Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/epqSD0kaq1hTQGBlfrUViopCzWc.roa
File: epqSD0kaq1hTQGBlfrUViopCzWc.roa (raw, json)
Hash identifier: 2Crrdl748+um8HD1U65zFMPfq0LqYGBq+P9dA2jpT6Q=
Subject key identifier: 7A:9A:92:0F:49:1A:AB:58:53:40:60:65:7E:B5:15:8A:8A:42:CD:67
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 019584BB5E0DBCE5CA42F8DC7CFAA6A7E0EA
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/epqSD0kaq1hTQGBlfrUViopCzWc.roa
Signing time: Tue 11 Mar 2025 10:23:46 +0000
ROA not before: Tue 11 Mar 2025 10:23:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12902
IP address blocks: 79.98.168.0/21 maxlen: 24
79.98.170.0/24 maxlen: 24
185.240.112.0/22 maxlen: 24
194.180.219.0/24 maxlen: 24
217.77.128.0/19 maxlen: 24
217.77.144.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Mar 2025 14:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:bb:5e:0d:bc:e5:ca:42:f8:dc:7c:fa:a6:a7:e0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Mar 11 10:23:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a9a920f491aab58534060657eb5158a8a42cd67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a9:08:f9:39:fb:fe:50:48:b2:7f:61:ac:1f:
81:2f:dc:73:2b:48:80:df:94:03:81:25:59:c2:0c:
fe:a4:b4:cd:49:41:0e:ed:4e:bc:3f:6e:3a:64:6b:
0f:c5:9d:82:14:ee:7f:b1:07:79:1d:f2:7c:f1:17:
84:ad:e9:fb:6f:d6:99:58:9c:49:bc:2c:f4:6a:c0:
8b:5e:fb:08:0c:3d:49:89:1c:53:f8:d7:6b:d3:cc:
96:44:39:2f:17:fc:5b:6f:d0:9a:c0:3b:25:af:c1:
ae:d8:f7:0b:90:41:41:77:af:50:24:b7:13:64:4d:
71:2b:a4:10:4e:3f:99:ab:ce:87:27:b0:8b:a2:2d:
69:b4:cb:98:5e:ba:f2:0d:99:44:5d:f8:07:b4:61:
9e:03:49:c2:39:9d:8d:1f:3e:3f:74:bc:ef:90:83:
57:0f:39:71:56:6e:7a:82:ae:a7:7e:67:b8:b6:c8:
7e:73:cc:6b:f9:28:cc:84:09:91:5c:c8:bb:ed:28:
90:49:59:c8:74:14:ac:22:0b:54:f1:d2:e2:ce:e2:
ed:23:6b:4a:6e:2a:ba:f4:a2:0a:50:d5:92:31:cc:
9b:36:07:68:82:ee:ca:bc:67:b8:cf:53:8c:ac:66:
73:25:69:22:81:be:16:29:ab:11:1f:e9:19:6b:37:
b0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9A:92:0F:49:1A:AB:58:53:40:60:65:7E:B5:15:8A:8A:42:CD:67
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/epqSD0kaq1hTQGBlfrUViopCzWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
185.240.112.0/22
194.180.219.0/24
217.77.128.0/19
IPv6:
2001:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
11:b8:8f:c5:b6:33:b8:ed:f3:a1:fd:4a:10:e6:c2:2d:b6:98:
11:01:fd:72:2f:9e:38:2e:35:c0:e4:ae:0a:fa:13:12:d2:9a:
84:14:cf:28:86:f6:d9:37:fd:16:05:2c:65:b0:c4:2a:bb:4d:
49:ea:3b:ac:54:31:36:10:cc:dd:07:c0:8d:b4:c4:9b:c5:fa:
7e:79:28:9e:d4:d4:ca:f3:f0:3e:c5:0c:ba:83:5a:bc:d4:75:
5a:8c:14:3a:20:f5:d5:71:ff:bb:68:70:f4:10:2f:b0:96:fc:
3f:fd:c9:1a:d3:ad:40:64:49:3d:ce:b7:17:69:90:49:f3:7f:
8d:20:69:bf:b3:83:46:8d:db:17:44:c5:6a:95:c6:36:80:d0:
e9:5d:93:b4:b2:5c:83:0f:f0:83:54:0f:da:e9:f3:4b:b6:f0:
53:56:52:25:57:ad:5c:58:88:b9:0d:29:50:48:ea:6f:bc:ae:
05:40:3a:86:8d:94:60:de:25:cb:6e:da:15:df:2a:3a:94:18:
e1:7e:1d:ec:7e:56:1c:01:26:71:b7:88:45:7e:31:6e:31:b3:
1a:74:32:17:d3:c7:88:16:11:78:cf:61:b8:cf:27:33:86:f8:
43:ec:0e:83:98:20:c7:28:9f:07:61:a7:9b:e3:38:23:7a:25:
f0:08:75:da
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZWEu14NvOXKQvjcfPqmp+DqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjUwMzExMTAyMzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTlhOTIwZjQ5MWFhYjU4NTM0MDYwNjU3ZWI1MTU4YThhNDJjZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8akI+Tn7/lBIsn9hrB+BL9xzK0iA
35QDgSVZwgz+pLTNSUEO7U68P246ZGsPxZ2CFO5/sQd5HfJ88ReEren7b9aZWJxJ
vCz0asCLXvsIDD1JiRxT+Ndr08yWRDkvF/xbb9CawDslr8Gu2PcLkEFBd69QJLcT
ZE1xK6QQTj+Zq86HJ7CLoi1ptMuYXrryDZlEXfgHtGGeA0nCOZ2NHz4/dLzvkINX
DzlxVm56gq6nfme4tsh+c8xr+SjMhAmRXMi77SiQSVnIdBSsIgtU8dLizuLtI2tK
biq69KIKUNWSMcybNgdogu7KvGe4z1OMrGZzJWkigb4WKasRH+kZazew0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHqakg9JGqtYU0BgZX61FYqKQs1nMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvZXBxU0Qwa2FxMWhUUUdCbGZyVVZpb3BDeldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDT2KoAwQC
ufBwAwQAwrTbAwQF2U2AMA0EAgACMAcDBQAgAQnAMA0GCSqGSIb3DQEBCwUAA4IB
AQARuI/FtjO47fOh/UoQ5sIttpgRAf1yL544LjXA5K4K+hMS0pqEFM8ohvbZN/0W
BSxlsMQqu01J6jusVDE2EMzdB8CNtMSbxfp+eSie1NTK8/A+xQy6g1q81HVajBQ6
IPXVcf+7aHD0EC+wlvw//cka061AZEk9zrcXaZBJ83+NIGm/s4NGjdsXRMVqlcY2
gNDpXZO0slyDD/CDVA/a6fNLtvBTVlIlV61cWIi5DSlQSOpvvK4FQDqGjZRg3iXL
btoV3yo6lBjhfh3sflYcASZxt4hFfjFuMbMadDIX08eIFhF4z2G4zyczhvhD7A6D
mCDHKJ8HYaeb4zgjeiXwCHXa
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:27:09 2025 by rpki-client