Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/7hPHS3ozKpckYnO4epjFdOZooYo.roa
File: 7hPHS3ozKpckYnO4epjFdOZooYo.roa (raw, json)
Hash identifier: apRHTNZitGNTnU6DybvctdQZ4SvNx3rA73Sy6/SAQgc=
Subject key identifier: EE:13:C7:4B:7A:33:2A:97:24:62:73:B8:7A:98:C5:74:E6:68:A1:8A
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 019424452A582130DACC1FC12167D160B88A
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/7hPHS3ozKpckYnO4epjFdOZooYo.roa
Signing time: Wed 01 Jan 2025 23:48:20 +0000
ROA not before: Wed 01 Jan 2025 23:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208091
IP address blocks: 80.66.76.0/24 maxlen: 24
80.66.88.0/24 maxlen: 24
87.251.67.0/24 maxlen: 24
87.251.75.0/24 maxlen: 24
193.37.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 16:32:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2a:58:21:30:da:cc:1f:c1:21:67:d1:60:b8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee13c74b7a332a97246273b87a98c574e668a18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2f:e1:d5:c3:e1:ae:08:32:7b:cb:0c:e8:23:
5e:c0:49:9e:bf:29:84:9c:80:cd:1c:00:14:d2:a0:
e5:b8:c6:00:e5:48:2b:c5:8d:1b:e7:03:3e:20:1e:
57:29:7b:33:0b:b9:c2:cf:4d:a1:b8:ec:5f:6e:c7:
9c:ea:e5:3a:79:b2:19:b1:aa:dc:85:6f:9a:df:1d:
43:45:8f:bb:11:ed:1b:0a:4f:fd:10:fc:2f:d0:1d:
b0:e5:51:14:05:96:15:3a:53:2c:28:39:9f:14:b6:
00:b3:3b:63:37:4b:7f:19:ed:f4:c6:56:f9:c3:9f:
8e:6c:e2:e7:dc:fb:52:0b:b3:f8:d5:8c:5e:f1:60:
0c:1b:e4:15:71:b4:92:ab:d7:e9:a5:4f:bb:0b:3b:
fc:10:7d:be:08:60:ba:82:11:ab:cb:05:f3:ac:f7:
04:94:91:c9:f3:f7:12:8c:13:9a:b7:e6:3d:aa:85:
d0:cb:15:1c:fa:37:d7:ea:e5:8a:6e:11:dd:e1:5c:
aa:c3:2f:a5:c7:c3:a7:cf:93:55:14:fc:df:07:c2:
83:4f:3d:e4:5c:d2:dc:1b:bd:c5:ff:8c:d3:4c:0a:
23:5d:55:a0:a9:89:a1:a6:85:08:35:40:00:d7:2f:
6d:8c:3b:a0:de:40:f0:30:f2:f6:ae:fa:63:82:27:
07:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:13:C7:4B:7A:33:2A:97:24:62:73:B8:7A:98:C5:74:E6:68:A1:8A
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/7hPHS3ozKpckYnO4epjFdOZooYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.76.0/24
80.66.88.0/24
87.251.67.0/24
87.251.75.0/24
193.37.69.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9b:dc:ca:50:19:de:23:c0:bf:bd:a8:7a:70:ef:ea:df:b8:
50:f0:f8:1d:60:d5:91:a3:f9:f2:a4:c4:db:b9:7b:28:2a:0e:
10:1b:e7:2e:d0:56:e7:9d:a4:e7:fe:41:e3:5e:ee:3a:fc:98:
a6:90:65:98:f7:86:89:49:f7:6b:3d:68:df:f7:e5:be:66:6f:
20:97:2f:44:38:94:74:de:1c:76:83:53:e5:32:bf:da:5d:cd:
ac:0e:b5:78:54:a6:19:cd:46:6b:01:b2:14:38:87:26:6d:6c:
ea:86:ac:9a:4e:22:b6:0d:2a:93:57:8c:a6:20:57:65:ef:b7:
9c:05:1d:cf:19:de:0d:25:2f:10:70:fe:d1:e8:46:c0:43:c8:
54:42:8f:fd:55:ec:ab:13:de:59:ad:6b:90:3a:c9:80:a9:81:
20:5c:28:75:8f:9d:b9:72:30:ef:25:49:9b:40:7d:fb:12:0e:
14:dd:88:fc:8e:56:4d:ab:06:7a:cd:67:b0:ed:74:c1:89:0a:
ff:52:56:80:f3:d1:8f:ce:99:a2:10:a8:7e:74:ee:31:67:9c:
64:03:43:95:fe:40:6d:ab:26:3b:27:98:12:74:a9:44:7d:3b:
1d:b6:e8:51:d9:ed:f7:86:ac:cc:84:5b:2f:ff:24:8d:67:88:
db:4f:58:df
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQkRSpYITDazB/BIWfRYLiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTEzYzc0YjdhMzMyYTk3MjQ2MjczYjg3YTk4YzU3NGU2NjhhMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS/h1cPhrggye8sM6CNewEmevymE
nIDNHAAU0qDluMYA5UgrxY0b5wM+IB5XKXszC7nCz02huOxfbsec6uU6ebIZsarc
hW+a3x1DRY+7Ee0bCk/9EPwv0B2w5VEUBZYVOlMsKDmfFLYAsztjN0t/Ge30xlb5
w5+ObOLn3PtSC7P41Yxe8WAMG+QVcbSSq9fppU+7Czv8EH2+CGC6ghGrywXzrPcE
lJHJ8/cSjBOat+Y9qoXQyxUc+jfX6uWKbhHd4Vyqwy+lx8Onz5NVFPzfB8KDTz3k
XNLcG73F/4zTTAojXVWgqYmhpoUINUAA1y9tjDug3kDwMPL2rvpjgicH8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO4Tx0t6MyqXJGJzuHqYxXTmaKGKMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvN2hQSFMzb3pLcGNrWW5PNGVwakZkT1pvb1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEJMAwQA
UEJYAwQAV/tDAwQAV/tLAwQAwSVFMA0GCSqGSIb3DQEBCwUAA4IBAQAHm9zKUBne
I8C/vah6cO/q37hQ8PgdYNWRo/nypMTbuXsoKg4QG+cu0FbnnaTn/kHjXu46/Jim
kGWY94aJSfdrPWjf9+W+Zm8gly9EOJR03hx2g1PlMr/aXc2sDrV4VKYZzUZrAbIU
OIcmbWzqhqyaTiK2DSqTV4ymIFdl77ecBR3PGd4NJS8QcP7R6EbAQ8hUQo/9Veyr
E95ZrWuQOsmAqYEgXCh1j525cjDvJUmbQH37Eg4U3Yj8jlZNqwZ6zWew7XTBiQr/
UlaA89GPzpmiEKh+dO4xZ5xkA0OV/kBtqyY7J5gSdKlEfTsdtuhR2e33hqzMhFsv
/ySNZ4jbT1jf
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:13:55 2025 by rpki-client