Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/gWLkrB5nZ1Nahgy7TdzKFPPywwA.roa
File: gWLkrB5nZ1Nahgy7TdzKFPPywwA.roa (raw, json)
Hash identifier: ilXieOHPInwR23h0uwNGUzXZr7YdbunmcuvH3l7hlb0=
Subject key identifier: 81:62:E4:AC:1E:67:67:53:5A:86:0C:BB:4D:DC:CA:14:F3:F2:C3:00
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019505CAF814E565B1B21643B2021A07D5D4
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/gWLkrB5nZ1Nahgy7TdzKFPPywwA.roa
Signing time: Fri 14 Feb 2025 18:49:02 +0000
ROA not before: Fri 14 Feb 2025 18:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200202
IP address blocks: 195.216.162.0/23 maxlen: 23
195.216.187.0/24 maxlen: 24
195.216.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Feb 2025 19:23:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:05:ca:f8:14:e5:65:b1:b2:16:43:b2:02:1a:07:d5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Feb 14 18:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8162e4ac1e6767535a860cbb4ddcca14f3f2c300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:78:39:af:da:02:a6:bc:55:e0:be:3f:96:
90:e2:46:50:02:1b:d1:82:20:87:c4:18:b3:eb:1a:
08:94:77:1f:91:49:3f:f4:86:02:a1:a7:9c:c1:84:
03:d2:6f:9d:a0:1a:34:4b:c7:5e:a9:6c:33:c4:ed:
75:c2:ab:6e:2d:40:89:aa:e0:40:41:9d:c0:a6:56:
e9:5b:28:df:61:78:43:d1:1d:4c:43:39:e9:d4:33:
2c:ad:2f:fc:cf:3d:7a:73:93:30:ae:20:37:3d:78:
0f:d9:b3:4e:2d:e1:83:28:95:7e:56:48:dc:3b:9c:
55:42:2a:c2:30:d8:cc:12:53:56:90:74:c4:d7:77:
f0:d2:df:59:92:81:c8:09:3e:b3:bd:47:79:fa:12:
2d:41:4a:3c:f2:6d:87:7f:66:dc:1e:97:99:37:04:
9c:15:61:16:84:ad:7a:35:e4:7c:4e:5f:d2:d6:bb:
d6:91:b1:de:25:1a:8c:5a:c2:b5:43:cb:ea:9f:5a:
8d:9a:36:d4:39:c9:48:f4:e2:e7:de:62:55:1c:09:
3c:18:23:ff:de:36:87:11:a5:1d:ce:5a:56:39:6e:
25:22:30:f3:7c:89:31:8b:18:61:8d:00:8c:93:16:
f6:9d:1a:02:8c:98:6d:92:bb:98:0c:da:bd:7e:e7:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:62:E4:AC:1E:67:67:53:5A:86:0C:BB:4D:DC:CA:14:F3:F2:C3:00
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/gWLkrB5nZ1Nahgy7TdzKFPPywwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.162.0/23
195.216.187.0/24
195.216.190.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:9b:2c:c4:93:cd:16:e9:fd:99:a0:f2:aa:ce:d4:39:72:05:
8a:02:28:5f:e2:2b:ee:7b:e2:31:a3:00:c3:91:6b:24:ea:c9:
b3:07:e1:27:aa:bc:41:bb:a1:89:6a:3e:e0:0a:1a:46:d5:4d:
7e:55:45:09:ec:d7:84:53:4b:01:17:9d:bb:7b:fb:7b:ac:11:
66:3f:8a:ce:fa:a7:aa:ba:2c:7e:73:de:b6:c0:cb:30:b5:fd:
fc:c4:d2:0a:ed:2a:aa:56:7f:80:9d:d2:5a:16:0b:1d:7e:6d:
e1:27:52:88:3e:57:b8:32:02:f7:da:7b:16:4c:d6:8d:8b:a2:
40:d8:fc:1d:bf:2c:2f:f3:67:97:36:4b:95:3c:b9:b0:7e:c5:
c9:a1:12:4a:06:f5:0d:17:9e:21:91:a1:fd:d8:3e:07:55:ba:
0d:db:2a:8b:ce:97:ef:03:4e:d2:7a:86:4c:a0:74:50:93:b1:
84:c8:64:7e:34:db:52:01:1e:af:11:31:96:e1:6e:b6:9a:a7:
e2:54:51:40:f2:4a:fa:12:16:6a:0c:4f:86:4f:2c:b4:78:e1:
9d:76:ca:bf:b1:8d:f9:60:aa:47:66:b0:a4:cf:e5:1f:65:3b:
96:f9:fe:0a:a8:ee:11:0a:13:cc:5f:97:d1:2d:1b:c2:b7:f6:
e3:05:41:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUFyvgU5WWxshZDsgIaB9XUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMjE0MTg0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTYyZTRhYzFlNjc2NzUzNWE4NjBjYmI0ZGRjY2ExNGYzZjJjMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqB4Oa/aAqa8VeC+P5aQ4kZQAhvR
giCHxBiz6xoIlHcfkUk/9IYCoaecwYQD0m+doBo0S8deqWwzxO11wqtuLUCJquBA
QZ3AplbpWyjfYXhD0R1MQznp1DMsrS/8zz16c5MwriA3PXgP2bNOLeGDKJV+Vkjc
O5xVQirCMNjMElNWkHTE13fw0t9ZkoHICT6zvUd5+hItQUo88m2Hf2bcHpeZNwSc
FWEWhK16NeR8Tl/S1rvWkbHeJRqMWsK1Q8vqn1qNmjbUOclI9OLn3mJVHAk8GCP/
3jaHEaUdzlpWOW4lIjDzfIkxixhhjQCMkxb2nRoCjJhtkruYDNq9fufVIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIFi5KweZ2dTWoYMu03cyhTz8sMAMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvZ1dMa3JCNW5aMU5haGd5N1RkektGUFB5d3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBw9iiAwQA
w9i7AwQAw9i+MA0GCSqGSIb3DQEBCwUAA4IBAQB8myzEk80W6f2ZoPKqztQ5cgWK
Aihf4ivue+IxowDDkWsk6smzB+EnqrxBu6GJaj7gChpG1U1+VUUJ7NeEU0sBF527
e/t7rBFmP4rO+qequix+c962wMswtf38xNIK7SqqVn+AndJaFgsdfm3hJ1KIPle4
MgL32nsWTNaNi6JA2Pwdvywv82eXNkuVPLmwfsXJoRJKBvUNF54hkaH92D4HVboN
2yqLzpfvA07SeoZMoHRQk7GEyGR+NNtSAR6vETGW4W62mqfiVFFA8kr6EhZqDE+G
Tyy0eOGddsq/sY35YKpHZrCkz+UfZTuW+f4KqO4RChPMX5fRLRvCt/bjBUG6
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:27 2025 by rpki-client