Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/x96gZnUsK_GTsX6-jYtSU4EN6tQ.roa
File: x96gZnUsK_GTsX6-jYtSU4EN6tQ.roa (raw, json)
Hash identifier: aTLXdTeAI/PLWET45cl9RoO9rsOvK51hdis6HOkzEYA=
Subject key identifier: C7:DE:A0:66:75:2C:2B:F1:93:B1:7E:BE:8D:8B:52:53:81:0D:EA:D4
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01951AE0EABF669C81F1FC88E9EBA4DBC8BC
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/x96gZnUsK_GTsX6-jYtSU4EN6tQ.roa
Signing time: Tue 18 Feb 2025 21:05:02 +0000
ROA not before: Tue 18 Feb 2025 21:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.87.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 07:15:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1a:e0:ea:bf:66:9c:81:f1:fc:88:e9:eb:a4:db:c8:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Feb 18 21:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7dea066752c2bf193b17ebe8d8b5253810dead4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c4:fa:d5:7e:ce:26:eb:72:07:b6:57:71:10:
11:ab:39:a7:ba:83:44:19:d4:49:ea:84:ea:5e:02:
10:67:28:bc:9e:00:e2:d9:3c:4d:7e:56:13:12:8e:
47:dd:4a:89:7c:d6:a6:db:03:33:c7:69:74:a6:a6:
1f:96:67:89:63:e9:59:ae:98:de:c8:8a:a2:a4:91:
c0:8b:77:84:18:69:70:77:ac:2a:c1:a5:17:61:99:
89:0c:05:25:03:7f:ce:23:9e:d9:44:27:3e:61:15:
44:59:bf:ab:72:ad:5a:61:8d:e2:f0:3e:14:e7:5e:
37:bc:ec:aa:02:02:3d:dc:a5:26:83:6c:b0:89:5b:
82:7b:3a:00:11:48:bc:d0:3c:04:8f:1e:ec:6f:1e:
58:b2:83:94:de:b8:22:36:03:8a:f0:cc:42:b5:a7:
00:27:23:c7:63:8b:94:f0:80:2c:8d:17:d4:9f:e1:
40:70:de:f3:fb:da:6f:f6:b4:41:a9:7b:47:54:97:
5e:04:d7:e6:4b:14:7a:94:a4:6e:32:03:8e:6f:dd:
14:f4:25:58:ce:af:06:f5:c0:95:8e:c4:e5:0c:9a:
a9:27:a4:aa:ea:57:66:e8:39:f1:34:94:33:18:a5:
9e:78:2a:22:72:c9:89:37:87:a8:63:8c:10:37:4d:
38:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DE:A0:66:75:2C:2B:F1:93:B1:7E:BE:8D:8B:52:53:81:0D:EA:D4
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/x96gZnUsK_GTsX6-jYtSU4EN6tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.200.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:b4:47:c0:bf:87:ac:1d:37:59:4a:05:3b:7f:fb:76:20:2d:
42:81:10:89:bb:33:71:64:49:69:77:95:2f:7d:7e:a1:00:f0:
2a:02:2c:52:78:e0:c1:f0:3c:e0:9a:12:c7:56:94:0b:df:ed:
da:04:7c:8d:4e:7a:56:97:54:30:b0:de:0a:4d:3e:98:66:cf:
24:42:6c:b5:1c:57:8a:74:64:fa:0f:17:74:4a:d2:c2:5d:20:
1c:9d:e5:1b:59:c7:86:87:5d:5c:cf:48:f6:e0:b9:26:93:ba:
19:1a:3e:27:76:4a:be:58:37:17:48:95:c5:b2:6c:26:7d:7c:
18:0c:67:7d:45:2a:aa:7e:b0:f4:2f:6d:2e:04:bc:6a:e3:bb:
bc:c2:ba:b9:e8:31:79:29:83:1f:8b:c2:85:bd:00:07:9a:a1:
a0:75:09:79:8a:42:d0:af:ff:64:36:22:e1:b7:1a:31:df:49:
05:e0:f2:48:60:af:6d:3b:4a:49:2a:ad:8a:2a:d4:be:ab:60:
dd:67:75:5d:b7:08:60:c8:e9:03:9e:69:c0:23:26:a1:0d:b3:
ab:21:21:81:cf:2c:30:5a:df:cf:f6:49:80:79:cd:a7:41:68:
97:0a:7e:1c:48:a8:b7:68:ae:2c:49:f0:a2:25:d4:56:a4:78:
57:56:10:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUa4Oq/ZpyB8fyI6euk28i8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMjE4MjEwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RlYTA2Njc1MmMyYmYxOTNiMTdlYmU4ZDhiNTI1MzgxMGRlYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscT61X7OJutyB7ZXcRARqzmnuoNE
GdRJ6oTqXgIQZyi8ngDi2TxNflYTEo5H3UqJfNam2wMzx2l0pqYflmeJY+lZrpje
yIqipJHAi3eEGGlwd6wqwaUXYZmJDAUlA3/OI57ZRCc+YRVEWb+rcq1aYY3i8D4U
5143vOyqAgI93KUmg2ywiVuCezoAEUi80DwEjx7sbx5YsoOU3rgiNgOK8MxCtacA
JyPHY4uU8IAsjRfUn+FAcN7z+9pv9rRBqXtHVJdeBNfmSxR6lKRuMgOOb90U9CVY
zq8G9cCVjsTlDJqpJ6Sq6ldm6DnxNJQzGKWeeCoicsmJN4eoY4wQN004oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfeoGZ1LCvxk7F+vo2LUlOBDerUMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEveDk2Z1puVXNLX0dUc1g2LWpZdFNVNEVONnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FfIMA0G
CSqGSIb3DQEBCwUAA4IBAQDTtEfAv4esHTdZSgU7f/t2IC1CgRCJuzNxZElpd5Uv
fX6hAPAqAixSeODB8DzgmhLHVpQL3+3aBHyNTnpWl1QwsN4KTT6YZs8kQmy1HFeK
dGT6Dxd0StLCXSAcneUbWceGh11cz0j24Lkmk7oZGj4ndkq+WDcXSJXFsmwmfXwY
DGd9RSqqfrD0L20uBLxq47u8wrq56DF5KYMfi8KFvQAHmqGgdQl5ikLQr/9kNiLh
txox30kF4PJIYK9tO0pJKq2KKtS+q2DdZ3VdtwhgyOkDnmnAIyahDbOrISGBzyww
Wt/P9kmAec2nQWiXCn4cSKi3aK4sSfCiJdRWpHhXVhDm
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:34 2025 by rpki-client