Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/EOrGg239mEhIIGpPAm1UEGUw8R8.roa
File: EOrGg239mEhIIGpPAm1UEGUw8R8.roa (raw, json)
Hash identifier: pwJfDEXGNNrjBq0TfDo99n7sy7B2I+Y2E4BujWcwnmc=
Subject key identifier: 10:EA:C6:83:6D:FD:98:48:48:20:6A:4F:02:6D:54:10:65:30:F1:1F
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 0194221FD75AD34B0ADCDA8B27BC340363CA
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/EOrGg239mEhIIGpPAm1UEGUw8R8.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 213.137.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 07:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d7:5a:d3:4b:0a:dc:da:8b:27:bc:34:03:63:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10eac6836dfd984848206a4f026d54106530f11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:dd:05:0e:c3:64:5b:18:82:68:d5:43:87:a1:
0a:96:fe:48:8e:b1:39:af:d6:e1:9e:ef:82:c0:7b:
db:31:40:d1:36:68:cc:1b:7e:27:cc:62:25:4a:6a:
4c:74:d6:a7:75:41:24:70:15:87:37:83:60:c3:88:
67:b4:4f:4d:1d:8f:80:71:47:ea:14:f2:d6:1c:df:
32:26:01:f5:34:63:41:95:86:78:d2:2a:5a:07:0d:
d3:54:b7:64:76:01:0a:68:34:f0:97:83:60:ce:b0:
88:12:02:45:5e:91:28:df:80:d2:0a:bb:63:55:e4:
18:66:58:b6:d8:16:24:35:c2:3f:77:d7:26:86:08:
6d:15:8f:d7:a0:1b:c1:50:d3:87:e3:f5:a6:bb:fd:
40:cd:85:28:24:0e:fc:22:34:0a:53:6d:b3:0f:5d:
eb:dd:d4:db:54:a2:96:58:f8:55:79:3a:d0:33:3c:
40:cc:4b:ff:95:59:44:6d:dc:b7:79:06:d9:d4:3f:
18:13:1e:d6:9d:94:94:d1:bd:ce:02:0f:11:96:7b:
e2:ff:3c:31:f9:52:21:c0:8a:92:1c:8e:ea:3b:8f:
3d:5b:1e:e7:7f:d3:6d:99:4d:7e:34:cb:d8:26:00:
88:24:fc:90:eb:89:af:6c:34:4a:7c:84:1d:cb:a1:
92:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EA:C6:83:6D:FD:98:48:48:20:6A:4F:02:6D:54:10:65:30:F1:1F
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/EOrGg239mEhIIGpPAm1UEGUw8R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.137.95.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:a5:cf:c0:8e:2f:1a:1c:97:9a:5d:fa:33:df:7a:93:60:77:
9f:7c:26:03:33:25:e0:dc:0b:9c:4d:7a:24:b5:f6:31:92:47:
b6:3f:20:24:dc:1f:43:15:81:93:b2:74:39:1f:77:24:af:09:
96:08:75:e2:22:09:07:7c:60:67:3e:b7:e8:4b:aa:58:78:2d:
de:9e:35:2d:c9:be:47:0b:28:75:65:d9:5b:5d:ff:fc:f9:0d:
3c:9e:7e:0d:1b:2c:8d:24:10:7f:98:14:26:19:b6:72:ea:33:
61:71:b2:76:d5:28:6c:8f:08:0b:08:cf:62:e2:fe:3c:f9:e0:
1d:9d:fa:d4:36:ee:25:64:4c:1d:ba:85:f0:08:dc:87:d8:67:
02:34:2f:fd:ca:cc:b4:e7:c7:d8:f5:40:80:67:74:fb:46:1d:
9e:10:69:97:5c:16:88:43:ce:a1:d2:1e:e1:55:6b:5b:62:bf:
ec:d8:88:d9:9d:f5:b9:90:ed:fa:51:1a:74:55:25:fd:d7:18:
22:bc:25:c8:c5:ca:9d:12:ca:df:98:7f:da:40:2d:1b:23:b1:
b2:87:66:41:ff:f0:37:08:1e:89:8e:49:6e:10:ad:2c:33:aa:
0b:52:b9:9d:e4:b8:38:c4:de:c0:97:f6:33:b7:1d:50:fd:e2:
6f:13:f5:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH9da00sK3NqLJ7w0A2PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGVhYzY4MzZkZmQ5ODQ4NDgyMDZhNGYwMjZkNTQxMDY1MzBmMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA390FDsNkWxiCaNVDh6EKlv5IjrE5
r9bhnu+CwHvbMUDRNmjMG34nzGIlSmpMdNandUEkcBWHN4Ngw4hntE9NHY+AcUfq
FPLWHN8yJgH1NGNBlYZ40ipaBw3TVLdkdgEKaDTwl4NgzrCIEgJFXpEo34DSCrtj
VeQYZli22BYkNcI/d9cmhghtFY/XoBvBUNOH4/Wmu/1AzYUoJA78IjQKU22zD13r
3dTbVKKWWPhVeTrQMzxAzEv/lVlEbdy3eQbZ1D8YEx7WnZSU0b3OAg8Rlnvi/zwx
+VIhwIqSHI7qO489Wx7nf9NtmU1+NMvYJgCIJPyQ64mvbDRKfIQdy6GSAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDqxoNt/ZhISCBqTwJtVBBlMPEfMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvRU9yR2cyMzltRWhJSUdwUEFtMVVFR1V3OFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YlfMA0G
CSqGSIb3DQEBCwUAA4IBAQArpc/Aji8aHJeaXfoz33qTYHeffCYDMyXg3AucTXok
tfYxkke2PyAk3B9DFYGTsnQ5H3ckrwmWCHXiIgkHfGBnPrfoS6pYeC3enjUtyb5H
Cyh1ZdlbXf/8+Q08nn4NGyyNJBB/mBQmGbZy6jNhcbJ21ShsjwgLCM9i4v48+eAd
nfrUNu4lZEwduoXwCNyH2GcCNC/9ysy058fY9UCAZ3T7Rh2eEGmXXBaIQ86h0h7h
VWtbYr/s2IjZnfW5kO36URp0VSX91xgivCXIxcqdEsrfmH/aQC0bI7Gyh2ZB//A3
CB6JjkluEK0sM6oLUrmd5Lg4xN7Al/Yztx1Q/eJvE/Wt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:52 2025 by rpki-client