Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2BHYAHtcwkGQB7WRgAtyYBuEq14.roa
File: 2BHYAHtcwkGQB7WRgAtyYBuEq14.roa (raw, json)
Hash identifier: n0DIR4bQ4+l5Sk+82x4HOcOsQVCFXRsMdj7n7NmMJjw=
Subject key identifier: D8:11:D8:00:7B:5C:C2:41:90:07:B5:91:80:0B:72:60:1B:84:AB:5E
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194ACE5C58B81BA5A4F310F2CA01A025735
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2BHYAHtcwkGQB7WRgAtyYBuEq14.roa
Signing time: Tue 28 Jan 2025 12:32:07 +0000
ROA not before: Tue 28 Jan 2025 12:32:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211440
IP address blocks: 195.133.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Feb 2025 11:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:e5:c5:8b:81:ba:5a:4f:31:0f:2c:a0:1a:02:57:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 28 12:32:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d811d8007b5cc2419007b591800b72601b84ab5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4f:33:55:a4:ae:d2:0d:91:04:69:9f:36:85:
86:16:32:8f:1e:78:0a:b7:49:4b:c5:da:4c:79:c3:
c4:cf:91:85:20:cd:3c:d1:b7:19:24:a9:3b:dc:fb:
26:3b:4e:84:a1:c5:64:68:44:a0:7d:bc:0d:ea:8a:
48:5a:9e:dc:8a:6d:14:bc:ff:c8:7a:d8:c8:e8:59:
34:17:36:b8:b7:80:38:92:72:80:ce:08:c4:5a:39:
09:77:df:f5:12:da:b2:6a:32:71:cd:01:4f:fe:40:
fa:f7:56:7a:57:27:a9:9e:4b:99:37:6b:33:fa:b2:
75:35:49:91:2b:b7:04:65:eb:82:72:54:5e:16:24:
0e:c0:df:b1:43:5f:82:9e:11:45:b2:3a:ed:31:07:
cc:7e:aa:d9:6b:42:ba:9c:02:ab:0d:e0:26:c7:77:
05:51:3c:55:95:46:57:7d:97:28:b7:ae:c6:ba:89:
8d:d9:71:68:33:e9:34:3c:58:b6:50:07:ba:e3:19:
c3:ed:b0:c3:3e:7d:cc:33:ee:f8:65:4a:58:46:04:
bf:47:ed:2c:22:d9:41:db:c4:9e:a6:c1:d4:27:00:
99:cf:81:c0:99:6f:5d:ca:f8:08:73:a8:46:ba:3c:
83:80:b6:a7:b8:1f:b8:1d:cc:cf:30:b7:97:57:dc:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:11:D8:00:7B:5C:C2:41:90:07:B5:91:80:0B:72:60:1B:84:AB:5E
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2BHYAHtcwkGQB7WRgAtyYBuEq14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.193.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:22:37:0c:8e:e0:90:4e:e3:f2:85:30:3f:fe:fe:c5:a4:f7:
b0:2a:76:00:be:6b:8f:b0:d7:b0:ae:1e:5f:ad:26:cb:dc:c2:
07:6d:29:b7:3a:3d:cc:49:eb:81:e1:cb:6d:1d:95:11:4b:06:
d5:52:36:83:84:47:6e:88:25:d5:70:89:16:fb:d6:76:e1:1a:
3e:16:70:28:76:f5:4d:83:d7:df:ba:1b:e9:20:2f:65:a7:f2:
84:b7:0f:c9:96:0f:a2:78:89:b0:c6:e4:d6:66:8c:f4:ff:16:
3a:8d:47:aa:6a:da:7f:b5:e5:ab:28:fd:6b:65:1a:4e:48:83:
db:12:20:2e:0d:a1:2d:c0:d7:11:98:ca:51:c3:90:db:63:e1:
e3:66:db:bb:24:91:fd:b8:20:61:55:42:13:89:6f:10:0a:f5:
d7:71:93:ac:b5:c3:db:21:98:5b:bc:f3:fe:cb:a8:0c:a3:d6:
ef:d4:dc:c6:ea:a8:0f:8d:54:6e:49:99:88:1e:7d:a7:b7:c7:
3d:34:34:7b:ce:ae:f6:06:fa:ab:ac:d3:f3:5b:4f:d0:b4:8d:
36:16:f0:41:1e:50:36:28:2c:39:f4:5e:65:56:8a:8e:0d:0c:
6e:79:b9:7f:c4:f9:dc:a5:f9:cb:d9:ce:3c:96:19:64:8d:0f:
6e:38:e2:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSs5cWLgbpaTzEPLKAaAlc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTI4MTIzMjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODExZDgwMDdiNWNjMjQxOTAwN2I1OTE4MDBiNzI2MDFiODRhYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU8zVaSu0g2RBGmfNoWGFjKPHngK
t0lLxdpMecPEz5GFIM080bcZJKk73PsmO06EocVkaESgfbwN6opIWp7cim0UvP/I
etjI6Fk0Fza4t4A4knKAzgjEWjkJd9/1EtqyajJxzQFP/kD691Z6VyepnkuZN2sz
+rJ1NUmRK7cEZeuCclReFiQOwN+xQ1+CnhFFsjrtMQfMfqrZa0K6nAKrDeAmx3cF
UTxVlUZXfZcot67GuomN2XFoM+k0PFi2UAe64xnD7bDDPn3MM+74ZUpYRgS/R+0s
ItlB28SepsHUJwCZz4HAmW9dyvgIc6hGujyDgLanuB+4HczPMLeXV9zr8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgR2AB7XMJBkAe1kYALcmAbhKteMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMkJIWUFIdGN3a0dRQjdXUmdBdHlZQnVFcTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4XBMA0G
CSqGSIb3DQEBCwUAA4IBAQB/IjcMjuCQTuPyhTA//v7FpPewKnYAvmuPsNewrh5f
rSbL3MIHbSm3Oj3MSeuB4cttHZURSwbVUjaDhEduiCXVcIkW+9Z24Ro+FnAodvVN
g9ffuhvpIC9lp/KEtw/Jlg+ieImwxuTWZoz0/xY6jUeqatp/teWrKP1rZRpOSIPb
EiAuDaEtwNcRmMpRw5DbY+HjZtu7JJH9uCBhVUITiW8QCvXXcZOstcPbIZhbvPP+
y6gMo9bv1NzG6qgPjVRuSZmIHn2nt8c9NDR7zq72BvqrrNPzW0/QtI02FvBBHlA2
KCw59F5lVoqODQxuebl/xPncpfnL2c48lhlkjQ9uOOLn
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:43 2025 by rpki-client