Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/7HXhpW8ornKGe8aI6-iVMTR0YL8.roa
File: 7HXhpW8ornKGe8aI6-iVMTR0YL8.roa (raw, json)
Hash identifier: KoJGge/KgsKLZpZJRcBWmBsCeK1oS1C3Wwd3FEVnmDA=
Subject key identifier: EC:75:E1:A5:6F:28:AE:72:86:7B:C6:88:EB:E8:95:31:34:74:60:BF
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0195B8B2F10FE1E2BA4E1F6ACA5D2CC16D22
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/7HXhpW8ornKGe8aI6-iVMTR0YL8.roa
Signing time: Fri 21 Mar 2025 12:34:49 +0000
ROA not before: Fri 21 Mar 2025 12:34:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12238
IP address blocks: 217.79.104.0/22 maxlen: 24
217.79.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 21:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:b2:f1:0f:e1:e2:ba:4e:1f:6a:ca:5d:2c:c1:6d:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 21 12:34:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec75e1a56f28ae72867bc688ebe89531347460bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f7:f5:24:20:87:0e:af:bf:06:f0:ec:e7:b3:
b6:1d:4e:7e:76:79:cb:b9:4f:94:c1:80:eb:3d:aa:
0b:98:45:86:d0:ca:fc:22:22:27:e8:57:f0:3b:86:
7d:86:b7:42:05:5f:c9:26:2b:79:e9:ed:d8:94:6c:
77:e3:70:b7:e9:b9:b4:5c:8d:ea:b0:74:41:55:dd:
a3:fc:c9:54:93:4a:b5:8e:80:ef:c2:df:f0:ef:d2:
9d:e9:c0:62:d8:ff:fd:e2:76:ea:42:28:8b:33:b5:
d9:b7:7c:e8:d4:04:0d:44:73:db:fe:d4:56:07:c8:
8b:d3:7f:99:04:58:f8:21:a4:1b:20:b2:91:d1:13:
48:c0:ed:1b:7f:a1:86:99:51:13:f2:d1:ba:82:66:
25:d1:1f:75:27:cd:cd:44:96:e8:3e:13:e6:47:a6:
14:ee:ca:1f:36:94:87:47:b9:ae:7d:37:2f:50:e8:
e5:69:77:3c:3b:e7:78:8a:08:68:c0:73:41:b8:1e:
07:2c:b2:e1:8a:b8:8a:07:07:b5:00:61:90:b0:2a:
20:9a:56:53:ec:1a:0c:df:18:21:b1:6e:19:55:67:
cf:86:c1:24:e0:a1:67:d0:e8:90:5a:fb:f8:19:27:
2f:ac:1b:1a:51:91:b7:b7:7a:c5:a2:dd:af:d6:14:
a3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:75:E1:A5:6F:28:AE:72:86:7B:C6:88:EB:E8:95:31:34:74:60:BF
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/7HXhpW8ornKGe8aI6-iVMTR0YL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.79.104.0/22
217.79.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:fa:25:05:b0:c5:33:fc:57:4b:a0:f9:38:52:18:31:36:41:
ad:cf:25:c1:04:33:cf:d0:ef:33:f1:62:94:19:15:4e:86:15:
a9:aa:6e:a2:87:bc:de:9a:76:a0:27:28:2a:58:c8:36:1e:1d:
2e:64:a9:db:e6:06:02:31:08:78:d1:cd:55:79:a4:0c:78:f1:
1b:22:f1:e2:1b:c6:31:d9:96:b8:7d:20:c3:90:22:19:b7:ae:
8d:a0:1f:98:86:b9:f5:66:08:c7:2e:c2:9f:72:e6:48:9a:6b:
50:93:c7:d2:b1:05:33:a0:32:c8:3c:1a:26:38:b1:c0:cb:5a:
e8:c7:48:f9:13:c9:c2:0a:1d:7c:8a:8b:26:ca:3c:ff:21:1b:
28:60:23:e0:ec:d9:3f:52:38:b6:29:59:60:90:4a:79:d8:eb:
97:b2:a6:3b:02:aa:93:4b:f9:4b:94:45:e9:e5:70:1f:49:4e:
58:fe:cc:91:dc:a4:7e:8a:ff:20:d9:e1:d7:74:f3:6d:31:6c:
2c:d0:96:e6:6d:d9:b4:90:19:4c:da:a7:86:46:09:ce:7c:43:
70:ae:4b:a4:cf:87:a5:b0:75:68:cc:e6:89:e6:fb:47:c0:5a:
50:1b:6b:91:c5:16:48:51:80:8d:a7:db:71:58:71:5e:a0:8a:
5e:01:d3:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZW4svEP4eK6Th9qyl0swW0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwMzIxMTIzNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc1ZTFhNTZmMjhhZTcyODY3YmM2ODhlYmU4OTUzMTM0NzQ2MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPf1JCCHDq+/BvDs57O2HU5+dnnL
uU+UwYDrPaoLmEWG0Mr8IiIn6FfwO4Z9hrdCBV/JJit56e3YlGx343C36bm0XI3q
sHRBVd2j/MlUk0q1joDvwt/w79Kd6cBi2P/94nbqQiiLM7XZt3zo1AQNRHPb/tRW
B8iL03+ZBFj4IaQbILKR0RNIwO0bf6GGmVET8tG6gmYl0R91J83NRJboPhPmR6YU
7sofNpSHR7mufTcvUOjlaXc8O+d4ighowHNBuB4HLLLhiriKBwe1AGGQsCogmlZT
7BoM3xghsW4ZVWfPhsEk4KFn0OiQWvv4GScvrBsaUZG3t3rFot2v1hSjFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOx14aVvKK5yhnvGiOvolTE0dGC/MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvN0hYaHBXOG9ybktHZThhSTYtaVZNVFIwWUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2U9oAwQC
2U90MA0GCSqGSIb3DQEBCwUAA4IBAQCK+iUFsMUz/FdLoPk4UhgxNkGtzyXBBDPP
0O8z8WKUGRVOhhWpqm6ih7zemnagJygqWMg2Hh0uZKnb5gYCMQh40c1VeaQMePEb
IvHiG8Yx2Za4fSDDkCIZt66NoB+Yhrn1ZgjHLsKfcuZImmtQk8fSsQUzoDLIPBom
OLHAy1rox0j5E8nCCh18iosmyjz/IRsoYCPg7Nk/Uji2KVlgkEp52OuXsqY7AqqT
S/lLlEXp5XAfSU5Y/syR3KR+iv8g2eHXdPNtMWws0Jbmbdm0kBlM2qeGRgnOfENw
rkukz4elsHVozOaJ5vtHwFpQG2uRxRZIUYCNp9txWHFeoIpeAdNg
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:07:03 2025 by rpki-client