Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/suFM2dMwV7qa1OtobK4kWrvm8sk.roa
File: suFM2dMwV7qa1OtobK4kWrvm8sk.roa (raw, json)
Hash identifier: 7AqjXILxbR5qYJ6xe0RKN1dI31b1dVzNTmfnwcwNmo8=
Subject key identifier: B2:E1:4C:D9:D3:30:57:BA:9A:D4:EB:68:6C:AE:24:5A:BB:E6:F2:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019482D72A4191ECFE170B11977FC60B2C46
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/suFM2dMwV7qa1OtobK4kWrvm8sk.roa
Signing time: Mon 20 Jan 2025 08:32:06 +0000
ROA not before: Mon 20 Jan 2025 08:32:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212025
IP address blocks: 212.192.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 15:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:d7:2a:41:91:ec:fe:17:0b:11:97:7f:c6:0b:2c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 20 08:32:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2e14cd9d33057ba9ad4eb686cae245abbe6f2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d1:51:a3:35:2d:79:36:d6:3d:d7:f7:ee:58:
eb:4c:46:40:2d:d6:ad:54:86:1b:a5:77:ee:09:15:
89:6f:41:96:2e:2b:2b:57:84:8a:d1:3c:57:51:be:
fc:c9:46:3e:52:8b:5b:69:af:cd:23:58:cb:56:1c:
40:25:b9:2a:31:ee:fb:f5:1a:5e:95:5f:11:d9:5b:
8e:81:8e:c1:50:0e:54:96:80:81:bd:33:a0:f1:09:
b3:82:0f:eb:79:cf:0d:81:ea:82:98:d8:e7:13:8b:
44:7c:fa:6a:55:a6:9f:13:4a:3e:1b:0f:5e:20:a8:
8b:f7:69:4d:94:57:68:83:fd:b4:68:9f:58:78:7d:
0a:a8:32:50:64:e0:0e:d9:7e:c2:89:dc:c4:d4:41:
f0:dc:c3:8a:45:6b:ac:8f:d0:fc:90:04:82:8a:8e:
ca:97:7b:c2:b1:f0:19:e9:84:a3:b6:5e:45:4a:d6:
9c:83:8d:15:48:67:86:ef:8f:82:69:32:4c:eb:74:
53:ee:1f:4d:d5:85:ee:70:b9:75:e7:31:43:03:4e:
41:a4:bf:5c:d0:45:cc:85:bf:11:cd:93:62:45:bd:
65:0a:05:69:a8:5d:b6:73:f0:17:9b:8e:3a:67:93:
cb:8d:bc:47:e8:10:75:fc:ea:8f:cf:41:71:71:73:
a8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E1:4C:D9:D3:30:57:BA:9A:D4:EB:68:6C:AE:24:5A:BB:E6:F2:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/suFM2dMwV7qa1OtobK4kWrvm8sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
42:b9:24:74:f7:71:f6:dc:f8:ae:6e:c8:1e:c4:c2:c6:94:d8:
55:d9:5e:b5:14:7e:cb:e2:15:33:57:7f:bb:65:92:3a:59:27:
19:8f:cc:eb:01:22:89:88:10:8d:af:0c:9d:a3:71:27:1b:b1:
97:c5:76:2b:59:ce:9a:dc:98:08:dd:74:7d:31:2d:dc:ee:bc:
64:64:c8:13:e4:03:c8:ed:0d:fc:de:c2:a3:a5:3e:2a:df:c0:
f8:2f:16:ae:e9:bd:22:92:47:7d:b5:57:b4:e8:75:c4:85:73:
9f:8e:5b:83:d2:b6:56:8b:f8:3a:09:55:72:1f:90:d5:ac:0b:
0d:4d:ea:32:b4:19:aa:51:5e:3e:07:20:3f:ae:cd:d1:99:27:
96:e1:cb:3c:2b:4f:3a:d7:59:29:47:98:ef:71:aa:38:9e:2a:
80:61:cc:91:ec:a7:82:29:41:ad:b1:3c:4d:e0:89:f9:75:b0:
ca:30:52:b4:ef:3e:42:5f:f5:38:16:fc:d9:32:ab:fb:51:3f:
33:6f:ab:87:30:d6:5e:71:94:20:51:dc:a1:c0:c4:f7:37:11:
7c:4c:1a:4e:6c:7b:5e:f4:f7:15:dd:a4:30:bf:e5:b3:8e:eb:
dd:fb:f1:f6:a9:45:a6:45:3e:65:d5:87:a8:92:a1:42:2f:dc:
3f:86:ed:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSC1ypBkez+FwsRl3/GCyxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTIwMDgzMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmUxNGNkOWQzMzA1N2JhOWFkNGViNjg2Y2FlMjQ1YWJiZTZmMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tFRozUteTbWPdf37ljrTEZALdat
VIYbpXfuCRWJb0GWLisrV4SK0TxXUb78yUY+Uotbaa/NI1jLVhxAJbkqMe779Rpe
lV8R2VuOgY7BUA5UloCBvTOg8Qmzgg/rec8NgeqCmNjnE4tEfPpqVaafE0o+Gw9e
IKiL92lNlFdog/20aJ9YeH0KqDJQZOAO2X7CidzE1EHw3MOKRWusj9D8kASCio7K
l3vCsfAZ6YSjtl5FStacg40VSGeG74+CaTJM63RT7h9N1YXucLl15zFDA05BpL9c
0EXMhb8RzZNiRb1lCgVpqF22c/AXm446Z5PLjbxH6BB1/OqPz0FxcXOoswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLhTNnTMFe6mtTraGyuJFq75vLJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc3VGTTJkTXdWN3FhMU90b2JLNGtXcnZtOHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDxMA0G
CSqGSIb3DQEBCwUAA4IBAQBCuSR093H23PiubsgexMLGlNhV2V61FH7L4hUzV3+7
ZZI6WScZj8zrASKJiBCNrwydo3EnG7GXxXYrWc6a3JgI3XR9MS3c7rxkZMgT5API
7Q383sKjpT4q38D4Lxau6b0ikkd9tVe06HXEhXOfjluD0rZWi/g6CVVyH5DVrAsN
TeoytBmqUV4+ByA/rs3RmSeW4cs8K08611kpR5jvcao4niqAYcyR7KeCKUGtsTxN
4In5dbDKMFK07z5CX/U4FvzZMqv7UT8zb6uHMNZecZQgUdyhwMT3NxF8TBpObHte
9PcV3aQwv+Wzjuvd+/H2qUWmRT5l1YeokqFCL9w/hu1t
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:57:57 2025 by rpki-client