Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/K_fWrll37UpXfpMwrdfrNs93QQA.roa
File: K_fWrll37UpXfpMwrdfrNs93QQA.roa (raw, json)
Hash identifier: 1HzB3GKOK3XwsOO9NW2DAcX8+5bBAWY+p381R78y834=
Subject key identifier: 2B:F7:D6:AE:59:77:ED:4A:57:7E:93:30:AD:D7:EB:36:CF:77:41:00
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019428275259E007305D9126515A27BE4E6C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/K_fWrll37UpXfpMwrdfrNs93QQA.roa
Signing time: Thu 02 Jan 2025 17:54:13 +0000
ROA not before: Thu 02 Jan 2025 17:54:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 18:43:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:52:59:e0:07:30:5d:91:26:51:5a:27:be:4e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bf7d6ae5977ed4a577e9330add7eb36cf774100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:19:b3:52:d4:5c:8a:21:47:b2:55:74:a2:59:
18:9f:56:7f:58:94:e1:90:09:04:62:1c:fa:35:7b:
74:06:58:fa:88:5e:ce:a8:49:14:ac:56:d1:32:55:
d7:f2:ca:1f:87:dc:6c:a2:f6:8b:a1:bd:96:c2:1a:
9a:45:92:c7:04:ba:3d:60:32:58:b2:e1:45:28:a4:
5f:59:af:b9:31:27:6e:93:77:d2:42:a8:fb:c7:fb:
4c:63:1e:81:94:93:fd:3e:77:32:6a:3e:e1:10:f4:
b0:68:cf:5e:72:56:31:79:d0:24:c8:1e:ff:58:6b:
bc:24:e1:f4:d1:63:17:15:cc:1f:20:8d:f1:f0:48:
80:dc:ef:50:21:43:83:bd:4c:66:88:75:90:42:37:
f7:86:33:7b:5c:ba:7b:04:fd:f2:9f:d9:a0:c4:28:
92:0b:28:b6:a3:8b:0d:d1:cb:f4:c8:3a:0c:7b:44:
7d:55:91:e4:50:9c:36:5f:d2:0d:de:44:15:59:d3:
06:bf:5e:3b:74:e1:38:8a:86:95:12:be:eb:d1:0c:
5b:74:98:aa:d3:40:f5:37:c7:be:bb:74:47:10:74:
5a:a0:02:18:c7:93:6d:86:11:db:d9:f5:93:f3:47:
24:b3:55:a6:3a:57:bd:a6:13:bb:09:db:ca:6e:37:
f4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F7:D6:AE:59:77:ED:4A:57:7E:93:30:AD:D7:EB:36:CF:77:41:00
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/K_fWrll37UpXfpMwrdfrNs93QQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
61:8b:ca:ed:0a:5c:c3:4a:94:e1:83:a3:3b:6b:b1:8b:0a:96:
7c:13:3a:89:27:4c:b6:bd:d6:37:7e:41:f8:ee:68:0d:dc:32:
1e:a4:94:f9:3e:56:15:63:87:3b:ce:da:48:5a:9e:5e:e3:6b:
27:b2:cd:aa:7c:92:61:0d:e6:bf:11:20:a4:ad:f2:f1:9d:b3:
a5:8d:74:6d:ae:b8:35:38:cb:54:c4:97:7a:85:ea:02:1c:73:
67:aa:0e:9c:1c:4c:6a:ed:bb:05:9c:a9:fd:3f:57:c2:03:81:
08:ff:a7:3a:d0:8b:fe:19:f9:60:1f:37:f5:f0:6b:41:eb:d3:
52:8d:e4:94:81:5f:69:cb:01:ce:8b:82:3a:27:d3:be:6f:df:
5c:28:5b:67:af:ad:3d:db:7b:1c:cb:f0:3c:1c:8a:c1:88:0d:
f3:2d:64:3d:ee:12:51:9c:32:c9:42:bc:c8:a6:37:13:81:85:
4d:e8:54:27:44:c8:10:92:ac:18:76:4d:d0:7c:80:22:eb:56:
55:ca:ca:a7:3e:90:17:7f:be:7e:7d:06:54:a4:34:b4:84:81:
be:4d:7b:13:b5:e7:32:b2:24:36:89:36:a7:d9:7f:49:b4:4f:
23:a0:5d:cb:0e:92:7d:22:e6:81:4b:c9:ea:17:6e:4c:7b:2a:
2b:e6:f3:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJ1JZ4AcwXZEmUVonvk5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmY3ZDZhZTU5NzdlZDRhNTc3ZTkzMzBhZGQ3ZWIzNmNmNzc0MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhmzUtRciiFHslV0olkYn1Z/WJTh
kAkEYhz6NXt0Blj6iF7OqEkUrFbRMlXX8sofh9xsovaLob2WwhqaRZLHBLo9YDJY
suFFKKRfWa+5MSduk3fSQqj7x/tMYx6BlJP9Pncyaj7hEPSwaM9eclYxedAkyB7/
WGu8JOH00WMXFcwfII3x8EiA3O9QIUODvUxmiHWQQjf3hjN7XLp7BP3yn9mgxCiS
Cyi2o4sN0cv0yDoMe0R9VZHkUJw2X9IN3kQVWdMGv147dOE4ioaVEr7r0QxbdJiq
00D1N8e+u3RHEHRaoAIYx5NthhHb2fWT80cks1WmOle9phO7CdvKbjf0fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCv31q5Zd+1KV36TMK3X6zbPd0EAMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvS19mV3JsbDM3VXBYZnBNd3JkZnJOczkzUVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvECOAwQA
2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQBhi8rtClzDSpThg6M7a7GLCpZ8EzqJJ0y2
vdY3fkH47mgN3DIepJT5PlYVY4c7ztpIWp5e42snss2qfJJhDea/ESCkrfLxnbOl
jXRtrrg1OMtUxJd6heoCHHNnqg6cHExq7bsFnKn9P1fCA4EI/6c60Iv+GflgHzf1
8GtB69NSjeSUgV9pywHOi4I6J9O+b99cKFtnr60923scy/A8HIrBiA3zLWQ97hJR
nDLJQrzIpjcTgYVN6FQnRMgQkqwYdk3QfIAi61ZVysqnPpAXf75+fQZUpDS0hIG+
TXsTtecysiQ2iTan2X9JtE8joF3LDpJ9IuaBS8nqF25Meyor5vOC
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:41 2025 by rpki-client