Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/f3qOEU72gIMqTZh_aJ5WOiDfUOk.roa
File: f3qOEU72gIMqTZh_aJ5WOiDfUOk.roa (raw, json)
Hash identifier: tRKO3a7caWwvQucXUu74FvSMxRAuX1G+FJuEQDAy0nA=
Subject key identifier: 7F:7A:8E:11:4E:F6:80:83:2A:4D:98:7F:68:9E:56:3A:20:DF:50:E9
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 0194258EFB4631D08D79B5B6FFBCB7A7A38C
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/f3qOEU72gIMqTZh_aJ5WOiDfUOk.roa
Signing time: Thu 02 Jan 2025 05:48:34 +0000
ROA not before: Thu 02 Jan 2025 05:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 17 Jan 2025 08:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:fb:46:31:d0:8d:79:b5:b6:ff:bc:b7:a7:a3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Jan 2 05:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f7a8e114ef680832a4d987f689e563a20df50e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:80:0f:fb:fa:dd:fe:ab:a3:8d:84:21:61:2a:
cf:71:fd:d9:52:bb:9e:cb:47:6e:16:44:6f:05:56:
18:fb:46:5a:83:9d:7f:c8:08:e7:9a:b3:4e:a6:e3:
8d:56:2c:e3:22:56:4f:bf:d4:58:4f:31:88:58:aa:
fc:b2:57:2a:6f:89:80:10:87:21:47:e8:bb:ee:fc:
51:12:99:2c:94:1e:3a:a3:19:d4:0b:7e:d9:1e:c4:
4f:ab:36:a1:df:2c:86:a3:3f:ce:13:cb:eb:f4:97:
ab:d3:e3:5d:17:c2:1c:f7:5d:43:68:96:2d:e7:49:
21:c5:78:8f:0c:21:65:17:12:d8:9d:aa:ad:17:58:
51:a9:93:c1:c5:cb:86:33:f9:51:bd:93:57:e3:b8:
40:49:1d:05:75:8b:77:e5:33:d3:bb:85:35:d5:8a:
c9:e2:49:87:d5:e4:8b:c9:97:99:50:3f:36:6d:b0:
4e:e5:9b:f6:33:43:e7:36:89:5d:ec:1e:10:3c:49:
54:83:31:b3:4d:f5:99:7e:80:8e:c5:14:13:a4:40:
78:0d:f1:a0:dc:f1:e2:5c:01:fd:2e:51:98:3c:f6:
43:c0:e2:0a:1e:70:1b:8b:5b:7f:60:9d:59:f9:43:
29:1e:2f:ed:15:83:3b:1f:60:26:54:e6:91:94:1f:
f7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7A:8E:11:4E:F6:80:83:2A:4D:98:7F:68:9E:56:3A:20:DF:50:E9
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/f3qOEU72gIMqTZh_aJ5WOiDfUOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.210.0/23
217.119.64.0/20
Signature Algorithm: sha256WithRSAEncryption
45:49:07:1f:1f:e8:28:78:e3:57:4c:6d:c8:86:a4:fb:23:f0:
9e:41:4c:b9:d7:fc:85:cd:9b:ed:99:69:49:4a:55:d0:1e:ce:
63:4a:b1:30:b8:66:6a:17:a1:b0:36:a3:b6:94:f5:6b:11:9f:
a5:8f:47:d8:98:d6:5b:ec:48:ec:18:8e:ee:42:ca:b7:59:20:
66:e7:a4:96:d2:9b:1f:a9:11:20:74:71:2f:eb:53:a4:22:89:
6b:de:98:e7:73:60:d9:e5:95:65:e0:ca:3f:31:e9:11:40:76:
5a:b6:9a:5e:8c:b2:52:0c:16:88:8e:84:1d:8b:3b:fb:25:4e:
10:dc:c9:af:52:b5:10:b5:b8:6e:e8:7d:81:e6:03:ea:f7:e8:
98:8c:a9:74:58:c9:1b:b7:8e:5a:af:48:80:fc:c2:5e:d7:1f:
f2:ea:14:06:dc:71:b1:35:21:e1:da:80:a0:49:ba:8b:3c:ad:
4f:b6:9f:f0:c9:39:76:6c:5f:16:b8:7f:26:47:49:9c:46:a8:
dc:e3:e7:14:fc:87:8d:7f:07:5b:ab:7d:ed:91:aa:ae:49:3b:
d8:41:24:39:a2:16:de:de:2f:8f:45:e2:af:51:2d:3e:a4:89:
b1:34:27:28:b5:97:ea:41:de:13:f0:2e:2d:23:72:3d:a5:74:
d3:63:5b:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQljvtGMdCNebW2/7y3p6OMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMTAyMDU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjdhOGUxMTRlZjY4MDgzMmE0ZDk4N2Y2ODllNTYzYTIwZGY1MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoAP+/rd/qujjYQhYSrPcf3ZUrue
y0duFkRvBVYY+0Zag51/yAjnmrNOpuONVizjIlZPv9RYTzGIWKr8slcqb4mAEIch
R+i77vxREpkslB46oxnUC37ZHsRPqzah3yyGoz/OE8vr9Jer0+NdF8Ic911DaJYt
50khxXiPDCFlFxLYnaqtF1hRqZPBxcuGM/lRvZNX47hASR0FdYt35TPTu4U11YrJ
4kmH1eSLyZeZUD82bbBO5Zv2M0PnNold7B4QPElUgzGzTfWZfoCOxRQTpEB4DfGg
3PHiXAH9LlGYPPZDwOIKHnAbi1t/YJ1Z+UMpHi/tFYM7H2AmVOaRlB/3jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH96jhFO9oCDKk2Yf2ieVjog31DpMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvZjNxT0VVNzJnSU1xVFpoX2FKNVdPaURmVU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwyLSAwQE
2XdAMA0GCSqGSIb3DQEBCwUAA4IBAQBFSQcfH+goeONXTG3IhqT7I/CeQUy51/yF
zZvtmWlJSlXQHs5jSrEwuGZqF6GwNqO2lPVrEZ+lj0fYmNZb7EjsGI7uQsq3WSBm
56SW0psfqREgdHEv61OkIolr3pjnc2DZ5ZVl4Mo/MekRQHZatppejLJSDBaIjoQd
izv7JU4Q3MmvUrUQtbhu6H2B5gPq9+iYjKl0WMkbt45ar0iA/MJe1x/y6hQG3HGx
NSHh2oCgSbqLPK1Ptp/wyTl2bF8WuH8mR0mcRqjc4+cU/IeNfwdbq33tkaquSTvY
QSQ5ohbe3i+PReKvUS0+pImxNCcotZfqQd4T8C4tI3I9pXTTY1vi
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:58:14 2025 by rpki-client