Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/2tNkH2gbzuk0eQj1I4bBhHiXC1k.roa
File: 2tNkH2gbzuk0eQj1I4bBhHiXC1k.roa (raw, json)
Hash identifier: IdXv2N4FKVTgsLh7Oc+7stuQE+GOyfvn3Bw0j3OolLo=
Subject key identifier: DA:D3:64:1F:68:1B:CE:E9:34:79:08:F5:23:86:C1:84:78:97:0B:59
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 01954B7EDBC64740B9B4DB3253E1C69EF246
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/2tNkH2gbzuk0eQj1I4bBhHiXC1k.roa
Signing time: Fri 28 Feb 2025 07:39:19 +0000
ROA not before: Fri 28 Feb 2025 07:39:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 141.226.245.0/24 maxlen: 24
213.137.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 10:07:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:7e:db:c6:47:40:b9:b4:db:32:53:e1:c6:9e:f2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Feb 28 07:39:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dad3641f681bcee9347908f52386c18478970b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:db:a9:8a:cf:9f:e9:df:2d:aa:28:8c:4f:17:
6d:93:28:70:b1:75:c8:4c:96:21:3e:eb:d7:10:ff:
73:e6:55:87:d0:c1:aa:03:0d:cd:0d:5f:a5:20:76:
20:0b:83:79:fa:1c:26:91:53:20:85:6f:55:e6:21:
d1:ec:a5:dd:6d:69:39:8c:b3:e5:8d:3c:61:73:67:
b1:f6:41:ea:df:3d:64:df:25:3f:29:a4:24:ab:75:
7f:d7:a0:1f:0a:71:4c:3a:1a:ff:e0:fa:c8:90:2a:
0b:2c:9c:00:4d:bb:4a:18:b0:d6:94:40:bb:1a:72:
34:ab:ee:f9:01:a2:6a:c2:37:70:d9:f8:60:45:af:
6d:19:f9:f7:b9:2c:97:01:82:09:a9:c2:26:57:f3:
ca:af:ee:ce:0c:68:fb:38:e6:b8:77:c7:9b:a6:e3:
cc:b5:60:16:6e:f8:f2:38:be:4f:78:86:79:6c:5f:
6c:00:b5:4f:c5:8d:e3:62:22:93:c8:ba:b2:60:6e:
28:6e:27:07:9d:8f:80:87:86:98:71:86:4f:a1:6f:
39:ee:5e:ae:91:2d:07:0e:91:7b:9e:61:1a:69:d9:
3f:39:91:08:3f:73:f0:80:fc:74:c5:b6:92:15:dd:
99:42:6d:e3:7d:88:a2:37:3c:78:10:05:31:54:53:
6a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D3:64:1F:68:1B:CE:E9:34:79:08:F5:23:86:C1:84:78:97:0B:59
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/2tNkH2gbzuk0eQj1I4bBhHiXC1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.245.0/24
213.137.88.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ab:37:3c:b9:7d:05:93:4a:40:03:00:b9:e0:f3:ca:e2:1e:
f1:3b:fc:32:2b:be:02:67:bd:f2:65:4a:21:96:bd:08:94:63:
e1:d3:f1:e4:19:c8:2e:80:10:e8:ba:1d:77:64:46:a0:b7:a3:
7a:e3:7e:58:10:07:c3:92:4b:04:0d:50:4a:55:6d:aa:bf:1b:
a4:6a:3f:63:60:3b:94:69:77:7e:a3:5e:47:d6:36:bb:ad:86:
ca:97:1e:4c:1d:63:ab:7f:bc:3c:9c:9e:2f:30:c4:c3:de:2c:
3d:74:ef:3f:d1:91:a5:a1:7b:bb:e4:d3:38:8d:67:53:5f:de:
92:4a:eb:a4:da:23:61:25:8c:dc:4f:fb:89:8d:0d:28:30:54:
5f:bf:d6:06:c2:af:08:ae:fc:bf:37:01:09:79:59:98:16:ca:
ba:61:37:6c:18:ec:eb:0b:61:6a:92:57:bd:58:22:e9:04:d3:
8d:3b:80:3e:1f:5a:5b:c3:bb:02:66:47:48:21:cf:bc:21:03:
b8:e9:96:1e:5b:96:07:38:09:ea:51:99:67:99:72:5b:80:db:
90:bb:b8:36:49:59:61:7a:ca:b2:f8:31:51:32:89:28:85:e0:
16:83:3b:5a:ea:0c:8a:ff:ac:d9:20:41:44:f1:82:55:d3:ec:
79:bf:76:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVLftvGR0C5tNsyU+HGnvJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMjI4MDczOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQzNjQxZjY4MWJjZWU5MzQ3OTA4ZjUyMzg2YzE4NDc4OTcwYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNupis+f6d8tqiiMTxdtkyhwsXXI
TJYhPuvXEP9z5lWH0MGqAw3NDV+lIHYgC4N5+hwmkVMghW9V5iHR7KXdbWk5jLPl
jTxhc2ex9kHq3z1k3yU/KaQkq3V/16AfCnFMOhr/4PrIkCoLLJwATbtKGLDWlEC7
GnI0q+75AaJqwjdw2fhgRa9tGfn3uSyXAYIJqcImV/PKr+7ODGj7OOa4d8ebpuPM
tWAWbvjyOL5PeIZ5bF9sALVPxY3jYiKTyLqyYG4obicHnY+Ah4aYcYZPoW857l6u
kS0HDpF7nmEaadk/OZEIP3PwgPx0xbaSFd2ZQm3jfYiiNzx4EAUxVFNqdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNrTZB9oG87pNHkI9SOGwYR4lwtZMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvMnROa0gyZ2J6dWswZVFqMUk0YkJoSGlYQzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjeL1AwQA
1YlYMA0GCSqGSIb3DQEBCwUAA4IBAQAIqzc8uX0Fk0pAAwC54PPK4h7xO/wyK74C
Z73yZUohlr0IlGPh0/HkGcgugBDouh13ZEagt6N6435YEAfDkksEDVBKVW2qvxuk
aj9jYDuUaXd+o15H1ja7rYbKlx5MHWOrf7w8nJ4vMMTD3iw9dO8/0ZGloXu75NM4
jWdTX96SSuuk2iNhJYzcT/uJjQ0oMFRfv9YGwq8Irvy/NwEJeVmYFsq6YTdsGOzr
C2Fqkle9WCLpBNONO4A+H1pbw7sCZkdIIc+8IQO46ZYeW5YHOAnqUZlnmXJbgNuQ
u7g2SVlhesqy+DFRMokoheAWgzta6gyK/6zZIEFE8YJV0+x5v3YH
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:12:55 2025 by rpki-client