Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/LIbH5EgrijbmkAc9yypXHGEIiUU.roa
File: LIbH5EgrijbmkAc9yypXHGEIiUU.roa (raw, json)
Hash identifier: U/G83yWnR4FD+OUbQavEtqAdscmkvfXovRo7rqdTBX0=
Subject key identifier: 2C:86:C7:E4:48:2B:8A:36:E6:90:07:3D:CB:2A:57:1C:61:08:89:45
Certificate issuer: /CN=79a295c80b54c2dbe77ba47de7daec6b986021b4
Certificate serial: 0194E0A29AA64C87BAED9056EFB8C7032BC2
Authority key identifier: 79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/LIbH5EgrijbmkAc9yypXHGEIiUU.roa
Signing time: Fri 07 Feb 2025 13:39:00 +0000
ROA not before: Fri 07 Feb 2025 13:39:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213047
IP address blocks: 185.103.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 13:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:a2:9a:a6:4c:87:ba:ed:90:56:ef:b8:c7:03:2b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a295c80b54c2dbe77ba47de7daec6b986021b4
Validity
Not Before: Feb 7 13:39:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c86c7e4482b8a36e690073dcb2a571c61088945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d0:55:d6:2e:c8:87:04:d3:61:86:20:a3:61:
7a:28:eb:dd:bd:c5:a0:28:db:b4:42:5a:1d:1e:f4:
f0:74:4a:1e:72:8e:1b:c5:1a:89:21:df:4c:ca:79:
03:5f:52:4a:1f:a9:dd:1e:80:92:a6:1e:9c:aa:59:
ae:c5:58:76:58:63:64:a6:a1:ec:b3:6f:74:74:33:
ee:8d:ec:88:2a:73:19:0c:42:6a:67:77:e3:84:3d:
92:a5:2f:e2:32:1d:85:31:08:a8:4c:54:92:9e:cf:
e9:2f:d2:43:b5:0a:ae:66:e0:b6:5b:b0:b9:97:3b:
de:21:35:1c:a9:ea:44:50:ed:d3:dc:7a:c1:f4:eb:
93:47:99:9c:1f:ca:71:b0:f3:26:b5:b8:a8:dd:e1:
cd:41:63:15:32:e7:32:c0:66:da:0c:84:dd:79:c4:
7d:51:a9:94:15:b9:a6:c5:d6:b2:8f:69:5f:21:8c:
57:70:4d:79:90:36:37:5b:7a:39:cf:84:91:dc:82:
58:b6:53:43:ff:7b:5b:ed:17:d0:0b:96:5d:87:a0:
3f:3b:2b:60:af:d6:ce:fd:fa:5a:ba:57:c8:51:0d:
09:60:ef:45:9a:ff:a4:31:97:44:c9:cd:29:96:3d:
74:3e:10:46:8d:44:41:37:57:55:10:eb:0e:a1:9b:
54:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:86:C7:E4:48:2B:8A:36:E6:90:07:3D:CB:2A:57:1C:61:08:89:45
X509v3 Authority Key Identifier:
keyid:79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/LIbH5EgrijbmkAc9yypXHGEIiUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eaKVyAtUwtvne6R959rsa5hgIbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.118.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0c:ef:2f:0a:f9:6f:2d:22:14:81:f7:8f:e2:93:b8:42:f5:
cc:77:bc:cd:bb:7b:f4:92:84:a8:ef:b3:42:06:b2:9a:58:79:
55:6b:c5:a8:02:ed:19:7d:b9:62:87:fe:02:ab:20:77:18:78:
d6:70:b5:39:69:5b:32:c1:f2:aa:fa:4d:3e:da:5b:69:a1:52:
7c:31:aa:9c:14:ee:59:36:89:44:d5:9e:c6:85:b4:eb:95:5a:
a5:e0:83:ba:d6:26:90:c0:24:8e:0b:ba:f3:48:e4:ca:ba:a1:
89:15:96:6f:bc:27:b7:c6:fb:14:ec:d5:a5:ed:d1:53:eb:b8:
b1:40:a7:79:e3:5b:da:d6:0a:5c:df:7f:a3:e5:44:40:29:5a:
da:45:87:12:38:66:9c:f8:d6:8b:d3:e0:b0:07:fb:37:06:cf:
b8:c6:d9:c5:d0:51:05:96:99:98:00:ab:ae:a4:c4:0d:0e:82:
33:46:b5:f3:e8:db:a5:20:7c:40:9c:2b:23:08:31:2a:b2:b1:
2a:fe:d7:99:09:64:a1:26:e5:5e:fa:41:83:40:fb:79:37:df:
4d:a9:aa:79:1a:7c:82:76:c2:63:ce:ae:13:2a:4a:a9:1d:fe:
34:8d:c7:33:12:d4:23:94:b9:ed:bb:44:64:f1:fa:59:6b:58:
e4:55:21:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTgopqmTIe67ZBW77jHAyvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTI5NWM4MGI1NGMyZGJlNzdiYTQ3ZGU3ZGFlYzZiOTg2
MDIxYjQwHhcNMjUwMjA3MTMzOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg2YzdlNDQ4MmI4YTM2ZTY5MDA3M2RjYjJhNTcxYzYxMDg4OTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9BV1i7IhwTTYYYgo2F6KOvdvcWg
KNu0QlodHvTwdEoeco4bxRqJId9MynkDX1JKH6ndHoCSph6cqlmuxVh2WGNkpqHs
s290dDPujeyIKnMZDEJqZ3fjhD2SpS/iMh2FMQioTFSSns/pL9JDtQquZuC2W7C5
lzveITUcqepEUO3T3HrB9OuTR5mcH8pxsPMmtbio3eHNQWMVMucywGbaDITdecR9
UamUFbmmxdayj2lfIYxXcE15kDY3W3o5z4SR3IJYtlND/3tb7RfQC5Zdh6A/Oytg
r9bO/fpaulfIUQ0JYO9Fmv+kMZdEyc0plj10PhBGjURBN1dVEOsOoZtUgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyGx+RIK4o25pAHPcsqVxxhCIlFMB8GA1UdIwQY
MBaAFHmilcgLVMLb53ukfefa7GuYYCG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEt
MmJiYjQ4ZWZiMGVkLzEvTEliSDVFZ3JpamJta0FjOXl5cFhIR0VJaVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEtMmJiYjQ4ZWZiMGVk
LzEvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWd2MA0G
CSqGSIb3DQEBCwUAA4IBAQAoDO8vCvlvLSIUgfeP4pO4QvXMd7zNu3v0koSo77NC
BrKaWHlVa8WoAu0Zfblih/4CqyB3GHjWcLU5aVsywfKq+k0+2ltpoVJ8MaqcFO5Z
NolE1Z7GhbTrlVql4IO61iaQwCSOC7rzSOTKuqGJFZZvvCe3xvsU7NWl7dFT67ix
QKd541va1gpc33+j5URAKVraRYcSOGac+NaL0+CwB/s3Bs+4xtnF0FEFlpmYAKuu
pMQNDoIzRrXz6NulIHxAnCsjCDEqsrEq/teZCWShJuVe+kGDQPt5N99Nqap5GnyC
dsJjzq4TKkqpHf40jcczEtQjlLntu0Rk8fpZa1jkVSEn
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:47:10 2025 by rpki-client