Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CRuvW1vbn4sdVvnLf9J6GakVi4o.roa
File: CRuvW1vbn4sdVvnLf9J6GakVi4o.roa (raw, json)
Hash identifier: twDyFdJACwACZM5Dh1pZgWTUfvw3mVUQnP0v0aDEDNg=
Subject key identifier: 09:1B:AF:5B:5B:DB:9F:8B:1D:56:F9:CB:7F:D2:7A:19:A9:15:8B:8A
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01942827B17B7BBCF382EA588C0361B3B04C
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CRuvW1vbn4sdVvnLf9J6GakVi4o.roa
Signing time: Thu 02 Jan 2025 17:54:37 +0000
ROA not before: Thu 02 Jan 2025 17:54:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200202
IP address blocks: 195.216.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 06:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:b1:7b:7b:bc:f3:82:ea:58:8c:03:61:b3:b0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jan 2 17:54:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=091baf5b5bdb9f8b1d56f9cb7fd27a19a9158b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:0d:e4:b1:e7:89:96:d2:ea:95:47:89:f6:
2c:78:a9:92:54:d8:a5:21:5d:e5:43:f9:bb:70:95:
ab:b2:1f:3d:34:79:c9:af:7d:75:c2:e4:fa:4d:ca:
07:87:62:2b:ce:ed:f7:7b:a4:9a:6e:cb:6d:b4:b4:
cc:f7:bf:cf:6f:9f:b9:68:d7:3e:d4:40:b9:a2:60:
d6:f2:ec:1d:d2:66:29:39:30:83:18:32:ac:18:1c:
25:46:79:16:17:00:b6:7f:01:43:37:88:ca:76:7b:
dc:3b:ca:4c:4a:a9:5a:34:26:90:2d:ae:55:3f:95:
ee:f0:75:05:7d:96:88:cf:d4:52:44:89:3c:39:23:
fb:0d:0e:a3:93:43:af:3f:43:27:c0:03:2a:da:c1:
8d:c2:12:9a:db:7a:89:bb:98:d6:99:48:ff:66:3f:
7e:60:21:3d:ec:1f:df:6a:bf:18:8d:1c:96:8e:1b:
30:9f:41:51:37:09:f1:98:5a:0e:57:56:4c:1c:7b:
6d:aa:d6:fb:1c:ce:bd:e2:eb:9b:45:2b:3f:12:57:
e3:0b:2f:d3:69:5f:aa:84:de:73:2b:6e:95:d4:06:
e8:63:cb:08:d9:58:8f:34:70:03:25:4b:06:74:39:
1a:5e:f8:25:8b:d3:1b:fa:3f:b8:bf:41:bd:78:bd:
66:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1B:AF:5B:5B:DB:9F:8B:1D:56:F9:CB:7F:D2:7A:19:A9:15:8B:8A
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CRuvW1vbn4sdVvnLf9J6GakVi4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:21:0e:20:83:53:45:91:5d:16:ce:42:da:0e:a3:07:7b:74:
c8:ba:a9:c6:84:c7:45:40:34:3d:8b:f2:c1:1d:54:1a:a1:9f:
a8:3e:6a:f2:ca:7c:c4:46:8c:d5:de:61:ba:48:6d:1e:fa:6a:
1a:f7:a8:7e:2c:e6:82:62:29:74:2c:8a:7d:c6:fb:46:19:4a:
ce:3b:e8:5c:b8:dd:2d:15:76:d4:2a:99:13:9a:e6:1c:11:3f:
bc:6e:a2:cc:a1:cd:49:ea:77:e8:77:0e:74:af:eb:a3:30:26:
ec:01:11:33:3f:41:c5:3d:ee:bf:ae:4a:fb:ac:dc:d4:a4:19:
11:88:f6:48:0a:08:33:d8:cd:e5:e8:86:96:03:78:6d:12:d2:
e3:69:a0:2b:dd:94:e6:e3:03:8b:79:01:3a:0d:ec:45:8d:5e:
5a:0d:68:6d:8c:94:0d:fb:55:34:50:00:91:00:05:1d:fa:3c:
d7:54:99:2a:06:51:1c:db:e4:26:fb:26:d6:76:e4:d7:19:c4:
20:cd:a2:69:3c:da:04:fb:ca:0e:9d:50:47:aa:9c:85:5a:11:
ba:20:81:fa:48:74:13:e2:44:3e:96:97:97:cc:69:a8:c0:8d:
c7:cf:68:03:4b:55:e5:22:11:e3:67:51:24:cd:db:52:3d:bf:
72:1e:b7:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ7F7e7zzgupYjANhs7BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMTAyMTc1NDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFiYWY1YjViZGI5ZjhiMWQ1NmY5Y2I3ZmQyN2ExOWE5MTU4YjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMYN5LHniZbS6pVHifYseKmSVNil
IV3lQ/m7cJWrsh89NHnJr311wuT6TcoHh2Irzu33e6SabstttLTM97/Pb5+5aNc+
1EC5omDW8uwd0mYpOTCDGDKsGBwlRnkWFwC2fwFDN4jKdnvcO8pMSqlaNCaQLa5V
P5Xu8HUFfZaIz9RSRIk8OSP7DQ6jk0OvP0MnwAMq2sGNwhKa23qJu5jWmUj/Zj9+
YCE97B/far8YjRyWjhswn0FRNwnxmFoOV1ZMHHttqtb7HM694uubRSs/ElfjCy/T
aV+qhN5zK26V1AboY8sI2ViPNHADJUsGdDkaXvgli9Mb+j+4v0G9eL1mYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkbr1tb25+LHVb5y3/SehmpFYuKMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvQ1J1dlcxdmJuNHNkVnZuTGY5SjZHYWtWaTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9i+MA0G
CSqGSIb3DQEBCwUAA4IBAQAOIQ4gg1NFkV0WzkLaDqMHe3TIuqnGhMdFQDQ9i/LB
HVQaoZ+oPmryynzERozV3mG6SG0e+moa96h+LOaCYil0LIp9xvtGGUrOO+hcuN0t
FXbUKpkTmuYcET+8bqLMoc1J6nfodw50r+ujMCbsAREzP0HFPe6/rkr7rNzUpBkR
iPZICggz2M3l6IaWA3htEtLjaaAr3ZTm4wOLeQE6DexFjV5aDWhtjJQN+1U0UACR
AAUd+jzXVJkqBlEc2+Qm+ybWduTXGcQgzaJpPNoE+8oOnVBHqpyFWhG6IIH6SHQT
4kQ+lpeXzGmowI3Hz2gDS1XlIhHjZ1EkzdtSPb9yHrcS
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:49:34 2025 by rpki-client