Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/gP44vzJ3gnhZXSTr-dByPMsh9sQ.roa
File: gP44vzJ3gnhZXSTr-dByPMsh9sQ.roa (raw, json)
Hash identifier: GN6B8sBQBK3uYlljj3IIJ9R02jF9FOlNyAtU4HbxCV8=
Subject key identifier: 80:FE:38:BF:32:77:82:78:59:5D:24:EB:F9:D0:72:3C:CB:21:F6:C4
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 01965D7A2E5700243DB0DF119A5AF7889696
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/gP44vzJ3gnhZXSTr-dByPMsh9sQ.roa
Signing time: Tue 22 Apr 2025 12:30:10 +0000
ROA not before: Tue 22 Apr 2025 12:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 141.226.245.0/24 maxlen: 24
141.226.246.0/24 maxlen: 24
213.137.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 07:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:7a:2e:57:00:24:3d:b0:df:11:9a:5a:f7:88:96:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Apr 22 12:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80fe38bf32778278595d24ebf9d0723ccb21f6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:28:da:7b:cc:e2:44:59:28:a9:02:e6:38:e5:
4f:29:3d:fc:62:1d:72:9b:eb:d6:81:ea:3e:f2:c1:
e9:c6:22:f7:56:06:a9:92:b9:ab:0f:78:6a:73:bc:
58:58:96:a7:ea:9e:99:ee:4f:85:ad:2c:ef:83:5b:
98:1e:f1:dc:4b:e1:23:09:78:e9:c4:21:2f:a5:69:
6e:bd:53:5e:03:32:98:3f:24:b4:09:45:38:50:12:
e5:af:ce:37:59:88:3a:28:71:2b:34:97:40:5d:e6:
19:76:51:f3:af:83:08:28:a8:94:6d:4c:92:68:83:
0b:5f:fd:1b:89:a5:70:a9:03:ba:2b:e8:38:d2:11:
bb:de:cf:62:a4:4c:ce:c7:a2:b6:3c:be:6f:99:ce:
9b:e9:df:76:4a:76:fb:79:63:cb:b4:ee:c0:cc:ce:
55:0b:63:e7:6c:7b:37:54:6f:78:34:f2:6b:37:fa:
ef:d7:88:35:06:c8:11:d2:30:de:6c:cc:a8:a7:25:
06:f7:75:97:1b:08:ac:fd:28:27:3c:94:09:2e:9a:
fd:62:c8:1f:c5:da:98:86:e3:7d:e5:89:3f:5d:dd:
9c:1b:82:45:ba:b5:dc:2e:8c:3d:81:25:b7:ae:63:
92:44:30:06:c0:c3:be:a1:a2:9a:0a:00:eb:db:70:
4b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FE:38:BF:32:77:82:78:59:5D:24:EB:F9:D0:72:3C:CB:21:F6:C4
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/gP44vzJ3gnhZXSTr-dByPMsh9sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.245.0-141.226.246.255
213.137.82.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:02:fe:7b:79:36:49:07:35:48:b0:75:0e:9a:02:9d:d9:79:
3c:db:d8:03:04:99:9d:c1:00:10:40:cb:9e:a0:55:c5:c1:03:
7d:63:56:aa:08:66:5c:83:8d:d7:bf:37:2e:3d:36:7f:3e:bc:
f6:e5:9c:9b:30:02:a6:54:07:70:03:e3:88:1f:13:f0:06:1c:
b9:77:c3:79:f3:8d:40:43:43:de:9d:48:37:70:8a:4f:fb:87:
c6:3e:54:9d:e6:95:62:8c:03:3b:97:1c:59:10:7e:5d:e7:41:
65:d3:7d:8e:90:f0:f6:28:26:a9:c6:a2:20:fe:da:8a:b9:f2:
1f:58:39:d1:96:9d:0f:f8:fa:38:3a:e1:e0:21:61:a6:ce:f1:
09:01:b4:76:93:e3:72:33:27:a7:3a:6e:eb:cf:e1:09:c9:d7:
03:ed:28:c3:b1:d1:79:ee:05:88:a1:a5:2f:50:f6:03:30:f2:
cf:fa:0f:12:94:be:ed:08:34:77:87:9f:e6:37:bc:f9:76:4e:
d7:e5:76:5d:f5:1d:d3:69:b2:2a:8b:f0:74:16:ef:f0:68:cb:
1e:8a:a7:83:12:58:3c:ca:07:de:ff:8d:8f:34:9d:a2:54:76:
98:1a:c2:5f:d0:e8:e5:b8:6b:04:e6:0a:ab:0b:b5:a7:c8:3b:
89:33:26:54
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZZdei5XACQ9sN8Rmlr3iJaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjUwNDIyMTIzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGZlMzhiZjMyNzc4Mjc4NTk1ZDI0ZWJmOWQwNzIzY2NiMjFmNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yjae8ziRFkoqQLmOOVPKT38Yh1y
m+vWgeo+8sHpxiL3VgapkrmrD3hqc7xYWJan6p6Z7k+FrSzvg1uYHvHcS+EjCXjp
xCEvpWluvVNeAzKYPyS0CUU4UBLlr843WYg6KHErNJdAXeYZdlHzr4MIKKiUbUyS
aIMLX/0biaVwqQO6K+g40hG73s9ipEzOx6K2PL5vmc6b6d92Snb7eWPLtO7AzM5V
C2PnbHs3VG94NPJrN/rv14g1BsgR0jDebMyopyUG93WXGwis/SgnPJQJLpr9Ysgf
xdqYhuN95Yk/Xd2cG4JFurXcLow9gSW3rmOSRDAGwMO+oaKaCgDr23BLGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFID+OL8yd4J4WV0k6/nQcjzLIfbEMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvZ1A0NHZ6SjNnbmhaWFNUci1kQnlQTXNoOXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACN4vUD
BACN4vYDBADViVIwDQYJKoZIhvcNAQELBQADggEBAI0C/nt5NkkHNUiwdQ6aAp3Z
eTzb2AMEmZ3BABBAy56gVcXBA31jVqoIZlyDjde/Ny49Nn8+vPblnJswAqZUB3AD
44gfE/AGHLl3w3nzjUBDQ96dSDdwik/7h8Y+VJ3mlWKMAzuXHFkQfl3nQWXTfY6Q
8PYoJqnGoiD+2oq58h9YOdGWnQ/4+jg64eAhYabO8QkBtHaT43IzJ6c6buvP4QnJ
1wPtKMOx0XnuBYihpS9Q9gMw8s/6DxKUvu0INHeHn+Y3vPl2Ttfldl31HdNpsiqL
8HQW7/Boyx6Kp4MSWDzKB97/jY80naJUdpgawl/Q6OW4awTmCqsLtafIO4kzJlQ=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:09:24 2025 by rpki-client