Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/718NxJ1XBcNuKhqWIG0Rrq-vXh8.roa
File: 718NxJ1XBcNuKhqWIG0Rrq-vXh8.roa (raw, json)
Hash identifier: wdVkn0ntzy4TqX3icxEaxiw5SC2YAgS+gtseIyBfjQs=
Subject key identifier: EF:5F:0D:C4:9D:57:05:C3:6E:2A:1A:96:20:6D:11:AE:AF:AF:5E:1F
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 019421B1BEF2948C0195D7DEDD32F5582335
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/718NxJ1XBcNuKhqWIG0Rrq-vXh8.roa
Signing time: Wed 01 Jan 2025 11:48:04 +0000
ROA not before: Wed 01 Jan 2025 11:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215882
IP address blocks: 91.219.23.0/24 maxlen: 24
91.219.23.32/27 maxlen: 27
146.19.59.0/24 maxlen: 24
146.19.59.0/25 maxlen: 25
146.19.59.128/25 maxlen: 25
Validation: Failed, certificate revoked on Thu 20 Mar 2025 13:29:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:be:f2:94:8c:01:95:d7:de:dd:32:f5:58:23:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: Jan 1 11:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef5f0dc49d5705c36e2a1a96206d11aeafaf5e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:48:24:93:0e:28:39:a3:2d:ad:b0:6a:25:
4b:ea:07:3d:7e:64:c7:bf:0b:fe:8f:52:ae:07:d7:
b0:95:95:4b:11:f8:4e:ea:d1:57:61:f7:ee:14:7e:
d8:61:e6:1b:ea:94:66:d9:0e:b0:90:96:e4:cd:46:
cb:5f:05:64:b5:30:92:fe:ec:72:ac:54:d7:0a:3f:
85:18:64:17:f2:22:45:2e:54:6d:00:6c:ae:a2:52:
87:2c:2d:43:24:fd:d9:cf:2f:e5:3b:f4:26:4e:24:
34:46:d4:ed:34:5f:d3:64:22:44:6a:7b:d5:e6:32:
7a:0a:3c:63:59:c3:88:00:f6:be:b8:ba:d8:a8:fa:
6b:33:26:46:ab:8a:7d:06:ed:1a:da:cb:0e:b9:e8:
80:7f:61:91:b3:c4:6b:1e:10:16:c1:a5:19:77:24:
3a:30:c5:39:ae:09:01:c9:b3:1a:09:d5:5f:aa:58:
d9:a2:f8:b6:b7:b4:a4:7f:65:57:56:16:0b:64:66:
a4:c0:c3:13:dc:e5:83:92:23:27:cb:94:2e:9f:8a:
73:21:5d:1d:91:75:ab:86:80:17:1f:cf:2e:4e:4f:
4e:36:e0:e4:4e:7d:f3:f5:c0:33:5a:be:99:67:0b:
62:6e:a7:d2:65:ed:93:04:2a:f7:d2:33:cd:bb:22:
08:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:5F:0D:C4:9D:57:05:C3:6E:2A:1A:96:20:6D:11:AE:AF:AF:5E:1F
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/718NxJ1XBcNuKhqWIG0Rrq-vXh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.23.0/24
146.19.59.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:df:2b:77:a0:cc:fd:4d:7a:c3:1e:0a:40:44:71:b0:81:80:
57:ad:ba:51:32:16:88:68:58:ce:67:26:17:23:99:11:d6:29:
78:9a:31:18:7d:1d:11:88:55:20:a8:9c:35:1c:36:33:f5:c2:
4f:dd:48:2c:3e:60:a1:ee:50:48:39:75:ea:b2:5f:9c:f0:0e:
0d:8f:f2:9f:74:95:24:ae:9a:07:d9:3d:67:dd:eb:3d:82:12:
47:1c:d0:85:bf:91:a5:c2:65:43:0c:06:62:3b:62:90:d5:76:
f8:2d:ba:2a:ad:fe:fd:a7:c3:ed:fb:7d:a6:ee:77:92:3b:fd:
8b:1d:ed:21:1d:9a:5d:96:e1:fa:6d:33:66:7b:42:c0:83:47:
16:ba:4d:35:b5:85:9d:11:36:8c:51:0d:74:b2:79:76:10:23:
2c:1a:80:0a:24:45:54:29:ca:52:3e:09:b2:87:6e:b9:c5:4b:
c2:9f:b4:2f:fc:54:b3:02:e0:6b:36:f6:2b:db:b0:30:72:85:
3a:b5:2b:26:fb:36:e8:80:c2:ee:98:e4:1c:12:45:83:cb:41:
15:39:6c:60:e5:d0:af:02:4b:5c:10:1f:ff:a8:13:dc:47:3c:
4e:1f:8e:12:63:b7:42:92:fd:eb:1d:cd:30:50:0b:42:09:5f:
c9:26:97:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsb7ylIwBldfe3TL1WCM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjUwMTAxMTE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjVmMGRjNDlkNTcwNWMzNmUyYTFhOTYyMDZkMTFhZWFmYWY1ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvihIJJMOKDmjLa2waiVL6gc9fmTH
vwv+j1KuB9ewlZVLEfhO6tFXYffuFH7YYeYb6pRm2Q6wkJbkzUbLXwVktTCS/uxy
rFTXCj+FGGQX8iJFLlRtAGyuolKHLC1DJP3Zzy/lO/QmTiQ0RtTtNF/TZCJEanvV
5jJ6CjxjWcOIAPa+uLrYqPprMyZGq4p9Bu0a2ssOueiAf2GRs8RrHhAWwaUZdyQ6
MMU5rgkBybMaCdVfqljZovi2t7Skf2VXVhYLZGakwMMT3OWDkiMny5Qun4pzIV0d
kXWrhoAXH88uTk9ONuDkTn3z9cAzWr6ZZwtibqfSZe2TBCr30jPNuyIIRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO9fDcSdVwXDbioaliBtEa6vr14fMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvNzE4TnhKMVhCY051S2hxV0lHMFJycS12WGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9sXAwQA
khM7MA0GCSqGSIb3DQEBCwUAA4IBAQB+3yt3oMz9TXrDHgpARHGwgYBXrbpRMhaI
aFjOZyYXI5kR1il4mjEYfR0RiFUgqJw1HDYz9cJP3UgsPmCh7lBIOXXqsl+c8A4N
j/KfdJUkrpoH2T1n3es9ghJHHNCFv5GlwmVDDAZiO2KQ1Xb4Lboqrf79p8Pt+32m
7neSO/2LHe0hHZpdluH6bTNme0LAg0cWuk01tYWdETaMUQ10snl2ECMsGoAKJEVU
KcpSPgmyh265xUvCn7Qv/FSzAuBrNvYr27AwcoU6tSsm+zbogMLumOQcEkWDy0EV
OWxg5dCvAktcEB//qBPcRzxOH44SY7dCkv3rHc0wUAtCCV/JJper
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:35:16 2025 by rpki-client