Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/PjlWQHJLqsgVexl0BgLp5zlLhng.roa
File: PjlWQHJLqsgVexl0BgLp5zlLhng.roa (raw, json)
Hash identifier: 8AZ6Cs0c4q1a+CA2B+yRWc8qOX4HNLBmlDE31wSl+Ew=
Subject key identifier: 3E:39:56:40:72:4B:AA:C8:15:7B:19:74:06:02:E9:E7:39:4B:86:78
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01951D83A91E0886574A9020437BDA2DA5DD
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/PjlWQHJLqsgVexl0BgLp5zlLhng.roa
Signing time: Wed 19 Feb 2025 09:22:02 +0000
ROA not before: Wed 19 Feb 2025 09:22:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 195.216.176.0/23 maxlen: 23
195.216.185.0/24 maxlen: 24
213.182.196.0/24 maxlen: 24
213.182.197.0/24 maxlen: 24
213.182.206.0/24 maxlen: 24
213.182.218.0/24 maxlen: 24
213.182.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 22 Mar 2025 20:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:83:a9:1e:08:86:57:4a:90:20:43:7b:da:2d:a5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Feb 19 09:22:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e395640724baac8157b19740602e9e7394b8678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cf:77:67:84:83:79:49:cb:70:ed:d5:a2:69:
66:fe:f7:8d:e8:4a:26:99:25:c5:a1:b8:9e:3e:c7:
8c:8a:34:01:64:54:21:c9:1c:d3:c4:bc:47:aa:95:
8f:a3:e9:fe:8a:2f:22:da:8e:f3:39:78:42:3a:0c:
1b:64:8a:3f:e9:2b:b4:d8:b5:f5:b8:e4:09:86:fe:
b8:9c:7d:b2:3c:69:3c:74:35:24:ce:7c:30:cc:f2:
9a:89:ab:9d:73:59:45:80:fc:20:7f:97:ea:4e:cd:
9e:84:8e:6f:f2:22:3d:d7:50:f7:06:16:a1:38:16:
d4:e2:7f:f0:1f:cf:e9:f5:49:74:81:14:25:2b:4a:
b8:56:61:5c:95:cc:33:05:6e:a0:0a:48:c4:46:c1:
00:c6:fb:06:8b:86:25:67:d5:3f:9e:2a:19:c3:db:
80:63:87:2c:3a:2e:e1:e4:4d:e3:85:ee:96:15:92:
c6:a3:3f:ee:4a:e1:e7:20:96:e7:36:3e:93:9b:1a:
79:c2:6c:c6:12:61:8b:26:61:33:39:35:39:3e:2b:
d7:c9:f4:eb:f4:e3:5e:99:e9:39:f1:e2:02:69:ce:
20:a9:58:77:92:8d:ee:5b:75:d9:d0:86:8d:0e:65:
ab:72:fc:7e:37:08:d7:96:92:c2:d6:94:44:eb:93:
8b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:39:56:40:72:4B:AA:C8:15:7B:19:74:06:02:E9:E7:39:4B:86:78
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/PjlWQHJLqsgVexl0BgLp5zlLhng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.176.0/23
195.216.185.0/24
213.182.196.0/23
213.182.206.0/24
213.182.218.0/24
213.182.220.0/22
Signature Algorithm: sha256WithRSAEncryption
06:88:e6:29:1e:8c:6b:5d:a7:9e:9d:13:83:ff:0e:7b:11:2c:
ea:df:e2:09:f1:54:87:20:b5:2a:c1:db:16:5f:ae:e5:21:60:
48:0e:9d:66:7c:91:6c:65:3d:c6:90:95:41:df:c0:e8:2c:a7:
66:06:8f:bc:fa:6c:8c:92:33:44:66:03:90:31:2f:2d:a6:df:
b6:29:b3:22:00:c5:b6:df:de:49:a8:88:e0:1a:bd:19:53:55:
b6:0e:ac:7e:ac:8a:ff:71:2f:73:4d:97:87:55:1c:6a:d5:28:
f7:30:dd:ca:ca:e0:4b:8f:49:ca:09:c1:56:8f:b2:ce:4c:a7:
5e:12:df:d7:b9:49:7e:1e:25:e0:1f:a1:99:4a:d5:2e:a2:03:
00:02:e5:ea:9b:2c:d2:e3:fc:51:ca:2f:d1:96:10:14:43:cd:
88:1e:ce:27:bf:ee:0a:7d:a2:f0:ba:5f:e5:c2:c7:e2:68:c3:
d8:7a:68:88:ad:a0:19:1e:a4:e5:38:9c:67:83:bd:b8:68:6f:
26:62:d8:e2:de:ac:f8:47:9b:3d:09:ad:35:c1:c3:cb:1f:4d:
75:49:a1:78:26:a4:ed:f3:ca:22:58:41:76:bf:ec:69:ed:ea:
5f:07:a7:47:a3:a8:6c:d2:57:1e:cd:19:bd:a6:ea:69:3c:0e:
0b:a7:5e:fd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZUdg6keCIZXSpAgQ3vaLaXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMjE5MDkyMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM5NTY0MDcyNGJhYWM4MTU3YjE5NzQwNjAyZTllNzM5NGI4Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy893Z4SDeUnLcO3Vomlm/veN6Eom
mSXFobiePseMijQBZFQhyRzTxLxHqpWPo+n+ii8i2o7zOXhCOgwbZIo/6Su02LX1
uOQJhv64nH2yPGk8dDUkznwwzPKaiaudc1lFgPwgf5fqTs2ehI5v8iI911D3Bhah
OBbU4n/wH8/p9Ul0gRQlK0q4VmFclcwzBW6gCkjERsEAxvsGi4YlZ9U/nioZw9uA
Y4csOi7h5E3jhe6WFZLGoz/uSuHnIJbnNj6Tmxp5wmzGEmGLJmEzOTU5PivXyfTr
9ONemek58eICac4gqVh3ko3uW3XZ0IaNDmWrcvx+NwjXlpLC1pRE65OL9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD45VkByS6rIFXsZdAYC6ec5S4Z4MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvUGpsV1FISkxxc2dWZXhsMEJnTHA1emxMaG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBw9iwAwQA
w9i5AwQB1bbEAwQA1bbOAwQA1bbaAwQC1bbcMA0GCSqGSIb3DQEBCwUAA4IBAQAG
iOYpHoxrXaeenROD/w57ESzq3+IJ8VSHILUqwdsWX67lIWBIDp1mfJFsZT3GkJVB
38DoLKdmBo+8+myMkjNEZgOQMS8tpt+2KbMiAMW2395JqIjgGr0ZU1W2Dqx+rIr/
cS9zTZeHVRxq1Sj3MN3KyuBLj0nKCcFWj7LOTKdeEt/XuUl+HiXgH6GZStUuogMA
AuXqmyzS4/xRyi/RlhAUQ82IHs4nv+4KfaLwul/lwsfiaMPYemiIraAZHqTlOJxn
g724aG8mYtji3qz4R5s9Ca01wcPLH011SaF4JqTt88oiWEF2v+xp7epfB6dHo6hs
0lcezRm9puppPA4Lp179
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:29:16 2025 by rpki-client