Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/7qODuGSs4dmqZxJ-1yR3uLnt78I.roa
File: 7qODuGSs4dmqZxJ-1yR3uLnt78I.roa (raw, json)
Hash identifier: u9dD83B9w4i3dzT6MQPlhoVscgdl/eJq2CSU2nReV/s=
Subject key identifier: EE:A3:83:B8:64:AC:E1:D9:AA:67:12:7E:D7:24:77:B8:B9:ED:EF:C2
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 018CC794DDD0AC0F937A8E25E47A8EA62144
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/7qODuGSs4dmqZxJ-1yR3uLnt78I.roa
Signing time: Tue 02 Jan 2024 00:31:11 +0000
ROA not before: Tue 02 Jan 2024 00:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209272
IP address blocks: 81.19.136.0/24 maxlen: 32
81.19.138.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:dd:d0:ac:0f:93:7a:8e:25:e4:7a:8e:a6:21:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 2 00:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea383b864ace1d9aa67127ed72477b8b9edefc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:9e:a2:0a:23:60:72:57:f9:4e:ff:73:00:
47:38:94:5f:15:6b:6f:ca:4e:21:d8:05:ca:3a:2b:
22:a5:75:c9:4d:cd:ee:9b:0d:50:1b:b8:ee:d7:96:
3d:87:ac:5f:4f:71:43:c8:73:e8:d0:f7:29:da:0e:
3e:74:83:4c:7d:fc:f3:6e:13:2e:7f:33:3d:ea:25:
d5:19:06:f0:e5:49:1d:2e:95:7c:fb:e0:e7:d5:bd:
0c:c7:28:f9:5a:52:67:f9:7e:91:c6:d4:c5:b9:b5:
1d:61:93:60:ad:c8:e1:54:36:c7:7b:03:db:94:10:
1f:39:8a:6a:f9:7d:aa:1c:14:c1:e3:85:42:b1:6f:
12:8a:9b:42:76:c5:78:de:93:43:f8:2e:3c:f9:93:
16:c0:f5:60:1a:a3:52:c2:37:26:f2:2b:56:d4:7a:
90:84:be:ba:11:31:5a:de:ac:97:55:27:9e:fb:7f:
8f:39:6e:e4:58:40:c7:a1:b5:95:2b:ea:61:61:3e:
53:78:ab:78:de:9a:6b:a6:73:be:92:d1:5a:6d:6d:
69:ec:22:23:19:d3:ef:a6:43:f8:e3:e2:db:8d:c2:
e9:31:99:38:18:22:51:c6:34:ce:7a:c5:f6:44:bb:
2d:13:b5:3b:5a:85:f5:fd:18:ee:fa:00:51:08:0e:
ab:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A3:83:B8:64:AC:E1:D9:AA:67:12:7E:D7:24:77:B8:B9:ED:EF:C2
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/7qODuGSs4dmqZxJ-1yR3uLnt78I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.136.0/24
81.19.138.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:14:99:32:4f:15:64:7c:f0:23:a9:18:b2:d3:30:d9:d5:94:
7d:45:b2:52:86:5e:cb:18:7a:b7:32:ed:da:a3:82:3d:93:a2:
21:5a:3c:d9:f7:44:20:21:dc:44:bf:8c:16:5d:48:cd:97:45:
db:ce:bd:8f:bf:c5:94:94:5e:7f:d6:9e:25:2f:81:c5:cd:8b:
52:1d:63:e4:50:e6:9c:29:a6:87:98:96:f7:bc:44:43:e2:bd:
b1:3a:0c:60:6b:49:50:79:5a:21:aa:51:23:cf:ab:4c:03:90:
d6:43:5a:e7:2f:d9:43:76:30:72:e0:ee:9c:00:38:6b:3c:f0:
92:a7:d7:5f:b0:c5:25:2f:d9:94:c2:c2:b4:a1:57:19:db:75:
98:e9:8a:34:93:2c:25:cd:6f:6f:1d:4c:15:74:f7:3b:e4:41:
e3:dd:5c:ea:8b:22:78:b8:d6:f6:8a:96:26:30:03:8e:14:8f:
a8:e6:d6:85:af:b8:1a:b6:0f:11:ac:24:58:3e:99:7c:9e:de:
a0:ad:18:a2:b3:9e:da:aa:bb:60:74:ab:36:7e:43:a5:6c:26:
65:2a:de:7f:15:78:27:9e:82:b7:00:8d:66:f3:3b:e1:b2:6c:
3b:89:f1:49:d5:e4:90:1b:6b:3b:43:8e:17:82:90:d7:90:15:
75:97:ee:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlN3QrA+Teo4l5HqOpiFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjQwMTAyMDAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWEzODNiODY0YWNlMWQ5YWE2NzEyN2VkNzI0NzdiOGI5ZWRlZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYueogojYHJX+U7/cwBHOJRfFWtv
yk4h2AXKOisipXXJTc3umw1QG7ju15Y9h6xfT3FDyHPo0Pcp2g4+dINMffzzbhMu
fzM96iXVGQbw5UkdLpV8++Dn1b0Mxyj5WlJn+X6RxtTFubUdYZNgrcjhVDbHewPb
lBAfOYpq+X2qHBTB44VCsW8SiptCdsV43pND+C48+ZMWwPVgGqNSwjcm8itW1HqQ
hL66ETFa3qyXVSee+3+POW7kWEDHobWVK+phYT5TeKt43pprpnO+ktFabW1p7CIj
GdPvpkP44+LbjcLpMZk4GCJRxjTOesX2RLstE7U7WoX1/Rju+gBRCA6rEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6jg7hkrOHZqmcSftckd7i57e/CMB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvN3FPRHVHU3M0ZG1xWnhKLTF5UjN1TG50NzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUROIAwQA
UROKMA0GCSqGSIb3DQEBCwUAA4IBAQBcFJkyTxVkfPAjqRiy0zDZ1ZR9RbJShl7L
GHq3Mu3ao4I9k6IhWjzZ90QgIdxEv4wWXUjNl0Xbzr2Pv8WUlF5/1p4lL4HFzYtS
HWPkUOacKaaHmJb3vERD4r2xOgxga0lQeVohqlEjz6tMA5DWQ1rnL9lDdjBy4O6c
ADhrPPCSp9dfsMUlL9mUwsK0oVcZ23WY6Yo0kywlzW9vHUwVdPc75EHj3VzqiyJ4
uNb2ipYmMAOOFI+o5taFr7gatg8RrCRYPpl8nt6grRiis57aqrtgdKs2fkOlbCZl
Kt5/FXgnnoK3AI1m8zvhsmw7ifFJ1eSQG2s7Q44XgpDXkBV1l+50
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:18:08 2025 by rpki-client