Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/jJZqmMCt-3bzWeoC3Rl5wwKzA28.roa
File: jJZqmMCt-3bzWeoC3Rl5wwKzA28.roa (raw, json)
Hash identifier: fi+Lz+KVs4pm0tIGXpTXUnP0kI5PqJn9M4k3DFUWw+g=
Subject key identifier: 8C:96:6A:98:C0:AD:FB:76:F3:59:EA:02:DD:19:79:C3:02:B3:03:6F
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0195BF9CA89D6B785B0CBAF71C59C2EB1BA6
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/jJZqmMCt-3bzWeoC3Rl5wwKzA28.roa
Signing time: Sat 22 Mar 2025 20:47:49 +0000
ROA not before: Sat 22 Mar 2025 20:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 195.216.176.0/23 maxlen: 23
213.182.196.0/24 maxlen: 24
213.182.197.0/24 maxlen: 24
213.182.206.0/24 maxlen: 24
213.182.218.0/24 maxlen: 24
213.182.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 31 Mar 2025 14:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:9c:a8:9d:6b:78:5b:0c:ba:f7:1c:59:c2:eb:1b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Mar 22 20:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c966a98c0adfb76f359ea02dd1979c302b3036f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ae:6d:46:85:3a:a0:f5:75:2d:c0:ef:5e:b9:
74:a8:70:0a:e0:56:95:56:81:82:28:0a:cb:1a:63:
5e:eb:e1:2e:bd:9b:5d:7a:f0:af:17:07:cf:a5:b4:
08:36:6e:f8:17:52:1a:70:db:dd:2c:d9:74:14:3f:
17:f0:e1:f3:92:ac:a9:9c:3c:47:a1:80:29:36:78:
37:2e:5b:76:9a:72:51:41:c0:34:09:0a:8d:d1:6e:
16:4b:51:59:70:41:88:ad:e7:32:63:0a:77:8e:d5:
1d:d4:f6:14:77:e8:69:dd:bf:72:f5:c2:6a:30:0c:
83:0e:43:02:12:a5:28:bc:02:25:7f:fc:cc:69:6b:
80:48:73:11:7a:e6:38:91:e2:b6:85:3b:08:c0:64:
62:08:55:5d:4a:4b:c2:b2:43:33:7b:34:f3:32:ed:
d1:d2:56:14:69:83:bc:8d:3c:5b:13:35:48:ab:b3:
8d:af:aa:fa:de:06:3e:52:a1:fb:a9:99:7a:57:41:
82:87:97:ba:bb:22:28:eb:65:aa:1a:c0:27:3d:e4:
03:89:78:4e:9a:ea:48:23:ef:78:19:58:8d:e0:d2:
a1:5a:73:31:e4:9d:d8:87:7c:1a:6f:3e:5a:b5:14:
05:f1:12:6d:c4:30:2d:56:3c:e7:0e:b9:d2:f3:8b:
2a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:96:6A:98:C0:AD:FB:76:F3:59:EA:02:DD:19:79:C3:02:B3:03:6F
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/jJZqmMCt-3bzWeoC3Rl5wwKzA28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.176.0/23
213.182.196.0/23
213.182.206.0/24
213.182.218.0/24
213.182.220.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:88:f7:6f:56:9e:33:8c:d9:8c:ea:b8:25:64:d4:b6:af:a5:
bf:18:d2:f2:fb:dd:68:15:bb:27:18:38:1c:5d:ac:d1:89:b2:
fa:60:74:89:3d:ad:b0:84:2e:d1:58:f7:73:96:c6:df:f4:99:
aa:b0:68:76:b9:97:5b:5e:76:80:f1:3d:bb:d6:be:80:59:bb:
80:54:78:08:18:58:3b:ad:1a:90:4c:42:57:9b:48:63:21:a5:
ab:40:2e:14:62:c9:a2:3f:c8:3c:83:7b:65:a7:62:7e:0e:39:
63:57:0a:40:85:15:f0:38:38:af:a5:24:b6:1c:a6:fa:79:5c:
cd:68:85:84:4f:43:2f:18:7b:b9:29:04:d5:9c:8a:d5:64:f4:
46:6b:68:0f:c6:20:46:d3:97:f3:65:b0:16:88:b0:8a:78:02:
52:cc:e1:ca:63:a5:76:5d:15:d3:a1:58:d9:f9:a3:ce:ea:c0:
0b:8d:35:13:b1:73:6d:b9:14:db:cf:2a:a1:5e:bd:ba:d0:86:
31:54:47:01:78:3a:76:31:38:1a:05:8a:f2:4d:9c:66:dc:c6:
3a:5f:cb:01:8d:77:8f:2c:69:23:46:c8:70:47:10:98:bb:b2:
20:59:b8:0b:b4:ef:62:38:9a:cb:29:d1:fb:42:9b:a3:af:4e:
ff:27:1a:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZW/nKida3hbDLr3HFnC6xumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwMzIyMjA0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzk2NmE5OGMwYWRmYjc2ZjM1OWVhMDJkZDE5NzljMzAyYjMwMzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK5tRoU6oPV1LcDvXrl0qHAK4FaV
VoGCKArLGmNe6+EuvZtdevCvFwfPpbQINm74F1IacNvdLNl0FD8X8OHzkqypnDxH
oYApNng3Llt2mnJRQcA0CQqN0W4WS1FZcEGIrecyYwp3jtUd1PYUd+hp3b9y9cJq
MAyDDkMCEqUovAIlf/zMaWuASHMReuY4keK2hTsIwGRiCFVdSkvCskMzezTzMu3R
0lYUaYO8jTxbEzVIq7ONr6r63gY+UqH7qZl6V0GCh5e6uyIo62WqGsAnPeQDiXhO
mupII+94GViN4NKhWnMx5J3Yh3wabz5atRQF8RJtxDAtVjznDrnS84sqhQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIyWapjArft281nqAt0ZecMCswNvMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvakpacW1NQ3QtM2J6V2VvQzNSbDV3d0t6QTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBw9iwAwQB
1bbEAwQA1bbOAwQA1bbaAwQC1bbcMA0GCSqGSIb3DQEBCwUAA4IBAQBOiPdvVp4z
jNmM6rglZNS2r6W/GNLy+91oFbsnGDgcXazRibL6YHSJPa2whC7RWPdzlsbf9Jmq
sGh2uZdbXnaA8T271r6AWbuAVHgIGFg7rRqQTEJXm0hjIaWrQC4UYsmiP8g8g3tl
p2J+DjljVwpAhRXwODivpSS2HKb6eVzNaIWET0MvGHu5KQTVnIrVZPRGa2gPxiBG
05fzZbAWiLCKeAJSzOHKY6V2XRXToVjZ+aPO6sALjTUTsXNtuRTbzyqhXr260IYx
VEcBeDp2MTgaBYryTZxm3MY6X8sBjXePLGkjRshwRxCYu7IgWbgLtO9iOJrLKdH7
Qpujr07/JxrW
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:54:26 2025 by rpki-client