Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/733989-f131-45e9-9b75-342a9ee73d85/1/eLG3IDcbk6v0M1UtHOO5x7ty0E8.roa
File: eLG3IDcbk6v0M1UtHOO5x7ty0E8.roa (raw, json)
Hash identifier: iUBKzPudmS6oGiw2pbLfH2N3a1c4rHKYPwKsY/O8Kec=
Subject key identifier: 78:B1:B7:20:37:1B:93:AB:F4:33:55:2D:1C:E3:B9:C7:BB:72:D0:4F
Certificate issuer: /CN=cf9f6fbfe00a08592b7bb0edfdc2002bfc72b578
Certificate serial: 01950634408DB690C793F213168A6F84F955
Authority key identifier: CF:9F:6F:BF:E0:0A:08:59:2B:7B:B0:ED:FD:C2:00:2B:FC:72:B5:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z59vv-AKCFkre7Dt_cIAK_xytXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/733989-f131-45e9-9b75-342a9ee73d85/1/eLG3IDcbk6v0M1UtHOO5x7ty0E8.roa
Signing time: Fri 14 Feb 2025 20:44:02 +0000
ROA not before: Fri 14 Feb 2025 20:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399970
IP address blocks: 194.104.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 16:36:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:06:34:40:8d:b6:90:c7:93:f2:13:16:8a:6f:84:f9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf9f6fbfe00a08592b7bb0edfdc2002bfc72b578
Validity
Not Before: Feb 14 20:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78b1b720371b93abf433552d1ce3b9c7bb72d04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:72:5c:a8:bb:fe:37:7d:d6:29:cf:46:8d:03:
ab:f7:06:d1:08:d9:02:9e:3c:15:6c:43:97:41:d5:
38:f7:b0:b1:ee:ad:cc:29:8a:3a:41:ba:ea:b0:92:
9d:46:3a:7d:93:87:e5:15:10:a5:ba:6c:42:be:64:
e9:8d:ce:8d:af:0d:f5:12:aa:c6:92:d0:72:10:16:
55:93:61:0a:45:5f:9b:6e:2a:c9:cc:5f:92:d4:18:
d4:a1:f5:03:71:15:7b:87:08:89:8f:73:cd:bc:ba:
7e:36:b8:46:fa:95:5f:cf:a6:24:4c:8b:54:43:70:
49:14:a1:1a:ad:07:79:01:5f:fa:60:e4:5d:22:b1:
81:44:e9:6b:77:c5:74:24:40:e8:0f:fa:8e:6a:3f:
01:4d:ab:f0:ea:cd:5e:30:ec:a0:41:2f:b5:bc:6d:
76:bf:f8:af:62:0e:4a:7a:11:66:4d:8f:c8:12:ad:
3b:04:9f:0d:63:4b:04:ff:1a:9c:a3:d3:2b:4c:05:
7f:3f:fe:42:01:68:11:55:9f:ba:7c:80:46:19:a4:
fe:e7:0b:ae:f1:86:fa:d6:11:ba:6e:17:bb:ba:c1:
db:58:c4:b5:f8:ed:aa:1f:2a:d1:21:79:0d:73:66:
68:a7:30:d3:6e:77:4b:97:5a:97:6f:ab:a9:f1:a0:
ed:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B1:B7:20:37:1B:93:AB:F4:33:55:2D:1C:E3:B9:C7:BB:72:D0:4F
X509v3 Authority Key Identifier:
keyid:CF:9F:6F:BF:E0:0A:08:59:2B:7B:B0:ED:FD:C2:00:2B:FC:72:B5:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z59vv-AKCFkre7Dt_cIAK_xytXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/733989-f131-45e9-9b75-342a9ee73d85/1/eLG3IDcbk6v0M1UtHOO5x7ty0E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/733989-f131-45e9-9b75-342a9ee73d85/1/z59vv-AKCFkre7Dt_cIAK_xytXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
00:2b:80:dd:b5:2b:ba:7c:17:af:55:5e:c1:3f:ee:cf:d9:ca:
c1:0d:79:68:6c:dd:81:62:7a:e1:2f:0c:60:ba:c7:f9:bb:4d:
24:97:5b:19:36:fe:79:cc:d4:98:49:38:a5:a2:4c:b6:0e:41:
22:be:2b:62:7b:02:2a:f2:5d:68:d4:da:3e:9f:c1:19:40:4e:
68:ce:1a:da:1f:d8:f4:93:1e:28:2e:0e:c2:3b:39:2a:a8:ec:
5c:19:d4:23:22:8e:e7:15:b3:b5:0c:45:d0:88:76:ce:18:f6:
51:b0:de:77:1b:28:9a:4d:aa:e9:5b:3e:08:87:45:9f:4d:9d:
38:86:eb:a0:16:4b:7c:08:f3:dc:ef:b6:32:96:28:b3:01:13:
91:82:5b:07:10:83:16:6a:8d:14:9c:74:c8:0b:10:cf:61:95:
a8:58:fd:6d:a7:c1:08:43:e3:79:e0:cb:aa:fb:eb:0b:37:d9:
a3:d8:0e:64:f3:74:07:a1:ed:19:67:38:63:b0:b5:00:81:59:
65:9c:c3:4b:e2:65:0f:9b:e3:e6:35:e6:20:a8:6c:da:66:1c:
05:b4:df:36:8c:af:7e:9b:ae:af:58:a5:e7:f7:ef:20:d9:5b:
d8:99:c8:59:18:2d:f2:7a:17:15:7c:41:2e:ce:0a:fc:08:85:
f0:a8:2a:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUGNECNtpDHk/ITFopvhPlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOWY2ZmJmZTAwYTA4NTkyYjdiYjBlZGZkYzIwMDJiZmM3
MmI1NzgwHhcNMjUwMjE0MjA0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGIxYjcyMDM3MWI5M2FiZjQzMzU1MmQxY2UzYjljN2JiNzJkMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XJcqLv+N33WKc9GjQOr9wbRCNkC
njwVbEOXQdU497Cx7q3MKYo6QbrqsJKdRjp9k4flFRClumxCvmTpjc6Nrw31EqrG
ktByEBZVk2EKRV+bbirJzF+S1BjUofUDcRV7hwiJj3PNvLp+NrhG+pVfz6YkTItU
Q3BJFKEarQd5AV/6YORdIrGBROlrd8V0JEDoD/qOaj8BTavw6s1eMOygQS+1vG12
v/ivYg5KehFmTY/IEq07BJ8NY0sE/xqco9MrTAV/P/5CAWgRVZ+6fIBGGaT+5wuu
8Yb61hG6bhe7usHbWMS1+O2qHyrRIXkNc2ZopzDTbndLl1qXb6up8aDtDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHixtyA3G5Or9DNVLRzjuce7ctBPMB8GA1UdIwQY
MBaAFM+fb7/gCghZK3uw7f3CACv8crV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejU5dnYtQUtDRmtyZTdEdF9jSUFLX3h5dFhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83MzM5ODktZjEzMS00NWU5LTliNzUt
MzQyYTllZTczZDg1LzEvZUxHM0lEY2JrNnYwTTFVdEhPTzV4N3R5MEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83MzM5ODktZjEzMS00NWU5LTliNzUtMzQyYTllZTczZDg1
LzEvejU5dnYtQUtDRmtyZTdEdF9jSUFLX3h5dFhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiBMA0G
CSqGSIb3DQEBCwUAA4IBAQAAK4DdtSu6fBevVV7BP+7P2crBDXlobN2BYnrhLwxg
usf5u00kl1sZNv55zNSYSTiloky2DkEivitiewIq8l1o1No+n8EZQE5ozhraH9j0
kx4oLg7COzkqqOxcGdQjIo7nFbO1DEXQiHbOGPZRsN53GyiaTarpWz4Ih0WfTZ04
huugFkt8CPPc77YyliizARORglsHEIMWao0UnHTICxDPYZWoWP1tp8EIQ+N54Muq
++sLN9mj2A5k83QHoe0ZZzhjsLUAgVllnMNL4mUPm+PmNeYgqGzaZhwFtN82jK9+
m66vWKXn9+8g2VvYmchZGC3yehcVfEEuzgr8CIXwqCqV
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:40:31 2025 by rpki-client