Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9cbDc8m8SecjUN9ks2QYXH-6xbg.roa
File: 9cbDc8m8SecjUN9ks2QYXH-6xbg.roa (raw, json)
Hash identifier: Kzwu/2Fb3HxzoOZ/5HBgudLXFSJnCXn6sdMLeVaTPd4=
Subject key identifier: F5:C6:C3:73:C9:BC:49:E7:23:50:DF:64:B3:64:18:5C:7F:BA:C5:B8
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01954BCE1CCEFFD8714C3081B23B1B584106
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9cbDc8m8SecjUN9ks2QYXH-6xbg.roa
Signing time: Fri 28 Feb 2025 09:05:53 +0000
ROA not before: Fri 28 Feb 2025 09:05:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 213.254.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 13:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:ce:1c:ce:ff:d8:71:4c:30:81:b2:3b:1b:58:41:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 28 09:05:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5c6c373c9bc49e72350df64b364185c7fbac5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:00:87:65:57:28:d6:dc:85:ed:ca:6f:d2:34:
e5:4f:3e:2a:a6:c8:30:61:86:88:37:61:97:33:34:
56:05:37:fe:67:eb:ba:16:74:e4:ed:3a:90:e9:a9:
40:78:04:59:a1:59:77:e4:cd:99:87:b3:c7:74:4e:
f2:29:d9:7d:7d:1d:e6:6c:b9:82:77:72:3f:f6:6c:
69:f3:0f:f2:6d:12:c4:83:99:dc:d8:86:d0:ca:90:
bc:e5:75:b0:9d:e8:7a:8f:e9:3d:03:c7:eb:83:62:
89:45:83:ec:14:e4:1b:9a:70:48:e3:f3:85:76:32:
8a:12:30:a3:d8:79:68:23:9a:b0:69:78:cd:2d:41:
c4:63:78:95:c1:1f:87:ee:1c:95:0b:75:bb:52:27:
46:17:33:a8:3b:c8:f4:14:69:b1:e7:93:2f:c5:13:
ff:5b:4a:bc:a8:3c:5f:8c:ce:ff:42:f0:26:42:7f:
fa:b9:90:6a:4e:5a:47:79:16:18:9b:c3:2d:75:ca:
5d:84:af:c7:a0:16:e0:16:8c:86:d2:95:e8:40:76:
24:c8:0b:e1:d9:ae:12:c1:e0:e6:cd:69:c9:c8:26:
1e:1d:df:aa:49:56:92:28:c5:43:aa:47:75:40:cb:
76:e9:8b:41:56:a3:3c:3f:ad:2a:0d:38:20:27:fd:
a2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C6:C3:73:C9:BC:49:E7:23:50:DF:64:B3:64:18:5C:7F:BA:C5:B8
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9cbDc8m8SecjUN9ks2QYXH-6xbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.254.162.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:0b:67:aa:12:2f:53:5f:0e:b8:e8:cc:63:b6:e6:ca:b6:67:
3d:f7:bd:59:9b:bf:f1:fd:38:b2:74:82:72:01:e9:e3:56:96:
19:0e:35:6c:95:b9:56:67:e2:56:26:b1:9c:50:28:7e:04:72:
8b:d8:ee:12:87:79:ec:11:f3:2e:a5:0b:f0:59:59:04:d3:94:
3f:16:48:e2:34:60:1c:a6:1c:a2:45:59:11:64:3b:db:1d:a6:
cf:c2:0c:13:09:65:93:f7:b2:33:76:c6:4e:f9:8c:53:a8:ec:
ba:cd:aa:91:e4:2f:5d:96:02:b1:93:0b:54:1d:7f:1e:71:5a:
42:24:d6:e4:d9:1b:05:30:e3:a8:c6:21:d8:df:61:5b:f5:23:
03:8c:e0:91:4f:0d:95:9d:1a:e5:5a:c0:28:5c:ee:19:6b:95:
80:df:fc:23:46:85:19:7f:fd:b5:38:e7:c0:d0:85:37:e4:a0:
70:f2:63:59:84:c1:54:46:a5:43:ad:c4:b3:14:1b:0f:f9:6c:
0d:e1:04:e8:24:50:4f:54:15:a7:2d:ee:a3:b3:cb:74:df:6e:
65:16:40:34:d3:b2:78:2c:42:75:28:98:57:53:14:70:5a:e2:
b7:41:ab:b2:5e:80:66:b8:5c:a8:9d:da:ca:6c:30:4c:01:d0:
6d:ea:da:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVLzhzO/9hxTDCBsjsbWEEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI4MDkwNTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWM2YzM3M2M5YmM0OWU3MjM1MGRmNjRiMzY0MTg1YzdmYmFjNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyACHZVco1tyF7cpv0jTlTz4qpsgw
YYaIN2GXMzRWBTf+Z+u6FnTk7TqQ6alAeARZoVl35M2Zh7PHdE7yKdl9fR3mbLmC
d3I/9mxp8w/ybRLEg5nc2IbQypC85XWwneh6j+k9A8frg2KJRYPsFOQbmnBI4/OF
djKKEjCj2HloI5qwaXjNLUHEY3iVwR+H7hyVC3W7UidGFzOoO8j0FGmx55MvxRP/
W0q8qDxfjM7/QvAmQn/6uZBqTlpHeRYYm8MtdcpdhK/HoBbgFoyG0pXoQHYkyAvh
2a4SweDmzWnJyCYeHd+qSVaSKMVDqkd1QMt26YtBVqM8P60qDTggJ/2ixwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXGw3PJvEnnI1DfZLNkGFx/usW4MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvOWNiRGM4bThTZWNqVU45a3MyUVlYSC02eGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1f6iMA0G
CSqGSIb3DQEBCwUAA4IBAQCMC2eqEi9TXw646MxjtubKtmc9971Zm7/x/TiydIJy
AenjVpYZDjVslblWZ+JWJrGcUCh+BHKL2O4Sh3nsEfMupQvwWVkE05Q/FkjiNGAc
phyiRVkRZDvbHabPwgwTCWWT97IzdsZO+YxTqOy6zaqR5C9dlgKxkwtUHX8ecVpC
JNbk2RsFMOOoxiHY32Fb9SMDjOCRTw2VnRrlWsAoXO4Za5WA3/wjRoUZf/21OOfA
0IU35KBw8mNZhMFURqVDrcSzFBsP+WwN4QToJFBPVBWnLe6js8t0325lFkA007J4
LEJ1KJhXUxRwWuK3QauyXoBmuFyondrKbDBMAdBt6tro
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:37:37 2025 by rpki-client