Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/97doKdSF2rBN9naEEToRrdEox68.roa
File: 97doKdSF2rBN9naEEToRrdEox68.roa (raw, json)
Hash identifier: OqPIT+sWLGTIVYQDhbclyLAVmYa035096/ky/XnDEA8=
Subject key identifier: F7:B7:68:29:D4:85:DA:B0:4D:F6:76:84:11:3A:11:AD:D1:28:C7:AF
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01967814C98DDB8E20DC4830997104350AC3
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/97doKdSF2rBN9naEEToRrdEox68.roa
Signing time: Sun 27 Apr 2025 16:29:10 +0000
ROA not before: Sun 27 Apr 2025 16:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 147.185.196.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.197.0/24 maxlen: 24
207.244.198.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Apr 2025 06:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:78:14:c9:8d:db:8e:20:dc:48:30:99:71:04:35:0a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Apr 27 16:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7b76829d485dab04df67684113a11add128c7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1d:83:c9:ff:de:99:b0:f0:c5:39:f8:91:b0:
7c:88:11:61:24:a3:4f:91:93:bd:5a:0b:86:97:b5:
ff:51:bf:13:a2:65:30:4d:9b:85:32:60:53:f0:f3:
f8:b8:cf:99:32:c8:cc:54:df:db:68:7a:d4:18:6e:
c8:1e:dd:4e:ed:19:77:88:c0:ea:e9:1f:d7:8c:73:
7a:a2:62:28:ef:06:ae:e9:9f:fc:11:53:fe:5a:42:
d7:96:fa:3e:eb:37:3c:92:f9:ce:23:90:7d:37:d6:
ee:ca:c7:1d:21:46:17:ef:79:7f:1b:c9:f8:95:f4:
33:24:5a:8d:e3:8a:72:d9:61:09:61:f8:97:ae:e9:
f3:bc:6c:91:50:1d:4f:4f:94:a8:a1:36:8d:6d:1b:
7a:c0:6c:80:93:01:ff:c6:49:07:e9:76:c8:ae:b6:
8f:3c:7d:56:24:7b:b5:0f:42:78:ab:ce:5e:da:56:
46:4b:c3:ff:11:76:ad:3b:6e:97:9a:c5:e0:51:4b:
5f:51:6d:66:6c:f8:9b:d1:3c:19:aa:93:61:eb:fe:
80:2c:05:ce:23:30:7f:1b:d4:05:bb:45:33:04:b2:
27:40:e4:92:4c:af:e4:37:c1:c6:c8:b2:85:fd:d7:
20:aa:ef:0f:9a:a3:d9:6e:27:f9:eb:6e:23:3c:bf:
9f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B7:68:29:D4:85:DA:B0:4D:F6:76:84:11:3A:11:AD:D1:28:C7:AF
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/97doKdSF2rBN9naEEToRrdEox68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.196.0/24
193.168.203.0/24
207.244.197.0-207.244.198.255
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
17:44:e1:a0:a1:ac:58:c6:eb:97:af:2c:4c:3b:d2:7e:ad:3a:
0d:ee:1a:97:ff:33:60:6c:15:24:85:6d:42:b3:50:bf:55:e5:
8c:44:ce:52:a7:c5:07:ad:e7:58:6b:6d:65:d0:71:96:ec:a1:
5f:d7:02:47:d5:a9:e3:49:47:db:12:6a:f9:53:5b:a7:a2:84:
69:98:ab:6d:a8:5c:70:93:7d:9d:30:cb:bd:98:73:4e:00:7e:
64:7a:23:1c:46:8a:c8:c3:f7:74:bf:9c:03:46:8c:00:26:da:
81:c2:e1:d9:97:b5:b7:ae:b4:a6:72:2d:07:f0:e2:5c:53:90:
00:5f:a8:1c:ed:fd:ec:50:34:b9:a8:80:e0:09:05:b0:98:ce:
5d:33:d5:94:a5:28:8f:30:da:41:38:2b:37:60:95:7f:4a:0e:
8d:5d:c4:a9:f0:16:e4:55:cc:f9:78:90:e1:28:50:50:af:49:
6a:a3:80:bf:4c:b0:a6:01:13:47:e8:1a:ff:e1:39:4f:16:b1:
ea:b8:ca:e9:3c:64:46:67:38:20:5f:c1:15:3e:ff:44:24:45:
d7:84:b2:f4:9d:ca:a5:2a:9e:0d:12:ae:e7:e4:00:73:04:29:
1e:70:8c:26:f0:b9:b0:98:1a:68:6c:79:20:46:75:ee:90:cc:
f3:08:5c:74
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZ4FMmN244g3EgwmXEENQrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNDI3MTYyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I3NjgyOWQ0ODVkYWIwNGRmNjc2ODQxMTNhMTFhZGQxMjhjN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR2Dyf/embDwxTn4kbB8iBFhJKNP
kZO9WguGl7X/Ub8TomUwTZuFMmBT8PP4uM+ZMsjMVN/baHrUGG7IHt1O7Rl3iMDq
6R/XjHN6omIo7wau6Z/8EVP+WkLXlvo+6zc8kvnOI5B9N9buyscdIUYX73l/G8n4
lfQzJFqN44py2WEJYfiXrunzvGyRUB1PT5SooTaNbRt6wGyAkwH/xkkH6XbIrraP
PH1WJHu1D0J4q85e2lZGS8P/EXatO26XmsXgUUtfUW1mbPib0TwZqpNh6/6ALAXO
IzB/G9QFu0UzBLInQOSSTK/kN8HGyLKF/dcgqu8PmqPZbif5624jPL+fcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPe3aCnUhdqwTfZ2hBE6Ea3RKMevMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvOTdkb0tkU0YyckJOOW5hRUVUb1JyZEVveDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAk7nEAwQA
wajLMAwDBADP9MUDBADP9MYDBAHP9NAwDQYJKoZIhvcNAQELBQADggEBABdE4aCh
rFjG65evLEw70n6tOg3uGpf/M2BsFSSFbUKzUL9V5YxEzlKnxQet51hrbWXQcZbs
oV/XAkfVqeNJR9sSavlTW6eihGmYq22oXHCTfZ0wy72Yc04AfmR6IxxGisjD93S/
nANGjAAm2oHC4dmXtbeutKZyLQfw4lxTkABfqBzt/exQNLmogOAJBbCYzl0z1ZSl
KI8w2kE4KzdglX9KDo1dxKnwFuRVzPl4kOEoUFCvSWqjgL9MsKYBE0foGv/hOU8W
seq4yuk8ZEZnOCBfwRU+/0QkRdeEsvSdyqUqng0SrufkAHMEKR5wjCbwubCYGmhs
eSBGde6QzPMIXHQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:38:44 2025 by rpki-client