Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/6hna0yRPIVCyqI85zdXqUaEA88U.roa
File: 6hna0yRPIVCyqI85zdXqUaEA88U.roa (raw, json)
Hash identifier: t/VGxvNzUm/1B9z4j3LGUVmKG1voXcQqnHLErjUO3Vc=
Subject key identifier: EA:19:DA:D3:24:4F:21:50:B2:A8:8F:39:CD:D5:EA:51:A1:00:F3:C5
Certificate issuer: /CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Certificate serial: 019424456B8CF2692744413912121F5F20D2
Authority key identifier: 56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/6hna0yRPIVCyqI85zdXqUaEA88U.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212077
IP address blocks: 195.234.80.0/24 maxlen: 24
2a13:7b40:1::/48 maxlen: 48
2a13:7b40:a1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Jan 2025 20:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:6b:8c:f2:69:27:44:41:39:12:12:1f:5f:20:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea19dad3244f2150b2a88f39cdd5ea51a100f3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:cf:0d:27:7d:1b:63:0f:44:d4:95:bb:be:
92:48:72:81:ec:ce:a9:1b:6f:4f:b6:5d:7f:8d:ec:
b9:58:e3:04:2d:94:88:ec:57:46:9e:44:8c:c6:86:
ee:a2:ec:e0:2d:a5:d9:1c:95:20:c3:81:58:fa:58:
84:16:f6:1b:72:60:7c:70:1a:89:75:33:1b:42:20:
0b:f3:4c:ca:0f:8f:21:6e:51:2b:f7:ac:0a:64:5a:
1d:29:0f:93:7a:9f:8d:e5:4e:ae:96:ef:58:ff:25:
2e:bf:8b:ac:9d:58:a8:ff:10:15:b3:3b:ac:f1:03:
f9:e3:f0:e1:51:b4:7b:cd:16:e6:ce:84:93:ab:40:
b5:ac:78:75:e7:d5:f1:77:db:67:c4:6a:bb:85:28:
14:9e:9f:5f:b2:ff:9d:8c:71:91:37:c0:53:19:45:
b7:d8:83:9d:b5:a3:a7:05:26:c4:49:6c:5d:84:03:
94:bb:6c:58:7e:5e:09:53:8e:cb:25:54:50:5e:d7:
e2:49:be:fa:3b:50:43:94:15:0e:cb:d4:0c:43:03:
48:6d:15:e8:32:6e:aa:6b:1b:ec:f5:21:20:5a:8a:
dd:1e:c2:53:17:34:49:4b:4c:87:32:a7:83:6f:5f:
8e:4d:ef:a2:83:82:a4:5a:fc:5e:0e:28:ae:7c:95:
d0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:19:DA:D3:24:4F:21:50:B2:A8:8F:39:CD:D5:EA:51:A1:00:F3:C5
X509v3 Authority Key Identifier:
keyid:56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/6hna0yRPIVCyqI85zdXqUaEA88U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.80.0/24
IPv6:
2a13:7b40:1::/48
2a13:7b40:a1::/48
Signature Algorithm: sha256WithRSAEncryption
88:21:ac:6b:46:0f:d6:ce:48:29:c8:c2:b2:f9:b6:d2:94:4a:
d4:94:7e:19:22:a9:0c:5e:ca:d9:f3:e5:e1:5f:9e:10:4c:5e:
46:4f:3a:3d:76:d2:3e:d1:d5:32:c8:a0:26:d6:5d:d5:94:40:
c4:61:d2:75:ea:c5:2c:d0:ab:90:57:1e:3b:76:54:8b:80:a1:
0c:06:cc:2b:50:4c:da:44:9d:d6:b7:f7:9c:b7:ba:4f:33:f6:
65:80:bb:76:e5:94:5a:69:9a:8f:58:41:89:21:3d:b6:6a:1a:
61:93:f2:19:99:2a:eb:ca:66:7e:84:90:50:31:2f:07:ba:69:
bc:b1:67:60:b8:44:1c:75:1b:fa:b1:78:c4:12:10:b3:6c:9f:
2e:a8:46:5b:ff:5b:8d:06:be:f4:de:52:7b:3f:8e:40:24:bc:
12:0b:a9:01:f2:b0:83:e1:e8:ec:0a:d3:bd:13:04:66:24:26:
21:9b:1b:9d:17:1e:ab:4c:db:88:26:5e:5c:e5:d3:03:8b:de:
92:cb:9f:49:a5:7a:33:98:86:5f:28:5d:4d:5c:89:cd:0f:87:
46:af:8c:ca:85:b3:7f:bb:24:18:38:24:bc:cc:ff:2f:e5:86:
a6:db:db:4a:a8:ca:f7:bc:05:84:73:b0:dc:25:75:5a:cb:7e:
60:d3:11:35
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQkRWuM8mknREE5EhIfXyDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ODhiNDIxNzVkNjIxNGEzMWE1NDA3ZGI4YjZjOTVmMWVj
NjBkNGUwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE5ZGFkMzI0NGYyMTUwYjJhODhmMzljZGQ1ZWE1MWExMDBmM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvrPDSd9G2MPRNSVu76SSHKB7M6p
G29Ptl1/jey5WOMELZSI7FdGnkSMxobuouzgLaXZHJUgw4FY+liEFvYbcmB8cBqJ
dTMbQiAL80zKD48hblEr96wKZFodKQ+Tep+N5U6ulu9Y/yUuv4usnVio/xAVszus
8QP54/DhUbR7zRbmzoSTq0C1rHh159Xxd9tnxGq7hSgUnp9fsv+djHGRN8BTGUW3
2IOdtaOnBSbESWxdhAOUu2xYfl4JU47LJVRQXtfiSb76O1BDlBUOy9QMQwNIbRXo
Mm6qaxvs9SEgWordHsJTFzRJS0yHMqeDb1+OTe+ig4KkWvxeDiiufJXQwwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOoZ2tMkTyFQsqiPOc3V6lGhAPPFMB8GA1UdIwQY
MBaAFFaItCF11iFKMaVAfbi2yV8exg1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQt
OWY5NDJiYzEyYTdlLzEvNmhuYTB5UlBJVkN5cUk4NXpkWHFVYUVBODhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQtOWY5NDJiYzEyYTdl
LzEvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAw+pQMBgE
AgACMBIDBwAqE3tAAAEDBwAqE3tAAKEwDQYJKoZIhvcNAQELBQADggEBAIghrGtG
D9bOSCnIwrL5ttKUStSUfhkiqQxeytnz5eFfnhBMXkZPOj120j7R1TLIoCbWXdWU
QMRh0nXqxSzQq5BXHjt2VIuAoQwGzCtQTNpEnda395y3uk8z9mWAu3bllFppmo9Y
QYkhPbZqGmGT8hmZKuvKZn6EkFAxLwe6abyxZ2C4RBx1G/qxeMQSELNsny6oRlv/
W40GvvTeUns/jkAkvBILqQHysIPh6OwK070TBGYkJiGbG50XHqtM24gmXlzl0wOL
3pLLn0mlejOYhl8oXU1cic0Ph0avjMqFs3+7JBg4JLzM/y/lhqbb20qoyve8BYRz
sNwldVrLfmDTETU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:08 2025 by rpki-client