Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7UaJkFcdFRdorLBMu38StOixYEw.roa
File: 7UaJkFcdFRdorLBMu38StOixYEw.roa (raw, json)
Hash identifier: 8Ur7Nwm8l1EtUuc90oTS5MF2RWWS7I1h2TkaheewxSE=
Subject key identifier: ED:46:89:90:57:1D:15:17:68:AC:B0:4C:BB:7F:12:B4:E8:B1:60:4C
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC72F5FFA7021543C3FF9252B94AD2
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7UaJkFcdFRdorLBMu38StOixYEw.roa
Signing time: Thu 02 Jan 2025 07:48:08 +0000
ROA not before: Thu 02 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45650
IP address blocks: 188.253.96.0/21 maxlen: 24
188.253.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 02:11:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:72:f5:ff:a7:02:15:43:c3:ff:92:52:b9:4a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed468990571d151768acb04cbb7f12b4e8b1604c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:49:58:f9:dc:3f:06:5d:ad:41:e5:4a:21:d5:
87:df:36:73:a5:1d:c3:4a:2c:9c:dc:c8:32:09:b7:
dd:e8:cd:36:52:76:64:b2:83:a4:31:96:f3:a4:b0:
5c:b5:aa:9b:c3:1f:26:7f:51:b7:8f:3a:ea:10:05:
8d:39:17:38:f9:ac:73:72:20:cb:69:41:4f:f4:fa:
b6:86:c9:d2:e7:ed:19:f7:20:b0:c3:99:09:c1:c7:
c2:41:b1:30:da:4f:c8:d1:95:f4:11:e1:52:20:c9:
eb:da:4e:9d:c2:56:0e:58:fa:7a:52:32:45:24:7a:
4e:cc:23:aa:0e:31:ad:7b:95:b6:6f:75:23:da:ba:
25:5a:a3:02:e9:28:89:37:8d:ef:c4:9e:25:47:9d:
61:f9:bf:49:26:2f:be:9f:91:6a:f4:f0:32:8e:e0:
36:d3:c0:3b:ec:82:ac:21:50:5d:ec:b6:ce:1a:f3:
56:9d:df:9a:fc:ad:24:83:66:ea:1a:85:dd:18:50:
21:c8:3b:0d:11:ee:cd:4a:fc:8f:8c:4a:0b:3d:22:
7f:82:c3:6d:80:5d:a0:0f:9a:e8:91:02:8c:57:d0:
22:06:9b:d2:63:af:e9:01:12:5f:55:a2:5d:5d:ee:
de:6a:a6:ca:df:4a:18:98:53:7c:c4:98:d3:eb:b9:
1e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:46:89:90:57:1D:15:17:68:AC:B0:4C:BB:7F:12:B4:E8:B1:60:4C
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7UaJkFcdFRdorLBMu38StOixYEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.96.0-188.253.107.255
Signature Algorithm: sha256WithRSAEncryption
8d:02:0a:5f:09:3f:3f:c7:6f:dc:5b:5c:b1:91:cc:e9:6d:94:
82:ae:5d:16:03:b9:a3:3a:d0:5b:19:65:1a:1e:9b:9b:e5:77:
78:7e:5d:6b:51:d9:2e:34:2b:f9:f6:d2:c6:90:0c:5e:15:cd:
3c:75:1e:f3:85:5a:f7:b7:91:3a:f6:1c:fe:95:44:36:98:89:
b9:e2:ba:35:f7:09:e0:04:60:15:6c:90:0f:42:ef:ec:94:22:
3a:22:a3:f3:c9:c2:fa:47:6b:ce:a3:ea:60:57:e8:ec:19:1b:
14:87:e3:86:ea:bf:05:21:b1:b1:0e:d8:be:31:aa:af:1b:7e:
33:db:4a:3f:67:03:36:ae:fd:44:d8:b2:49:f1:8b:4b:7d:63:
bc:c0:c2:64:5e:40:93:16:57:56:fd:76:8e:63:a0:62:46:bf:
6c:5d:61:d1:75:ad:16:cb:de:85:2d:7f:f4:9d:17:36:46:df:
0c:9b:af:31:4f:8a:46:ed:a4:79:b2:50:3a:da:8a:ef:7b:ee:
09:73:37:23:58:0b:fd:c6:42:00:33:a7:d8:f5:39:98:0b:4f:
45:dc:f2:b0:1c:0a:b7:d4:a2:d6:bb:33:8a:21:b7:b5:b2:0b:
4d:7c:7b:43:3f:cd:f3:c7:0f:c4:52:7c:43:a5:46:14:b0:ec:
5c:5e:ca:55
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/HL1/6cCFUPD/5JSuUrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ2ODk5MDU3MWQxNTE3NjhhY2IwNGNiYjdmMTJiNGU4YjE2MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0klY+dw/Bl2tQeVKIdWH3zZzpR3D
Siyc3MgyCbfd6M02UnZksoOkMZbzpLBctaqbwx8mf1G3jzrqEAWNORc4+axzciDL
aUFP9Pq2hsnS5+0Z9yCww5kJwcfCQbEw2k/I0ZX0EeFSIMnr2k6dwlYOWPp6UjJF
JHpOzCOqDjGte5W2b3Uj2rolWqMC6SiJN43vxJ4lR51h+b9JJi++n5Fq9PAyjuA2
08A77IKsIVBd7LbOGvNWnd+a/K0kg2bqGoXdGFAhyDsNEe7NSvyPjEoLPSJ/gsNt
gF2gD5rokQKMV9AiBpvSY6/pARJfVaJdXe7eaqbK30oYmFN8xJjT67kewwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO1GiZBXHRUXaKywTLt/ErTosWBMMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvN1VhSmtGY2RGUmRvckxCTXUzOFN0T2l4WUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW8/WAD
BAK8/WgwDQYJKoZIhvcNAQELBQADggEBAI0CCl8JPz/Hb9xbXLGRzOltlIKuXRYD
uaM60FsZZRoem5vld3h+XWtR2S40K/n20saQDF4VzTx1HvOFWve3kTr2HP6VRDaY
ibniujX3CeAEYBVskA9C7+yUIjoio/PJwvpHa86j6mBX6OwZGxSH44bqvwUhsbEO
2L4xqq8bfjPbSj9nAzau/UTYsknxi0t9Y7zAwmReQJMWV1b9do5joGJGv2xdYdF1
rRbL3oUtf/SdFzZG3wybrzFPikbtpHmyUDraiu977glzNyNYC/3GQgAzp9j1OZgL
T0Xc8rAcCrfUota7M4oht7WyC018e0M/zfPHD8RSfEOlRhSw7FxeylU=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:50:19 2025 by rpki-client