Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/64Ej7I8HEnkpiLGMX82veircUhg.roa
File: 64Ej7I8HEnkpiLGMX82veircUhg.roa (raw, json)
Hash identifier: xVAVOGzTMXPwla0VBx1B21ilx+QLilzpIJ9ncjalLHQ=
Subject key identifier: EB:81:23:EC:8F:07:12:79:29:88:B1:8C:5F:CD:AF:7A:2A:DC:52:18
Certificate issuer: /CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Certificate serial: 0194228E33ED2C6EFC4E5A804C51889C9EB8
Authority key identifier: 56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/64Ej7I8HEnkpiLGMX82veircUhg.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12822
IP address blocks: 212.108.160.0/20 maxlen: 20
212.108.176.0/21 maxlen: 21
212.108.184.0/21 maxlen: 21
2a02:358::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Feb 2025 09:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:33:ed:2c:6e:fc:4e:5a:80:4c:51:88:9c:9e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb8123ec8f0712792988b18c5fcdaf7a2adc5218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4f:e8:80:d7:ff:ec:12:09:c6:9f:7d:29:9e:
86:19:38:12:3a:43:36:87:53:12:5b:3d:df:47:d6:
e8:70:47:1a:90:da:93:cf:33:46:9e:5f:8a:93:79:
e2:19:12:9a:33:a6:88:62:fa:00:f4:10:74:9c:29:
ff:14:bc:b6:1e:26:bb:60:c0:78:a0:cc:68:42:69:
eb:1b:32:87:7c:24:16:0b:47:e0:3f:58:da:77:14:
53:ce:a6:82:37:d9:ae:08:08:2c:b4:d8:a4:4d:fd:
ec:68:3a:3c:06:12:51:17:15:f1:32:0a:74:d9:ba:
1a:4d:73:2c:d7:15:35:0f:dc:3e:3f:85:2c:8f:48:
5a:84:56:a3:f3:05:eb:94:93:e5:d9:7f:b5:81:c0:
4c:cb:ae:40:8b:8c:63:9c:ca:d0:b2:ce:2d:3b:a8:
78:fb:60:e2:3e:03:3d:9b:76:f1:1e:1f:1e:b0:87:
52:5e:cc:98:e3:ca:2e:2f:b4:74:d9:a3:17:04:04:
0c:da:93:81:75:62:b0:86:2c:87:da:6c:68:48:24:
57:3f:48:d2:db:a8:08:0b:1c:e1:4d:57:f1:a5:d3:
51:f8:59:08:65:12:cc:22:58:8b:b8:6f:75:ac:93:
69:5a:9f:7b:68:1d:bf:89:5a:94:63:c8:b2:88:92:
90:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:81:23:EC:8F:07:12:79:29:88:B1:8C:5F:CD:AF:7A:2A:DC:52:18
X509v3 Authority Key Identifier:
keyid:56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/64Ej7I8HEnkpiLGMX82veircUhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.108.160.0/19
IPv6:
2a02:358::/32
Signature Algorithm: sha256WithRSAEncryption
2f:ad:05:68:16:fe:76:4c:33:fd:93:45:4f:fd:90:17:cf:c2:
df:65:53:f0:95:ec:51:90:bb:d8:68:71:cd:ce:0f:00:0b:ed:
55:26:69:17:26:56:0d:8f:2a:0d:a2:e9:e0:df:7d:49:f5:19:
03:0d:ea:5e:55:dc:f6:38:da:0c:bc:b5:bb:a2:f0:52:be:0c:
12:ea:6b:ac:70:86:13:63:a4:a5:c2:65:e7:50:8e:a9:d2:ec:
d3:59:65:b7:d6:12:ac:09:9a:ac:e6:bd:4b:c1:d3:f2:5d:a4:
73:f0:52:69:8f:c3:69:58:1c:db:d7:18:a0:5b:05:38:e9:43:
9d:b4:9f:c4:78:af:02:6f:bd:02:8f:68:0c:26:c9:ca:5f:32:
a5:0e:f0:ba:28:16:75:27:b0:c6:8d:82:d3:b8:ce:ef:eb:da:
93:f5:fc:61:39:1b:e8:5e:7c:ef:52:0a:68:3c:94:21:75:da:
e1:97:ab:11:52:a3:3b:2a:8d:bc:fb:ef:2c:17:a1:4a:15:1d:
50:46:a2:6f:f9:01:8c:8f:2c:25:df:ef:09:a7:c6:aa:c6:6c:
03:e6:ed:e2:d4:ac:69:4f:2c:9d:c1:f8:97:81:9b:1b:1d:86:
8b:6f:2f:7f:54:7f:09:8a:69:6b:45:83:3e:4b:51:90:f0:f9:
3b:8d:29:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijjPtLG78TlqATFGInJ64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MDE5MGJkZmIwYTNmMjNiNDQxMWU3ZDc0OGVkZGJiZDA5
Zjg1NDYwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjgxMjNlYzhmMDcxMjc5Mjk4OGIxOGM1ZmNkYWY3YTJhZGM1MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3U/ogNf/7BIJxp99KZ6GGTgSOkM2
h1MSWz3fR9bocEcakNqTzzNGnl+Kk3niGRKaM6aIYvoA9BB0nCn/FLy2Hia7YMB4
oMxoQmnrGzKHfCQWC0fgP1jadxRTzqaCN9muCAgstNikTf3saDo8BhJRFxXxMgp0
2boaTXMs1xU1D9w+P4Usj0hahFaj8wXrlJPl2X+1gcBMy65Ai4xjnMrQss4tO6h4
+2DiPgM9m3bxHh8esIdSXsyY48ouL7R02aMXBAQM2pOBdWKwhiyH2mxoSCRXP0jS
26gICxzhTVfxpdNR+FkIZRLMIliLuG91rJNpWp97aB2/iVqUY8iyiJKQkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOuBI+yPBxJ5KYixjF/Nr3oq3FIYMB8GA1UdIwQY
MBaAFFYBkL37Cj8jtEEefXSO3bvQn4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMt
MmI5ZmM0MWUwYTgwLzEvNjRFajdJOEhFbmtwaUxHTVg4MnZlaXJjVWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMtMmI5ZmM0MWUwYTgw
LzEvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1GygMA0E
AgACMAcDBQAqAgNYMA0GCSqGSIb3DQEBCwUAA4IBAQAvrQVoFv52TDP9k0VP/ZAX
z8LfZVPwlexRkLvYaHHNzg8AC+1VJmkXJlYNjyoNoung331J9RkDDepeVdz2ONoM
vLW7ovBSvgwS6muscIYTY6SlwmXnUI6p0uzTWWW31hKsCZqs5r1LwdPyXaRz8FJp
j8NpWBzb1xigWwU46UOdtJ/EeK8Cb70Cj2gMJsnKXzKlDvC6KBZ1J7DGjYLTuM7v
69qT9fxhORvoXnzvUgpoPJQhddrhl6sRUqM7Ko28++8sF6FKFR1QRqJv+QGMjywl
3+8Jp8aqxmwD5u3i1KxpTyydwfiXgZsbHYaLby9/VH8JimlrRYM+S1GQ8Pk7jSnV
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:03:47 2025 by rpki-client