Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/cOGWXEzNQlVF4Qjd61wHeEgB9CQ.roa
File: cOGWXEzNQlVF4Qjd61wHeEgB9CQ.roa (raw, json)
Hash identifier: x84xTreiuFF5A1xFNuCkRvhIGK50eiZN1aq+OISviYQ=
Subject key identifier: 70:E1:96:5C:4C:CD:42:55:45:E1:08:DD:EB:5C:07:78:48:01:F4:24
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 0195F1536825672437CFA09CE445A839CC13
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/cOGWXEzNQlVF4Qjd61wHeEgB9CQ.roa
Signing time: Tue 01 Apr 2025 12:28:49 +0000
ROA not before: Tue 01 Apr 2025 12:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206352
IP address blocks: 195.210.98.0/24 maxlen: 24
195.210.100.0/22 maxlen: 22
195.210.110.0/23 maxlen: 23
195.210.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 19:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:53:68:25:67:24:37:cf:a0:9c:e4:45:a8:39:cc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Apr 1 12:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70e1965c4ccd425545e108ddeb5c07784801f424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c4:1e:b0:c9:99:dd:b3:4d:38:65:e0:2a:92:
8e:46:66:b5:e1:a2:5d:80:bd:87:94:fa:17:e0:70:
70:78:2c:8f:41:d1:ab:05:54:97:ef:77:eb:d8:13:
4a:f9:49:8d:b8:18:7b:ab:c5:c9:11:76:f1:ab:ee:
57:c0:85:e5:5e:9d:dc:50:e9:ea:84:b5:85:6b:45:
e4:82:71:77:b3:a1:bc:2e:0a:74:23:cf:9e:f1:ba:
6f:4f:e1:5d:25:68:af:88:69:6f:86:bd:f7:f6:40:
9d:5c:df:26:e7:1c:f9:f8:4f:87:4e:17:09:a8:e1:
ff:83:4c:80:41:b7:53:e4:c2:f8:49:47:7e:35:70:
f5:65:a2:92:a0:3f:17:1e:35:ff:e4:42:d0:45:66:
0f:19:d0:1c:54:b5:f2:20:22:3e:ed:ac:df:67:9d:
22:6c:95:21:e1:64:28:80:02:d3:c2:3c:9e:57:a3:
a2:50:c2:b0:a0:4c:ca:5e:21:34:f1:dc:a0:f8:eb:
ac:91:e7:59:3b:ad:0d:82:67:03:4b:19:b8:4e:38:
cd:e0:d0:7c:29:c9:74:9b:12:b7:18:f9:65:38:52:
8d:6b:e2:f6:b8:b7:41:87:d9:ae:9d:15:19:2b:8f:
fb:48:db:6a:da:69:84:93:50:fb:6d:40:da:02:d5:
de:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E1:96:5C:4C:CD:42:55:45:E1:08:DD:EB:5C:07:78:48:01:F4:24
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/cOGWXEzNQlVF4Qjd61wHeEgB9CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.98.0/24
195.210.100.0/22
195.210.110.0/23
195.210.122.0/24
Signature Algorithm: sha256WithRSAEncryption
67:dd:0d:13:b2:71:13:a0:ed:35:29:77:f6:7b:3c:66:98:56:
99:f6:37:f7:d5:b0:b5:b6:2a:25:c8:72:a0:5f:7c:e8:1c:ca:
21:fd:e5:17:cc:8b:9d:a1:2a:2f:4e:a7:3f:ce:07:2f:6c:ad:
03:d9:a4:6c:01:62:83:c6:2b:54:97:62:c9:81:42:01:d3:46:
80:8a:d6:a2:a7:4a:ea:61:71:1b:fa:af:72:e8:89:45:ba:bb:
6f:0f:f8:ee:82:84:91:71:d4:60:e0:d0:f3:62:4a:67:00:22:
ba:97:cc:a2:8e:e3:3b:58:ff:83:b3:54:17:23:00:e7:ec:f4:
7a:fb:38:8d:80:e3:28:f5:c1:00:fc:97:37:4f:fb:ee:05:fd:
d7:bf:a7:c4:e9:15:19:07:f2:7b:15:6d:b2:f4:51:6a:8d:aa:
84:49:e3:db:db:de:39:b5:f6:d7:fb:65:34:df:22:7b:21:07:
b1:ee:0c:56:71:30:bf:44:d0:cc:58:ef:a6:27:10:95:48:eb:
b9:9e:01:46:d6:06:27:64:b7:53:f6:b8:21:b5:90:56:e3:6e:
f9:1a:8a:15:5c:ef:a1:7e:77:5f:92:17:4f:a2:67:9e:2d:42:
ec:dc:2b:d6:99:a8:cb:28:bc:06:96:1a:eb:3e:cc:b8:9c:bc:
41:8c:6b:f2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXxU2glZyQ3z6Cc5EWoOcwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYjg0ZDlmOGY5ZTMzMTU2NTg5YTVlYmY3MjIyMDNhODk5
ZTBhNTEwHhcNMjUwNDAxMTIyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGUxOTY1YzRjY2Q0MjU1NDVlMTA4ZGRlYjVjMDc3ODQ4MDFmNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMQesMmZ3bNNOGXgKpKORma14aJd
gL2HlPoX4HBweCyPQdGrBVSX73fr2BNK+UmNuBh7q8XJEXbxq+5XwIXlXp3cUOnq
hLWFa0XkgnF3s6G8Lgp0I8+e8bpvT+FdJWiviGlvhr339kCdXN8m5xz5+E+HThcJ
qOH/g0yAQbdT5ML4SUd+NXD1ZaKSoD8XHjX/5ELQRWYPGdAcVLXyICI+7azfZ50i
bJUh4WQogALTwjyeV6OiUMKwoEzKXiE08dyg+OuskedZO60NgmcDSxm4TjjN4NB8
Kcl0mxK3GPllOFKNa+L2uLdBh9munRUZK4/7SNtq2mmEk1D7bUDaAtXelQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHDhllxMzUJVReEI3etcB3hIAfQkMB8GA1UdIwQY
MBaAFP64TZ+PnjMVZYml6/ciIDqJngpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMt
YWYxY2MyMzE3ZTM5LzEvY09HV1hFek5RbFZGNFFqZDYxd0hlRWdCOUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMtYWYxY2MyMzE3ZTM5
LzEvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw9JiAwQC
w9JkAwQBw9JuAwQAw9J6MA0GCSqGSIb3DQEBCwUAA4IBAQBn3Q0TsnEToO01KXf2
ezxmmFaZ9jf31bC1tiolyHKgX3zoHMoh/eUXzIudoSovTqc/zgcvbK0D2aRsAWKD
xitUl2LJgUIB00aAitaip0rqYXEb+q9y6IlFurtvD/jugoSRcdRg4NDzYkpnACK6
l8yijuM7WP+Ds1QXIwDn7PR6+ziNgOMo9cEA/Jc3T/vuBf3Xv6fE6RUZB/J7FW2y
9FFqjaqESePb2945tfbX+2U03yJ7IQex7gxWcTC/RNDMWO+mJxCVSOu5ngFG1gYn
ZLdT9rghtZBW4275GooVXO+hfndfkhdPomeeLULs3CvWmajLKLwGlhrrPsy4nLxB
jGvy
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:37:59 2025 by rpki-client