Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/p8GLavHOZ0MePKsrI_FQ5kouUkw.roa
File: p8GLavHOZ0MePKsrI_FQ5kouUkw.roa (raw, json)
Hash identifier: nxq2ssLmQopTGCxCCUTVk1ahwyuW7cuomZgxu0Xi4xc=
Subject key identifier: A7:C1:8B:6A:F1:CE:67:43:1E:3C:AB:2B:23:F1:50:E6:4A:2E:52:4C
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 0194221F6BDD4DAA97B82B938A54253B89B9
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/p8GLavHOZ0MePKsrI_FQ5kouUkw.roa
Signing time: Wed 01 Jan 2025 13:47:52 +0000
ROA not before: Wed 01 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199912
IP address blocks: 88.214.24.0/24 maxlen: 24
91.238.180.0/24 maxlen: 24
185.55.240.0/24 maxlen: 24
193.24.211.0/24 maxlen: 24
194.24.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 14:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6b:dd:4d:aa:97:b8:2b:93:8a:54:25:3b:89:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Jan 1 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7c18b6af1ce67431e3cab2b23f150e64a2e524c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6a:36:d8:06:9d:d8:4a:4c:f0:b4:1d:12:e7:
0a:a0:29:4a:6e:cf:39:06:2c:f1:ae:59:dd:93:db:
03:70:4a:fc:77:0f:52:aa:1f:c3:3b:e0:76:4b:47:
6b:0c:de:84:54:bb:5d:6d:13:5e:09:0e:ba:b9:ae:
62:8a:07:e8:29:c1:bd:ea:3e:88:82:8d:5d:3d:bc:
05:d5:9f:38:03:fc:50:7f:8f:b4:74:75:ee:95:63:
08:09:b6:c1:ca:c1:bf:36:2f:a5:1a:0f:61:35:8c:
da:67:9a:98:5d:e1:74:62:4a:94:b7:b6:1e:18:63:
f7:51:43:41:ad:74:df:ab:5a:14:d3:13:a0:b3:c5:
30:2f:86:96:34:f7:e5:9e:41:a4:be:4f:48:cd:44:
42:c1:8d:f4:02:17:f8:8d:4d:dd:11:11:0f:15:4a:
81:f6:66:9f:16:6b:c9:5d:ca:53:04:04:a8:55:0f:
d3:24:80:64:58:d2:21:ab:86:a9:8c:82:1c:91:97:
69:bc:5e:1d:68:b2:31:f0:fb:bd:65:1b:e0:88:ea:
d6:75:4a:ee:bf:1d:c5:61:b1:26:c2:f9:15:6e:67:
71:38:02:99:17:07:4d:17:13:61:e2:da:83:c4:91:
21:44:73:4a:ee:ec:f6:79:bc:c7:e8:7e:d1:82:1a:
4c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C1:8B:6A:F1:CE:67:43:1E:3C:AB:2B:23:F1:50:E6:4A:2E:52:4C
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/p8GLavHOZ0MePKsrI_FQ5kouUkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.24.0/24
91.238.180.0/24
185.55.240.0/24
193.24.211.0/24
194.24.161.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5b:71:bf:0b:d3:68:e0:51:9c:f8:b2:f9:32:25:be:d7:4b:
dc:72:da:ba:ec:b1:b1:af:db:a1:01:b7:77:92:78:b0:a4:67:
21:9b:a4:20:11:34:47:e7:d1:b7:1c:d6:f3:43:37:c8:9c:b7:
3b:5e:b8:1f:dd:5e:77:38:76:82:ba:aa:f4:6a:1d:6c:0c:a7:
03:cc:f5:a6:77:f1:eb:08:af:9f:b4:1f:f3:0c:d6:3f:d4:9a:
b1:6d:03:09:7f:46:08:c4:49:cf:ef:60:67:4e:87:a6:72:e8:
66:74:6d:d3:a6:5a:97:10:53:9f:96:f8:35:84:6f:a3:3b:a2:
33:55:f7:95:15:20:77:7c:3c:82:49:95:af:44:b4:e8:86:14:
2a:eb:de:af:b5:87:9e:19:45:a4:7a:7f:73:a7:a1:56:b0:36:
b2:2f:56:ca:55:bf:ea:0f:fa:67:89:74:30:75:3c:8c:12:c8:
90:d6:0e:4d:7e:1d:49:f8:fc:2e:87:5a:0b:1a:91:20:9d:31:
02:90:11:aa:fb:f8:11:0b:5e:82:37:42:03:6f:f9:93:08:33:
f0:85:39:99:73:22:7d:fb:48:2e:f3:85:40:85:34:84:c0:dd:
78:eb:da:e1:40:75:a9:fe:f8:69:1b:d5:f8:0d:0c:6b:09:53:
57:6c:2e:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiH2vdTaqXuCuTilQlO4m5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwMTAxMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2MxOGI2YWYxY2U2NzQzMWUzY2FiMmIyM2YxNTBlNjRhMmU1MjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWo22Aad2EpM8LQdEucKoClKbs85
Bizxrlndk9sDcEr8dw9Sqh/DO+B2S0drDN6EVLtdbRNeCQ66ua5iigfoKcG96j6I
go1dPbwF1Z84A/xQf4+0dHXulWMICbbBysG/Ni+lGg9hNYzaZ5qYXeF0YkqUt7Ye
GGP3UUNBrXTfq1oU0xOgs8UwL4aWNPflnkGkvk9IzURCwY30Ahf4jU3dEREPFUqB
9mafFmvJXcpTBASoVQ/TJIBkWNIhq4apjIIckZdpvF4daLIx8Pu9ZRvgiOrWdUru
vx3FYbEmwvkVbmdxOAKZFwdNFxNh4tqDxJEhRHNK7uz2ebzH6H7RghpMqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKfBi2rxzmdDHjyrKyPxUOZKLlJMMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvcDhHTGF2SE9aME1lUEtzcklfRlE1a291VWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWNYYAwQA
W+60AwQAuTfwAwQAwRjTAwQAwhihMA0GCSqGSIb3DQEBCwUAA4IBAQB5W3G/C9No
4FGc+LL5MiW+10vcctq67LGxr9uhAbd3kniwpGchm6QgETRH59G3HNbzQzfInLc7
Xrgf3V53OHaCuqr0ah1sDKcDzPWmd/HrCK+ftB/zDNY/1JqxbQMJf0YIxEnP72Bn
ToemcuhmdG3TplqXEFOflvg1hG+jO6IzVfeVFSB3fDyCSZWvRLTohhQq696vtYee
GUWken9zp6FWsDayL1bKVb/qD/pniXQwdTyMEsiQ1g5Nfh1J+Pwuh1oLGpEgnTEC
kBGq+/gRC16CN0IDb/mTCDPwhTmZcyJ9+0gu84VAhTSEwN1469rhQHWp/vhpG9X4
DQxrCVNXbC59
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:42 2025 by rpki-client