Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/lwEVC0oQt9HD8A2kDH3Bz_ZvmGM.roa
File: lwEVC0oQt9HD8A2kDH3Bz_ZvmGM.roa (raw, json)
Hash identifier: 35V/NgFt91mT4i4/6gmMhv4ToygRlPpbev7oxF2F+xk=
Subject key identifier: 97:01:15:0B:4A:10:B7:D1:C3:F0:0D:A4:0C:7D:C1:CF:F6:6F:98:63
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 0194AC0660070CCCD22075551CBED8E9CBD6
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/lwEVC0oQt9HD8A2kDH3Bz_ZvmGM.roa
Signing time: Tue 28 Jan 2025 08:28:06 +0000
ROA not before: Tue 28 Jan 2025 08:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41869
IP address blocks: 217.197.165.0/24 maxlen: 24
217.197.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 23:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:06:60:07:0c:cc:d2:20:75:55:1c:be:d8:e9:cb:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 28 08:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9701150b4a10b7d1c3f00da40c7dc1cff66f9863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:95:f1:d2:49:73:fc:21:64:93:8e:1f:3b:8f:
d5:2b:b4:02:2b:5f:6b:2e:ea:bc:14:7c:f2:d5:a8:
f9:0b:1a:62:1a:47:ca:f3:b1:bb:20:b5:15:43:f5:
cf:56:11:3d:51:15:34:e5:e3:4d:da:32:7e:fb:8f:
3b:6b:ad:e6:ae:15:34:33:0a:c8:45:0a:43:5c:48:
f4:1a:0b:1b:fe:cc:b9:f7:ea:51:9d:d4:2d:68:c2:
e4:d8:b3:55:ac:8a:22:47:86:94:25:3a:63:e0:63:
03:45:e8:79:4a:10:ad:a0:42:f2:30:3e:58:36:3c:
37:fd:21:28:fe:f1:4e:d8:a5:59:f8:56:2c:dd:26:
b4:b8:66:7f:69:87:59:ef:13:15:54:1d:34:6e:84:
3a:c4:34:cd:bc:ca:60:0b:a7:11:58:0d:4a:67:79:
ef:35:ca:e9:d9:ba:32:15:e0:f1:dc:4c:74:2b:87:
8a:b5:be:b7:ca:c7:93:0a:7a:d0:a6:7f:79:0b:fd:
f6:23:9a:85:91:8e:d6:aa:cf:19:0b:bb:e6:e9:0c:
55:26:72:cf:60:6b:05:7e:a8:ff:1a:33:fd:dd:1c:
e8:28:b8:d6:b2:2a:82:28:aa:6a:31:0b:7c:e9:54:
2e:fc:dd:04:6e:2e:90:5f:ec:6f:1e:7d:c6:4d:19:
83:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:01:15:0B:4A:10:B7:D1:C3:F0:0D:A4:0C:7D:C1:CF:F6:6F:98:63
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/lwEVC0oQt9HD8A2kDH3Bz_ZvmGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.165.0-217.197.167.255
Signature Algorithm: sha256WithRSAEncryption
51:8e:fd:73:ec:1c:32:4b:c4:21:c0:66:c6:2b:8a:60:3a:3b:
aa:df:19:f2:a2:ed:99:8a:2f:a9:c4:31:a3:b1:4f:9b:a6:85:
03:02:5e:3d:2d:4b:3f:98:a3:a2:4f:8a:49:9e:03:95:d6:ec:
03:70:42:5e:de:e5:b7:d0:70:34:19:b0:52:a6:68:dd:1e:f4:
b2:95:eb:ef:46:6d:fe:d3:58:98:bd:bb:ef:56:00:76:fe:0f:
63:95:b1:f4:db:e7:1c:1a:f8:42:ea:ef:ae:e0:66:bd:ab:aa:
55:ab:bd:00:34:9f:e9:fd:11:28:67:20:d7:9c:d7:68:5e:d5:
33:db:ac:e0:e5:c6:77:03:65:90:60:06:ca:bb:e3:08:37:ed:
e3:71:c9:14:92:cc:0e:97:d8:39:70:b4:3a:2e:15:4f:89:1c:
ab:a0:94:91:d7:42:fa:da:fa:2a:b1:d5:68:9c:9e:af:09:93:
4d:cc:2d:32:aa:0d:77:cc:24:1a:2c:1b:2e:d4:8b:73:c3:8a:
36:44:12:f1:e7:e1:10:19:e3:3a:4e:f9:33:bc:90:d4:ef:c5:
12:2c:8b:58:57:d2:f9:32:52:1d:00:cb:1b:48:5e:75:d4:6e:
24:d3:f1:28:2b:d2:10:6d:9e:e3:17:5a:69:66:0e:b7:ec:66:
ec:6c:38:0f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSsBmAHDMzSIHVVHL7Y6cvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMTI4MDgyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzAxMTUwYjRhMTBiN2QxYzNmMDBkYTQwYzdkYzFjZmY2NmY5ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZXx0klz/CFkk44fO4/VK7QCK19r
Luq8FHzy1aj5CxpiGkfK87G7ILUVQ/XPVhE9URU05eNN2jJ++487a63mrhU0MwrI
RQpDXEj0Ggsb/sy59+pRndQtaMLk2LNVrIoiR4aUJTpj4GMDReh5ShCtoELyMD5Y
Njw3/SEo/vFO2KVZ+FYs3Sa0uGZ/aYdZ7xMVVB00boQ6xDTNvMpgC6cRWA1KZ3nv
Ncrp2boyFeDx3Ex0K4eKtb63yseTCnrQpn95C/32I5qFkY7Wqs8ZC7vm6QxVJnLP
YGsFfqj/GjP93RzoKLjWsiqCKKpqMQt86VQu/N0Ebi6QX+xvHn3GTRmD2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJcBFQtKELfRw/ANpAx9wc/2b5hjMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvbHdFVkMwb1F0OUhEOEEya0RIM0J6X1p2bUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADZxaUD
BAPZxaAwDQYJKoZIhvcNAQELBQADggEBAFGO/XPsHDJLxCHAZsYrimA6O6rfGfKi
7ZmKL6nEMaOxT5umhQMCXj0tSz+Yo6JPikmeA5XW7ANwQl7e5bfQcDQZsFKmaN0e
9LKV6+9Gbf7TWJi9u+9WAHb+D2OVsfTb5xwa+ELq767gZr2rqlWrvQA0n+n9EShn
INec12he1TPbrODlxncDZZBgBsq74wg37eNxyRSSzA6X2DlwtDouFU+JHKuglJHX
Qvra+iqx1Wicnq8Jk03MLTKqDXfMJBosGy7Ui3PDijZEEvHn4RAZ4zpO+TO8kNTv
xRIsi1hX0vkyUh0AyxtIXnXUbiTT8Sgr0hBtnuMXWmlmDrfsZuxsOA8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:10 2025 by rpki-client