2VnyLlf0rRtKrvXC+mu+/1E5WUHn4fKdiHe38aQiH6hteV+
5dDs5yX22RX96zi8ZGuQX4Ph2stzUr8KOJMD1L+MmBMqMuJXDaLdVC6iSy+kdqrX
mXScwgdeooARBQ/752XwZHRquPNhaJlMqVBUvb1HvZ6ZOJmjqsWj2y7rF7NawMO+
Hya5bIHn4YN8CaF1CDTEIAvK1IUBRghJoxhlhgu5/aPthecH6FvIOzlraqbK8S2c
CIcoFUOkCOB5BrPOiVs5JI16ksD0gCUlIQWltexZwQ7II2BRbsTvoiyoPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIoBXzSKLVec8Im22EY7blGtHg5nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaWdGZk5Jb3RWNXp3aWJiWVJqdHVVYTBlRG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXzjAwQA
wlc1AwQAw4U3AwQA1MD3MA0GCSqGSIb3DQEBCwUAA4IBAQAAjarnWZZXsDbibyyn
Xfl2AcObwULiBawJwEAg0opsuuwBdHfKVj2MUE/7l0Ix/Nu3rKIF8knxEah7utJN
gJMKWn7ZgnF+aUbmIOwf5FBqhLuJBvG3tHKTGoO6SBRb/DPUJ+PU2alhbFV4OIWr
3tgwTJT/zv5G02yLK52azZDY/yUr9wibW/tDLbbwQIdRVn/QHSzpNZVmF4NRZ6Qx
kVVDPUTEAFUYqhp9WaSSixskgAf69TmlEgsyRrVBNR3M4Vj7zp23gTzBb9/fsFLe
xcKCx2TcWI/7icjUgHEqbVoa3AX3ojURqA/JLteRC5zFg+nOyGYpX2bq8Xvy39Ta
HiF7
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:19:27 2025 by rpki-client