Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/urnJCpr5RjSS3AJDDhLEmA_bigQ.roa
File: urnJCpr5RjSS3AJDDhLEmA_bigQ.roa (raw, json)
Hash identifier: ZSvzm5g2mBAy/0lOUWRQ7Ajx93syvH8deSNr85xqZDs=
Subject key identifier: BA:B9:C9:0A:9A:F9:46:34:92:DC:02:43:0E:12:C4:98:0F:DB:8A:04
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 019589F3A4B08D95B00DF6C721A1E8B322A8
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/urnJCpr5RjSS3AJDDhLEmA_bigQ.roa
Signing time: Wed 12 Mar 2025 10:43:20 +0000
ROA not before: Wed 12 Mar 2025 10:43:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214717
IP address blocks: 176.65.137.0/24 maxlen: 24
176.65.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 18:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:f3:a4:b0:8d:95:b0:0d:f6:c7:21:a1:e8:b3:22:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: Mar 12 10:43:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bab9c90a9af9463492dc02430e12c4980fdb8a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c8:5d:dd:1a:71:90:fd:6a:e6:54:d2:12:a2:
f2:9f:a6:6a:a0:17:b2:55:e6:a2:65:dd:dd:b0:13:
7c:a8:33:41:45:de:cd:40:47:d0:26:51:23:e2:47:
f1:93:a7:fa:25:22:9e:f0:60:8f:af:6a:e7:23:70:
24:6a:28:43:5f:ee:58:77:40:3f:9c:ec:bb:82:54:
7b:bf:aa:a3:ec:10:f2:b6:8d:7f:53:aa:29:7f:e4:
e0:ed:d3:0a:52:1d:ff:54:9e:51:a7:4b:c2:3f:21:
85:26:c2:c6:d2:89:e1:81:80:0b:40:13:8e:27:a4:
0a:0a:04:61:38:95:df:2b:02:39:58:ff:b9:f5:53:
37:ee:d2:5a:1c:2d:d1:96:1c:fd:a5:ec:88:c7:93:
45:61:05:6e:49:39:0f:25:cb:80:9a:48:ae:24:56:
8c:cc:d4:c1:15:a6:2b:d9:28:48:f0:4c:73:97:20:
1e:91:1a:ac:35:e7:bd:07:91:cf:f8:34:cb:34:f9:
a5:48:97:e4:99:b8:c9:1c:70:1f:ac:67:2c:18:13:
3b:e6:5b:ac:84:83:94:57:f7:2b:a2:68:2e:f6:d4:
6c:26:a3:fa:af:5f:f4:e6:17:c1:7c:aa:61:dd:bc:
aa:68:21:ca:47:b7:4d:32:5a:f7:14:89:2c:31:97:
e2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B9:C9:0A:9A:F9:46:34:92:DC:02:43:0E:12:C4:98:0F:DB:8A:04
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/urnJCpr5RjSS3AJDDhLEmA_bigQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.137.0-176.65.138.255
Signature Algorithm: sha256WithRSAEncryption
1e:79:9b:c8:e5:b2:00:6b:86:3a:f0:bf:ee:b2:54:49:0e:87:
c6:2e:d3:47:1e:e8:e0:f3:18:97:17:24:77:95:c8:cb:aa:9a:
40:d9:df:44:dd:8e:5d:ac:08:bd:6d:c9:a0:96:b8:29:e9:cb:
5e:9a:fe:49:ba:c1:58:85:4a:7b:da:be:f5:d1:12:dd:73:79:
fe:37:3a:9d:31:96:84:73:65:a4:a5:3d:27:00:79:55:b3:e3:
19:06:36:5e:8f:97:d2:04:20:c7:8a:48:99:00:86:27:51:03:
cd:bf:27:39:45:37:e6:c1:fb:f9:f9:71:6f:20:d2:74:68:2c:
bc:80:28:cd:9f:6c:61:f7:ac:39:45:a7:6b:71:7d:e5:7b:57:
31:5b:a3:6e:c4:71:bb:87:ae:35:d0:a0:20:3a:e1:c8:c6:1b:
07:e5:16:72:b6:a0:dc:42:cd:a8:9b:86:0c:27:2b:3f:03:12:
09:3e:04:29:05:ee:b3:96:b6:1e:2b:d9:26:4a:8f:eb:a8:e4:
b4:83:e5:04:ad:08:32:82:ea:dc:0f:fa:39:c6:cd:91:b4:14:
6e:a7:db:be:23:39:48:6c:8d:54:62:07:3a:5f:1f:83:7a:35:
f1:06:61:87:52:cc:b5:a0:ba:d5:84:4a:b6:b9:27:ea:d4:7a:
a9:b9:3f:1b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZWJ86SwjZWwDfbHIaHosyKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwMzEyMTA0MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI5YzkwYTlhZjk0NjM0OTJkYzAyNDMwZTEyYzQ5ODBmZGI4YTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAychd3RpxkP1q5lTSEqLyn6ZqoBey
VeaiZd3dsBN8qDNBRd7NQEfQJlEj4kfxk6f6JSKe8GCPr2rnI3AkaihDX+5Yd0A/
nOy7glR7v6qj7BDyto1/U6opf+Tg7dMKUh3/VJ5Rp0vCPyGFJsLG0onhgYALQBOO
J6QKCgRhOJXfKwI5WP+59VM37tJaHC3Rlhz9peyIx5NFYQVuSTkPJcuAmkiuJFaM
zNTBFaYr2ShI8ExzlyAekRqsNee9B5HP+DTLNPmlSJfkmbjJHHAfrGcsGBM75lus
hIOUV/cromgu9tRsJqP6r1/05hfBfKph3byqaCHKR7dNMlr3FIksMZfiQwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLq5yQqa+UY0ktwCQw4SxJgP24oEMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvdXJuSkNwcjVSalNTM0FKRERoTEVtQV9iaWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACwQYkD
BACwQYowDQYJKoZIhvcNAQELBQADggEBAB55m8jlsgBrhjrwv+6yVEkOh8Yu00ce
6ODzGJcXJHeVyMuqmkDZ30Tdjl2sCL1tyaCWuCnpy16a/km6wViFSnvavvXREt1z
ef43Op0xloRzZaSlPScAeVWz4xkGNl6Pl9IEIMeKSJkAhidRA82/JzlFN+bB+/n5
cW8g0nRoLLyAKM2fbGH3rDlFp2txfeV7VzFbo27EcbuHrjXQoCA64cjGGwflFnK2
oNxCzaibhgwnKz8DEgk+BCkF7rOWth4r2SZKj+uo5LSD5QStCDKC6twP+jnGzZG0
FG6n274jOUhsjVRiBzpfH4N6NfEGYYdSzLWgutWESra5J+rUeqm5Pxs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:52:50 2025 by rpki-client