Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/_TqIYav8_W5nmJkKtQVUfbgcAfk.roa
File: _TqIYav8_W5nmJkKtQVUfbgcAfk.roa (raw, json)
Hash identifier: p1znwyRn+jIC6Z+4BqwtZERZkUoAFV4CbuQYYAMbz9U=
Subject key identifier: FD:3A:88:61:AB:FC:FD:6E:67:98:99:0A:B5:05:54:7D:B8:1C:01:F9
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0194266C3B1B1CEAABE80075BB3342887CA0
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/_TqIYav8_W5nmJkKtQVUfbgcAfk.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 188.208.109.0/24 maxlen: 24
188.214.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 15:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3b:1b:1c:ea:ab:e8:00:75:bb:33:42:88:7c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd3a8861abfcfd6e6798990ab505547db81c01f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f3:a5:3c:00:45:8e:52:61:cc:af:0d:0d:a3:
2e:f8:16:4f:af:16:bc:d1:34:ce:b1:e3:7d:1e:d3:
a4:9e:5e:99:74:f1:a3:43:9c:7a:6f:e5:bb:db:67:
9a:3d:bc:c5:fa:40:84:01:02:80:86:25:a1:35:85:
cb:92:c2:67:d8:13:dd:48:fa:c6:ad:f9:73:96:a3:
de:2d:ad:55:ca:af:e0:84:d0:72:d0:e3:a3:a2:55:
c0:2d:e0:d1:30:72:d1:3e:10:b9:f8:fe:fb:4c:58:
6e:18:e8:8a:14:e4:57:8d:58:9a:eb:c8:c1:f1:7a:
1a:f4:f2:69:0c:56:8e:33:d2:6d:76:06:2b:2a:fd:
af:62:b7:72:25:68:20:59:09:26:da:59:97:f8:95:
e2:b9:8e:69:7a:45:9e:69:de:48:51:ab:8f:9b:c8:
6a:5e:f2:13:5e:0a:ce:88:5f:fb:ff:b0:2f:40:1e:
db:d9:19:ff:93:98:02:a1:3b:05:b5:44:ad:22:e6:
da:45:0b:7a:91:46:d7:5c:b2:90:7a:62:19:31:13:
de:f3:b8:5b:29:cb:81:1c:72:18:ac:a3:c0:70:b8:
97:94:ac:57:82:c9:54:07:39:14:a9:82:e4:13:46:
db:d6:b0:cd:b9:91:f0:7d:0b:54:82:a8:19:0f:a0:
d6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3A:88:61:AB:FC:FD:6E:67:98:99:0A:B5:05:54:7D:B8:1C:01:F9
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/_TqIYav8_W5nmJkKtQVUfbgcAfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.109.0/24
188.214.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:36:05:22:c6:e5:1e:9e:06:1e:96:39:5f:55:48:83:fe:2e:
b3:7a:7d:d1:e7:ce:50:d7:44:c1:ba:d0:51:89:55:c0:a4:1b:
7c:ac:21:e8:f3:a3:4c:f2:7a:56:73:f0:ff:ed:db:9d:6d:6e:
a1:8a:3a:8e:30:fe:54:89:e9:39:4c:9c:00:4d:79:83:27:0d:
0a:4c:2d:f0:ef:91:23:d7:4d:39:c8:d3:fb:6a:c9:52:db:19:
7b:cf:fb:6f:ad:67:1c:74:a0:ec:4d:e4:88:96:c3:fd:09:2b:
1d:55:75:74:fb:a2:66:a0:89:cd:c6:65:8a:53:c0:8c:2d:20:
35:bf:8b:9d:53:91:3c:86:5c:b4:11:d7:8e:c4:ec:4b:b6:5a:
d5:75:7a:19:4e:33:f5:da:7c:65:7e:a2:59:a2:08:5d:26:90:
f3:34:e8:6b:fd:31:21:38:67:4c:46:c9:31:32:42:25:8f:a5:
7e:27:6c:9a:e3:ce:d0:fb:56:09:b9:bc:0a:ee:55:49:48:a5:
1a:64:31:ee:eb:95:89:cd:c3:ba:ae:81:9a:02:89:d4:a1:ca:
9d:19:72:ad:11:ab:47:29:ea:55:8f:94:d3:a4:88:4a:67:0d:
77:70:54:11:dc:6c:b2:3a:3b:8c:b3:b9:c5:87:20:78:56:90:
e2:f2:62:72
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmbDsbHOqr6AB1uzNCiHygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNhODg2MWFiZmNmZDZlNjc5ODk5MGFiNTA1NTQ3ZGI4MWMwMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/OlPABFjlJhzK8NDaMu+BZPrxa8
0TTOseN9HtOknl6ZdPGjQ5x6b+W722eaPbzF+kCEAQKAhiWhNYXLksJn2BPdSPrG
rflzlqPeLa1Vyq/ghNBy0OOjolXALeDRMHLRPhC5+P77TFhuGOiKFORXjVia68jB
8Xoa9PJpDFaOM9JtdgYrKv2vYrdyJWggWQkm2lmX+JXiuY5pekWead5IUauPm8hq
XvITXgrOiF/7/7AvQB7b2Rn/k5gCoTsFtUStIubaRQt6kUbXXLKQemIZMRPe87hb
KcuBHHIYrKPAcLiXlKxXgslUBzkUqYLkE0bb1rDNuZHwfQtUgqgZD6DWBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP06iGGr/P1uZ5iZCrUFVH24HAH5MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvX1RxSVlhdjhfVzVubUprS3RRVlVmYmdjQWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNBtAwQA
vNZeMA0GCSqGSIb3DQEBCwUAA4IBAQAMNgUixuUengYeljlfVUiD/i6zen3R585Q
10TButBRiVXApBt8rCHo86NM8npWc/D/7dudbW6hijqOMP5Uiek5TJwATXmDJw0K
TC3w75Ej1005yNP7aslS2xl7z/tvrWccdKDsTeSIlsP9CSsdVXV0+6JmoInNxmWK
U8CMLSA1v4udU5E8hly0EdeOxOxLtlrVdXoZTjP12nxlfqJZoghdJpDzNOhr/TEh
OGdMRskxMkIlj6V+J2ya487Q+1YJubwK7lVJSKUaZDHu65WJzcO6roGaAonUocqd
GXKtEatHKepVj5TTpIhKZw13cFQR3GyyOjuMs7nFhyB4VpDi8mJy
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:35 2025 by rpki-client