Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/tC1EIh9MDCpnQMIvJpNIPIONrTM.roa
File: tC1EIh9MDCpnQMIvJpNIPIONrTM.roa (raw, json)
Hash identifier: WAK9Tv84agFc57TqCAtIJkYntAaalytLwF7raejmEz4=
Subject key identifier: B4:2D:44:22:1F:4C:0C:2A:67:40:C2:2F:26:93:48:3C:83:8D:AD:33
Certificate issuer: /CN=31e6591d1a04d6afe1ed5f4ed01d394ae5148589
Certificate serial: 01955BD991EBB6DFF27DE9987E37AD9628A1
Authority key identifier: 31:E6:59:1D:1A:04:D6:AF:E1:ED:5F:4E:D0:1D:39:4A:E5:14:85:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeZZHRoE1q_h7V9O0B05SuUUhYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/tC1EIh9MDCpnQMIvJpNIPIONrTM.roa
Signing time: Mon 03 Mar 2025 11:52:19 +0000
ROA not before: Mon 03 Mar 2025 11:52:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212169
IP address blocks: 185.104.190.0/24 maxlen: 24
193.84.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 14:10:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:d9:91:eb:b6:df:f2:7d:e9:98:7e:37:ad:96:28:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31e6591d1a04d6afe1ed5f4ed01d394ae5148589
Validity
Not Before: Mar 3 11:52:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b42d44221f4c0c2a6740c22f2693483c838dad33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:82:6f:e0:6e:b7:92:e3:e5:86:16:af:7a:06:
f2:0d:ca:37:0b:fc:61:b6:fe:16:e5:61:6a:2e:5f:
7c:86:52:69:04:3e:73:eb:c1:47:6b:c0:cb:63:a6:
e8:d9:08:5c:d9:2c:a5:46:58:aa:31:5e:e7:a9:9c:
6a:d6:09:82:fd:98:04:b8:2c:c0:0a:ae:5b:6b:c8:
2a:2d:a1:27:91:22:1b:46:5e:d2:d3:cf:61:30:28:
ae:41:19:29:31:07:6f:a9:6a:ec:9f:b9:b7:8e:1e:
8a:19:7f:a6:92:bf:b4:dc:0b:e7:3c:3c:61:dd:77:
7a:ed:6c:c1:7c:c0:8e:ea:5a:12:3a:ad:d6:a9:b3:
21:c2:15:c1:c1:a9:f9:87:1d:70:ae:96:0e:b4:57:
60:0d:3e:b8:40:e0:ac:1b:f5:33:e4:03:af:05:a4:
4d:b6:08:21:ff:80:b7:0a:f5:fd:10:e6:3a:af:1d:
62:86:ad:99:e6:77:87:c4:52:bd:8f:76:fc:22:5c:
9c:d6:34:14:64:ec:09:c5:63:f8:d5:6b:2b:9d:1e:
9a:a5:05:6f:ef:21:41:de:bf:f5:1d:6b:b4:25:8f:
5b:d2:e5:94:bf:44:23:c7:ab:53:52:06:34:67:38:
b8:26:01:14:c0:44:03:62:87:1a:12:20:40:6c:b5:
49:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2D:44:22:1F:4C:0C:2A:67:40:C2:2F:26:93:48:3C:83:8D:AD:33
X509v3 Authority Key Identifier:
keyid:31:E6:59:1D:1A:04:D6:AF:E1:ED:5F:4E:D0:1D:39:4A:E5:14:85:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeZZHRoE1q_h7V9O0B05SuUUhYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/tC1EIh9MDCpnQMIvJpNIPIONrTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/84a85e-ad49-4c63-ab59-ab7b0aa1c3d4/1/MeZZHRoE1q_h7V9O0B05SuUUhYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.190.0/24
193.84.101.0/24
Signature Algorithm: sha256WithRSAEncryption
24:0b:48:c7:fa:e9:aa:0b:64:d9:4e:07:a6:e7:59:03:73:a3:
e2:7b:46:16:d6:d3:6d:16:a5:95:47:7f:db:d8:a1:d7:5e:36:
34:e3:0e:e7:3c:5a:8a:c8:76:07:20:83:2a:2a:3b:f4:8b:69:
eb:af:b2:80:0d:53:86:ea:70:4a:57:7e:4a:19:ff:23:03:d8:
6d:7b:d9:7f:4f:b3:ec:0e:d6:f5:7b:05:27:c4:7f:63:25:73:
5a:01:09:2a:18:d2:b9:6c:6a:d0:72:51:d6:0d:48:d1:21:32:
6f:e1:8a:43:8d:51:6f:1a:b8:34:08:f2:32:04:a6:66:40:4a:
55:9a:e8:01:af:f2:c5:9f:ff:74:84:d0:9f:ae:a3:c6:86:e8:
2c:dd:7b:ce:74:cb:ff:de:3e:aa:96:38:ca:85:08:14:91:ff:
02:aa:e1:73:4e:ce:de:18:68:a5:13:2b:4a:72:ad:68:6b:ee:
e2:c8:16:8d:bb:0b:a3:0b:ef:61:e8:50:98:36:50:f9:53:a2:
4d:84:b3:f2:36:3e:d9:5b:77:d5:02:71:f5:a1:eb:85:60:e4:
6a:12:ed:8c:c8:66:82:68:14:f7:0d:8a:cf:e7:da:a2:b2:4c:
5f:c4:d5:88:4a:11:e6:b6:a5:8c:8d:54:a2:76:30:ca:6f:24:
d8:3a:06:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVb2ZHrtt/yfemYfjetliihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZTY1OTFkMWEwNGQ2YWZlMWVkNWY0ZWQwMWQzOTRhZTUx
NDg1ODkwHhcNMjUwMzAzMTE1MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDJkNDQyMjFmNGMwYzJhNjc0MGMyMmYyNjkzNDgzYzgzOGRhZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4Jv4G63kuPlhhavegbyDco3C/xh
tv4W5WFqLl98hlJpBD5z68FHa8DLY6bo2Qhc2SylRliqMV7nqZxq1gmC/ZgEuCzA
Cq5ba8gqLaEnkSIbRl7S089hMCiuQRkpMQdvqWrsn7m3jh6KGX+mkr+03AvnPDxh
3Xd67WzBfMCO6loSOq3WqbMhwhXBwan5hx1wrpYOtFdgDT64QOCsG/Uz5AOvBaRN
tggh/4C3CvX9EOY6rx1ihq2Z5neHxFK9j3b8Ilyc1jQUZOwJxWP41WsrnR6apQVv
7yFB3r/1HWu0JY9b0uWUv0Qjx6tTUgY0Zzi4JgEUwEQDYocaEiBAbLVJOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQtRCIfTAwqZ0DCLyaTSDyDja0zMB8GA1UdIwQY
MBaAFDHmWR0aBNav4e1fTtAdOUrlFIWJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWVaWkhSb0UxcV9oN1Y5TzBCMDVTdVVVaFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NGE4NWUtYWQ0OS00YzYzLWFiNTkt
YWI3YjBhYTFjM2Q0LzEvdEMxRUloOU1EQ3BuUU1JdkpwTklQSU9OclRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NGE4NWUtYWQ0OS00YzYzLWFiNTktYWI3YjBhYTFjM2Q0
LzEvTWVaWkhSb0UxcV9oN1Y5TzBCMDVTdVVVaFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWi+AwQA
wVRlMA0GCSqGSIb3DQEBCwUAA4IBAQAkC0jH+umqC2TZTgem51kDc6Pie0YW1tNt
FqWVR3/b2KHXXjY04w7nPFqKyHYHIIMqKjv0i2nrr7KADVOG6nBKV35KGf8jA9ht
e9l/T7PsDtb1ewUnxH9jJXNaAQkqGNK5bGrQclHWDUjRITJv4YpDjVFvGrg0CPIy
BKZmQEpVmugBr/LFn/90hNCfrqPGhugs3XvOdMv/3j6qljjKhQgUkf8CquFzTs7e
GGilEytKcq1oa+7iyBaNuwujC+9h6FCYNlD5U6JNhLPyNj7ZW3fVAnH1oeuFYORq
Eu2MyGaCaBT3DYrP59qiskxfxNWIShHmtqWMjVSidjDKbyTYOgbW
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:46:35 2025 by rpki-client