Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cPIlgz9HZ_eslmdoZKXif8A7Rsk.roa
File: cPIlgz9HZ_eslmdoZKXif8A7Rsk.roa (raw, json)
Hash identifier: OM3LqFuPPoa+sDSlxBrKMtwQr3DGwF/VQ4w35FMX804=
Subject key identifier: 70:F2:25:83:3F:47:67:F7:AC:96:67:68:64:A5:E2:7F:C0:3B:46:C9
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746A2B57A41675A0D0FB2E394E44FDD
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cPIlgz9HZ_eslmdoZKXif8A7Rsk.roa
Signing time: Thu 02 Jan 2025 13:48:48 +0000
ROA not before: Thu 02 Jan 2025 13:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198662
IP address blocks: 188.132.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 13:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:a2:b5:7a:41:67:5a:0d:0f:b2:e3:94:e4:4f:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70f225833f4767f7ac96676864a5e27fc03b46c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a7:ba:fe:57:d8:4a:9b:a9:5e:58:44:0d:cd:
19:5d:c6:a4:96:42:42:0c:8c:83:fa:4b:2b:11:99:
6c:bf:36:ed:71:21:40:cf:a2:9f:b3:f6:ce:b4:ae:
2e:ff:09:9a:93:a8:4b:ec:f7:21:82:1e:bc:79:ce:
79:ea:0a:ae:57:54:e2:60:1f:03:b8:40:cc:60:57:
95:8f:ae:75:e8:c7:7a:3c:3d:f2:6b:78:77:e6:58:
9d:71:a5:78:a0:ac:9d:d2:c2:f1:6b:cf:ae:b7:e4:
53:04:e5:6f:84:6b:16:db:15:df:1f:01:1c:53:f4:
7f:ba:b0:5a:4e:b4:ab:11:2c:78:60:ad:db:d0:89:
2e:f2:2a:d8:98:5f:68:77:cc:93:70:d5:72:ca:8c:
31:ca:17:ba:91:35:3a:4b:55:2d:03:94:79:e8:dd:
3d:3f:e2:b4:12:f8:90:17:c5:63:84:78:54:f9:53:
03:7c:db:02:5e:ac:f3:40:c5:e2:9d:f9:e6:30:c2:
b6:f4:35:1a:03:22:85:a2:9a:fc:d3:12:52:fb:9e:
ef:68:b9:8c:0d:cb:5e:5a:cf:22:79:be:c8:8e:61:
c5:45:b5:01:be:0a:15:4f:43:a0:86:be:21:d4:5a:
56:f2:82:09:fa:9b:61:29:eb:ae:cb:d1:c2:50:ec:
99:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F2:25:83:3F:47:67:F7:AC:96:67:68:64:A5:E2:7F:C0:3B:46:C9
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/cPIlgz9HZ_eslmdoZKXif8A7Rsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.164.0/24
Signature Algorithm: sha256WithRSAEncryption
31:4f:90:10:80:dc:39:cb:f9:ed:cd:7d:b0:98:8e:8d:a2:60:
a5:53:8f:37:06:25:8f:57:aa:93:d7:3b:51:bb:8e:f5:85:67:
aa:07:5e:d1:ba:98:78:95:d5:46:cf:be:d8:ce:ce:bf:59:4f:
d8:72:92:44:80:31:cc:7c:ce:53:25:75:96:f3:b8:e9:77:9a:
70:f6:02:a8:ce:94:40:24:fd:39:a3:75:ff:ba:4b:d8:73:64:
2e:90:c6:8c:0f:f6:0b:bd:46:23:07:f8:f4:2b:33:03:66:c2:
06:be:10:d4:70:50:76:8f:42:44:1f:8e:bb:cb:a2:6c:73:f5:
ef:ed:f5:bc:6a:61:eb:68:70:53:dc:11:f4:0d:f5:d9:64:0b:
12:42:b8:4c:28:aa:1e:d2:65:8c:98:8f:00:34:14:ae:9f:41:
59:96:b8:60:6f:40:9c:01:63:25:e6:33:64:1d:49:6d:5b:50:
a6:d6:36:89:09:00:38:48:87:2e:0d:45:53:a2:4e:c4:a1:6c:
6d:7f:e3:37:38:2b:7d:6d:77:73:06:45:89:54:e3:66:68:9c:
d7:c9:1f:99:a5:3e:df:5d:0a:7b:ca:92:cd:4c:cb:42:f9:56:
1d:59:e3:9a:d5:42:68:78:dc:8f:73:b3:35:1d:a1:a4:5f:cf:
66:fd:65:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRqK1ekFnWg0PsuOU5E/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGYyMjU4MzNmNDc2N2Y3YWM5NjY3Njg2NGE1ZTI3ZmMwM2I0NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qe6/lfYSpupXlhEDc0ZXcaklkJC
DIyD+ksrEZlsvzbtcSFAz6Kfs/bOtK4u/wmak6hL7Pchgh68ec556gquV1TiYB8D
uEDMYFeVj6516Md6PD3ya3h35lidcaV4oKyd0sLxa8+ut+RTBOVvhGsW2xXfHwEc
U/R/urBaTrSrESx4YK3b0Iku8irYmF9od8yTcNVyyowxyhe6kTU6S1UtA5R56N09
P+K0EviQF8VjhHhU+VMDfNsCXqzzQMXinfnmMMK29DUaAyKFopr80xJS+57vaLmM
DcteWs8ieb7IjmHFRbUBvgoVT0Oghr4h1FpW8oIJ+pthKeuuy9HCUOyZEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHDyJYM/R2f3rJZnaGSl4n/AO0bJMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvY1BJbGd6OUhaX2VzbG1kb1pLWGlmOEE3UnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvISkMA0G
CSqGSIb3DQEBCwUAA4IBAQAxT5AQgNw5y/ntzX2wmI6NomClU483BiWPV6qT1ztR
u471hWeqB17Ruph4ldVGz77Yzs6/WU/YcpJEgDHMfM5TJXWW87jpd5pw9gKozpRA
JP05o3X/ukvYc2QukMaMD/YLvUYjB/j0KzMDZsIGvhDUcFB2j0JEH467y6Jsc/Xv
7fW8amHraHBT3BH0DfXZZAsSQrhMKKoe0mWMmI8ANBSun0FZlrhgb0CcAWMl5jNk
HUltW1Cm1jaJCQA4SIcuDUVTok7EoWxtf+M3OCt9bXdzBkWJVONmaJzXyR+ZpT7f
XQp7ypLNTMtC+VYdWeOa1UJoeNyPc7M1HaGkX89m/WXW
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:55:22 2025 by rpki-client