Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Cw3Ky7v9sI2_BNcVneTsoCUddaA.roa
File: Cw3Ky7v9sI2_BNcVneTsoCUddaA.roa (raw, json)
Hash identifier: dt++lIc07X/CydOUd6o2VxSNBXhbbqGglhAaLnd9jg0=
Subject key identifier: 0B:0D:CA:CB:BB:FD:B0:8D:BF:04:D7:15:9D:E4:EC:A0:25:1D:75:A0
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01958AF559C5772CD6E63A183DF6F5D024B9
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Cw3Ky7v9sI2_BNcVneTsoCUddaA.roa
Signing time: Wed 12 Mar 2025 15:24:49 +0000
ROA not before: Wed 12 Mar 2025 15:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214504
IP address blocks: 213.182.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 13 Mar 2025 13:19:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:f5:59:c5:77:2c:d6:e6:3a:18:3d:f6:f5:d0:24:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Mar 12 15:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b0dcacbbbfdb08dbf04d7159de4eca0251d75a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:31:e7:3e:26:c1:2f:e7:11:7a:e9:f0:a0:68:
94:ee:e3:a8:97:65:e8:ef:77:ce:31:d6:c8:d5:71:
7a:14:09:19:3a:33:af:d5:9c:30:3b:00:56:a9:a7:
5a:65:d0:62:ea:b6:5e:e1:37:6a:9e:58:9d:4a:83:
1c:a3:20:a5:2e:7b:3c:c7:72:8d:36:f5:c8:aa:0b:
e7:54:bf:78:86:aa:a6:a8:55:b5:b0:c8:25:2e:78:
63:3b:a7:2f:68:79:35:ff:61:8e:57:63:6d:f8:3b:
6a:59:6e:41:13:14:68:a8:f3:9d:15:60:67:b9:f6:
b1:82:b4:69:f4:9b:54:1d:48:16:75:5a:11:9c:c9:
5d:c0:95:4c:af:29:72:13:c8:a6:7d:a3:b9:0a:21:
b1:1f:15:28:9b:63:6f:ae:12:6e:6a:af:81:1c:8b:
1c:7f:5c:45:9e:23:5b:eb:bc:59:2b:4b:ba:b2:d7:
66:2f:82:26:13:b4:59:34:70:c2:57:ae:3a:cd:5d:
3e:db:2c:8d:de:aa:51:55:2a:b2:79:a0:2d:bc:85:
98:2c:49:d4:54:0f:b7:06:a6:cc:86:75:73:fe:97:
cb:dc:95:46:59:32:eb:22:3e:98:f3:af:aa:ce:51:
dc:5e:ab:fc:7b:31:b8:d6:19:c8:9a:7a:4f:9a:14:
59:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0D:CA:CB:BB:FD:B0:8D:BF:04:D7:15:9D:E4:EC:A0:25:1D:75:A0
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Cw3Ky7v9sI2_BNcVneTsoCUddaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.212.0/23
Signature Algorithm: sha256WithRSAEncryption
46:44:de:c7:90:2b:2f:45:f9:22:c1:c5:7d:fc:8c:0c:86:a7:
a3:fb:94:87:08:74:7f:90:92:9c:76:35:34:38:3d:73:f0:92:
a9:99:98:c6:d1:9e:c3:2a:73:6b:1e:65:6e:69:58:8c:88:b8:
0c:71:be:2a:c7:4f:59:9e:96:89:be:56:a7:7f:a1:36:bd:79:
c8:cf:51:ca:58:fd:6e:1c:6a:13:5e:bc:44:6b:2f:d3:dd:d8:
1e:08:6a:f4:9e:ac:2d:5c:09:a0:b5:6f:e0:63:80:90:ec:0a:
db:67:f7:6e:16:d1:f9:10:cd:5e:d9:26:55:68:43:7b:e9:a8:
5f:d0:42:8b:f3:08:e4:e6:76:24:56:8e:2a:4e:57:61:d8:6e:
94:d3:2f:a0:f6:e5:8e:7b:89:d5:50:a5:f2:21:d3:16:93:f2:
2e:7a:1d:27:c8:b8:0f:23:77:03:16:79:1d:87:ef:4c:d9:51:
3b:77:cb:69:c7:32:61:02:22:7a:62:b9:38:7b:c1:64:6b:b8:
40:20:db:ac:85:42:be:2a:fe:19:31:06:22:c4:f4:cd:45:a3:
67:51:0a:5d:42:48:87:e2:f0:22:0e:59:4a:56:c8:2b:40:59:
ec:22:12:5e:f6:2c:64:d6:87:af:9c:3a:58:5f:51:95:d6:5c:
0c:37:ab:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWK9VnFdyzW5joYPfb10CS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMzEyMTUyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBkY2FjYmJiZmRiMDhkYmYwNGQ3MTU5ZGU0ZWNhMDI1MWQ3NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTHnPibBL+cReunwoGiU7uOol2Xo
73fOMdbI1XF6FAkZOjOv1ZwwOwBWqadaZdBi6rZe4TdqnlidSoMcoyClLns8x3KN
NvXIqgvnVL94hqqmqFW1sMglLnhjO6cvaHk1/2GOV2Nt+DtqWW5BExRoqPOdFWBn
ufaxgrRp9JtUHUgWdVoRnMldwJVMrylyE8imfaO5CiGxHxUom2NvrhJuaq+BHIsc
f1xFniNb67xZK0u6stdmL4ImE7RZNHDCV646zV0+2yyN3qpRVSqyeaAtvIWYLEnU
VA+3BqbMhnVz/pfL3JVGWTLrIj6Y86+qzlHcXqv8ezG41hnImnpPmhRZgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsNysu7/bCNvwTXFZ3k7KAlHXWgMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvQ3czS3k3djlzSTJfQk5jVm5lVHNvQ1VkZGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1bbUMA0G
CSqGSIb3DQEBCwUAA4IBAQBGRN7HkCsvRfkiwcV9/IwMhqej+5SHCHR/kJKcdjU0
OD1z8JKpmZjG0Z7DKnNrHmVuaViMiLgMcb4qx09ZnpaJvlanf6E2vXnIz1HKWP1u
HGoTXrxEay/T3dgeCGr0nqwtXAmgtW/gY4CQ7ArbZ/duFtH5EM1e2SZVaEN76ahf
0EKL8wjk5nYkVo4qTldh2G6U0y+g9uWOe4nVUKXyIdMWk/Iueh0nyLgPI3cDFnkd
h+9M2VE7d8tpxzJhAiJ6Yrk4e8Fka7hAINushUK+Kv4ZMQYixPTNRaNnUQpdQkiH
4vAiDllKVsgrQFnsIhJe9ixk1oevnDpYX1GV1lwMN6sa
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:14:02 2025 by rpki-client