Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/A0pjcGiCQlsz0cPEcRSU8-T0st0.roa
File: A0pjcGiCQlsz0cPEcRSU8-T0st0.roa (raw, json)
Hash identifier: wlIJBOaK/Ba/VXGO0An5rneXA4MgcafRfoSQ1mUtHt0=
Subject key identifier: 03:4A:63:70:68:82:42:5B:33:D1:C3:C4:71:14:94:F3:E4:F4:B2:DD
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0194EFA8BC8AFE7862D909DBF3B6AC0087F7
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/A0pjcGiCQlsz0cPEcRSU8-T0st0.roa
Signing time: Mon 10 Feb 2025 11:40:00 +0000
ROA not before: Mon 10 Feb 2025 11:40:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 213.232.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 20 Feb 2025 07:58:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:a8:bc:8a:fe:78:62:d9:09:db:f3:b6:ac:00:87:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 10 11:40:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=034a63706882425b33d1c3c4711494f3e4f4b2dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:32:21:b9:85:cc:70:1d:b5:d3:69:5a:1d:16:
23:22:f2:84:f4:99:18:0e:40:15:35:9d:7d:16:da:
7a:79:0e:5b:6b:d0:f7:54:e0:bc:8b:b2:2a:ac:bf:
20:68:91:7b:6e:b6:6d:1a:2a:5d:1a:2d:12:74:5b:
07:68:39:55:40:5c:78:31:9f:68:b3:31:01:fa:a1:
5b:1a:29:5d:5a:5a:ec:da:27:75:44:9a:fc:bf:69:
f0:4d:ca:b6:56:c2:d0:cb:3b:ca:d0:a9:05:f8:88:
38:d2:cf:f9:4c:e0:c9:ae:2a:a3:6e:a2:13:9d:bc:
4b:a4:e9:14:70:8d:b5:a2:44:c4:5c:6a:36:13:bf:
53:a1:74:87:27:cc:6e:ca:5b:23:67:c9:87:e9:a4:
59:9c:f1:34:c0:e1:67:9f:17:0b:91:b7:a1:6f:ea:
09:a5:98:07:4f:cd:1d:63:d7:4c:08:64:56:a2:26:
61:60:63:82:2f:a7:f4:20:f4:d8:3a:ec:5c:38:da:
96:4c:b1:8f:ab:d8:20:e8:a7:97:4d:23:b1:ae:25:
c6:d1:ca:03:88:7c:ee:fb:6e:fd:08:06:a8:60:20:
53:04:db:06:30:d7:49:d8:79:4f:41:5b:cf:1c:72:
86:75:e8:57:64:e9:83:a9:78:ba:86:94:b5:e8:05:
e3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4A:63:70:68:82:42:5B:33:D1:C3:C4:71:14:94:F3:E4:F4:B2:DD
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/A0pjcGiCQlsz0cPEcRSU8-T0st0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.116.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:4f:a2:77:23:d1:cf:78:17:f6:32:59:a4:98:e7:e7:a8:86:
79:79:13:f6:0f:62:cd:9f:70:5a:29:ee:b3:71:35:bf:3e:ad:
dd:08:47:d3:eb:59:16:b6:d7:cd:0b:ed:69:3c:63:d4:d7:80:
66:dc:6e:d9:5d:02:66:07:34:2b:b3:31:d2:10:9e:6b:08:60:
d0:59:e4:26:04:5c:05:68:86:c8:d6:e4:f8:66:5b:f8:68:b6:
5d:71:49:c9:93:fc:6b:fb:1f:90:99:d0:1d:7f:06:05:83:e9:
c4:d0:03:68:06:3a:2f:7b:02:66:43:1e:fe:fd:aa:64:f9:1e:
92:87:00:66:71:7b:aa:fd:88:20:42:2a:5a:3d:de:9c:0d:8d:
4c:e4:e1:6f:d5:b9:37:d8:79:e0:ee:50:de:6d:19:e7:02:81:
4a:99:5f:13:75:2f:64:bc:64:bf:ca:50:33:c1:65:26:24:f6:
9d:00:a3:bc:2e:dc:cd:be:2b:25:96:f3:1c:80:e7:4d:11:7d:
56:21:96:0c:31:7e:15:03:91:b4:ab:31:18:74:30:f8:7d:c1:
31:76:a4:ea:cb:77:3c:b1:af:0f:e8:97:51:88:0f:71:63:3d:
d8:f0:e0:4f:22:d8:8c:ec:ba:60:97:d1:60:4a:ff:6c:36:3f:
f9:0b:a1:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTvqLyK/nhi2Qnb87asAIf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMjEwMTE0MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRhNjM3MDY4ODI0MjViMzNkMWMzYzQ3MTE0OTRmM2U0ZjRiMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTIhuYXMcB2102laHRYjIvKE9JkY
DkAVNZ19Ftp6eQ5ba9D3VOC8i7IqrL8gaJF7brZtGipdGi0SdFsHaDlVQFx4MZ9o
szEB+qFbGildWlrs2id1RJr8v2nwTcq2VsLQyzvK0KkF+Ig40s/5TODJriqjbqIT
nbxLpOkUcI21okTEXGo2E79ToXSHJ8xuylsjZ8mH6aRZnPE0wOFnnxcLkbehb+oJ
pZgHT80dY9dMCGRWoiZhYGOCL6f0IPTYOuxcONqWTLGPq9gg6KeXTSOxriXG0coD
iHzu+279CAaoYCBTBNsGMNdJ2HlPQVvPHHKGdehXZOmDqXi6hpS16AXjAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANKY3BogkJbM9HDxHEUlPPk9LLdMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvQTBwamNHaUNRbHN6MGNQRWNSU1U4LVQwc3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1eh0MA0G
CSqGSIb3DQEBCwUAA4IBAQB7T6J3I9HPeBf2MlmkmOfnqIZ5eRP2D2LNn3BaKe6z
cTW/Pq3dCEfT61kWttfNC+1pPGPU14Bm3G7ZXQJmBzQrszHSEJ5rCGDQWeQmBFwF
aIbI1uT4Zlv4aLZdcUnJk/xr+x+QmdAdfwYFg+nE0ANoBjovewJmQx7+/apk+R6S
hwBmcXuq/YggQipaPd6cDY1M5OFv1bk32Hng7lDebRnnAoFKmV8TdS9kvGS/ylAz
wWUmJPadAKO8LtzNvisllvMcgOdNEX1WIZYMMX4VA5G0qzEYdDD4fcExdqTqy3c8
sa8P6JdRiA9xYz3Y8OBPItiM7Lpgl9FgSv9sNj/5C6Gx
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:36:33 2025 by rpki-client