Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/l__y_rjFU4E6bYBViKhLSwMe8tk.roa
File: l__y_rjFU4E6bYBViKhLSwMe8tk.roa (raw, json)
Hash identifier: Jgpu8PQzJ8AjNR/p/0NrgISgiXtMzUyY1YA/3lrYbuY=
Subject key identifier: 97:FF:F2:FE:B8:C5:53:81:3A:6D:80:55:88:A8:4B:4B:03:1E:F2:D9
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195137D7032B1A5CFDE69CD1767768A1144
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/l__y_rjFU4E6bYBViKhLSwMe8tk.roa
Signing time: Mon 17 Feb 2025 10:39:02 +0000
ROA not before: Mon 17 Feb 2025 10:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213245
IP address blocks: 188.132.211.0/24 maxlen: 24
188.132.225.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 12:10:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:7d:70:32:b1:a5:cf:de:69:cd:17:67:76:8a:11:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 17 10:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97fff2feb8c553813a6d805588a84b4b031ef2d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:47:8f:f1:a8:bb:6b:08:cd:50:fc:a4:06:
18:70:aa:bd:9d:07:b5:59:78:1b:35:b2:f4:44:78:
5f:20:31:7f:81:e3:03:81:dd:40:67:0b:e2:ab:db:
f3:32:a8:ec:8c:d3:3b:d3:68:4b:2f:79:fd:04:6c:
8f:19:17:f1:ac:54:47:79:2c:35:17:69:f3:c0:b7:
08:38:40:5a:ec:b2:d2:46:71:56:61:41:1f:3d:f6:
bc:6f:6d:c5:e6:15:9b:b9:27:33:c5:bf:aa:a0:10:
6f:a4:88:97:1b:cd:33:b8:ed:07:e7:ac:e3:b7:67:
d0:5f:9c:6f:aa:a8:5a:9c:2b:c6:14:5b:8e:de:66:
fa:ac:32:d7:46:68:2c:31:57:dc:5b:37:f2:01:67:
c6:bb:06:29:f2:8c:d2:a3:81:02:ff:74:f8:b9:41:
5a:92:82:24:4a:23:b3:e3:47:8a:99:6e:5a:cc:27:
00:22:50:d1:cb:b5:02:ec:69:aa:2c:70:fd:13:a5:
f3:a8:09:7a:3c:fb:bf:88:35:76:79:40:52:cf:a1:
1e:9f:cf:4c:aa:ff:aa:15:28:d5:54:38:37:0c:d6:
f9:2c:e0:e0:79:17:e9:db:db:23:b1:3a:88:f5:a7:
74:4c:73:5c:a1:40:6a:4e:b5:6f:17:f1:06:14:8e:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:FF:F2:FE:B8:C5:53:81:3A:6D:80:55:88:A8:4B:4B:03:1E:F2:D9
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/l__y_rjFU4E6bYBViKhLSwMe8tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.211.0/24
188.132.225.0/24
212.68.59.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ff:96:65:85:54:51:4e:71:0c:be:b2:fc:88:99:c7:b2:ef:
e0:01:f6:61:41:9c:81:53:f7:d0:f0:07:9f:4e:29:bd:87:f6:
d9:b0:3e:e2:41:fd:bd:62:41:7b:e4:e8:63:6f:4e:ad:fd:43:
94:5d:74:cf:82:0a:ae:08:94:a4:18:6d:50:66:3b:2e:c6:4a:
58:3b:c7:39:d7:5d:25:e0:02:c3:69:a6:d7:bd:95:88:7d:76:
60:30:4e:74:2e:74:b3:fa:96:c2:ee:16:ed:4b:78:9d:03:e2:
e2:a7:ed:a7:4d:c7:6a:4d:32:c6:71:d8:6a:f8:11:a6:b5:a3:
8a:e4:1d:78:9a:1a:67:28:92:8c:b7:28:70:f9:3a:a1:4a:9a:
70:76:f1:78:36:8f:21:e3:a9:e4:7d:79:37:37:88:37:83:32:
a7:8e:21:c0:69:76:89:a4:60:77:55:b0:68:4f:98:96:72:5a:
97:9d:cc:eb:2a:96:5f:3a:13:0d:41:f1:88:d7:0e:b7:45:b6:
20:07:5b:08:df:6c:18:9d:77:51:de:95:48:7d:7e:b4:48:ff:
0d:44:b4:b7:58:e1:7e:1b:4a:1c:dd:b2:b7:8c:40:d1:25:68:
65:aa:f7:06:58:be:ab:bd:5d:2e:f6:e5:04:18:5b:2e:c7:2f:
ef:6c:a1:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUTfXAysaXP3mnNF2d2ihFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjE3MTAzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2ZmZjJmZWI4YzU1MzgxM2E2ZDgwNTU4OGE4NGI0YjAzMWVmMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ9Hj/Gou2sIzVD8pAYYcKq9nQe1
WXgbNbL0RHhfIDF/geMDgd1AZwviq9vzMqjsjNM702hLL3n9BGyPGRfxrFRHeSw1
F2nzwLcIOEBa7LLSRnFWYUEfPfa8b23F5hWbuSczxb+qoBBvpIiXG80zuO0H56zj
t2fQX5xvqqhanCvGFFuO3mb6rDLXRmgsMVfcWzfyAWfGuwYp8ozSo4EC/3T4uUFa
koIkSiOz40eKmW5azCcAIlDRy7UC7GmqLHD9E6XzqAl6PPu/iDV2eUBSz6Een89M
qv+qFSjVVDg3DNb5LODgeRfp29sjsTqI9ad0THNcoUBqTrVvF/EGFI7OiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJf/8v64xVOBOm2AVYioS0sDHvLZMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbF9feV9yakZVNEU2YllCVmlLaExTd01lOHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvITTAwQA
vIThAwQA1EQ7MA0GCSqGSIb3DQEBCwUAA4IBAQAd/5ZlhVRRTnEMvrL8iJnHsu/g
AfZhQZyBU/fQ8AefTim9h/bZsD7iQf29YkF75Ohjb06t/UOUXXTPggquCJSkGG1Q
ZjsuxkpYO8c5110l4ALDaabXvZWIfXZgME50LnSz+pbC7hbtS3idA+Lip+2nTcdq
TTLGcdhq+BGmtaOK5B14mhpnKJKMtyhw+TqhSppwdvF4No8h46nkfXk3N4g3gzKn
jiHAaXaJpGB3VbBoT5iWclqXnczrKpZfOhMNQfGI1w63RbYgB1sI32wYnXdR3pVI
fX60SP8NRLS3WOF+G0oc3bK3jEDRJWhlqvcGWL6rvV0u9uUEGFsuxy/vbKEA
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:52:54 2025 by rpki-client