Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/H8E7SiwH5dGhRzvwFeBMeWfxxYc.roa
File: H8E7SiwH5dGhRzvwFeBMeWfxxYc.roa (raw, json)
Hash identifier: KBR7zqxUOPmIH0PAc7kna4z/ISm0UiO+j0AqaHW0sHs=
Subject key identifier: 1F:C1:3B:4A:2C:07:E5:D1:A1:47:3B:F0:15:E0:4C:79:67:F1:C5:87
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0196575E75B2A2C90613D7FE6224BEC21642
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/H8E7SiwH5dGhRzvwFeBMeWfxxYc.roa
Signing time: Mon 21 Apr 2025 08:02:10 +0000
ROA not before: Mon 21 Apr 2025 08:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 195.114.198.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 08:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:5e:75:b2:a2:c9:06:13:d7:fe:62:24:be:c2:16:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 21 08:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fc13b4a2c07e5d1a1473bf015e04c7967f1c587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:00:ab:c1:c6:1a:8b:78:63:d7:04:96:e7:
a1:7e:02:8f:16:e7:f9:86:ca:2e:67:72:75:5e:bf:
f8:7e:32:2c:e6:2e:be:08:f9:6c:c4:62:82:ae:b4:
44:68:ed:70:be:64:ba:93:fc:07:ca:d0:98:c7:7a:
84:85:0f:cd:af:bf:15:a6:e3:9e:46:89:7f:c3:dd:
0a:30:66:0b:9b:d6:41:a4:6f:df:c3:55:2a:65:0b:
ff:75:fc:5d:23:a4:fa:16:e7:8a:c6:d1:b4:61:ca:
8b:8d:96:83:1c:3e:00:2f:fe:5c:17:32:8f:fb:c9:
1a:60:08:b2:09:c2:c6:0d:bf:7b:d2:52:78:98:e0:
e8:ef:f2:d9:29:fb:31:a5:ac:87:1a:50:49:e3:c9:
5e:6e:7e:cc:a0:c6:86:c2:34:fe:c1:6e:cf:80:98:
55:2c:25:05:83:78:18:90:b0:04:75:52:e4:d2:d2:
5e:40:bc:f3:7c:d0:16:f2:4e:66:c4:dd:2e:20:cd:
f7:6e:35:30:3c:9e:c3:a4:87:dc:ea:33:d0:2d:d0:
5b:9f:b2:a4:f0:72:48:a0:0a:54:85:60:e6:7f:2c:
3a:24:1b:03:20:6d:d3:f1:51:b7:49:32:71:24:2d:
2f:12:9a:ea:46:d3:d6:8d:59:9b:32:10:29:84:72:
a6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C1:3B:4A:2C:07:E5:D1:A1:47:3B:F0:15:E0:4C:79:67:F1:C5:87
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/H8E7SiwH5dGhRzvwFeBMeWfxxYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.198.0/24
213.220.2.0/24
213.220.9.0/24
Signature Algorithm: sha256WithRSAEncryption
47:09:ec:d4:3a:5f:c3:88:5c:4d:58:bb:4b:81:b9:13:12:f4:
80:8a:4d:92:01:1f:b6:4a:3f:c4:63:51:d2:d6:78:02:45:71:
16:7f:c6:ab:cf:ca:13:32:4b:ad:a6:06:84:70:e0:4b:d4:36:
e1:f5:1a:e2:8e:cf:8b:fe:2d:d1:38:0f:b7:df:1e:c8:07:98:
83:d8:e3:5f:1f:86:a4:68:35:eb:ea:a5:1e:08:46:09:2c:a1:
66:38:0e:41:40:bf:fd:36:40:22:9f:d1:28:ed:8a:28:d6:4b:
b2:bb:5c:d0:04:9e:a1:c4:a8:19:40:dc:1f:18:4d:cf:6e:c0:
ef:95:93:03:60:03:dd:46:a2:64:5d:c6:d6:80:00:d8:9d:9e:
e2:f8:3e:34:11:e1:c1:6f:63:d5:58:4f:30:dd:70:7a:02:cd:
ed:f1:95:93:18:0f:57:af:3d:b7:95:e6:75:a7:d1:b2:6a:4e:
8c:2c:b5:8b:27:a4:43:73:de:c8:97:7e:04:07:19:2e:3d:84:
30:7d:3f:a5:f6:f2:67:d8:18:c7:7a:13:6f:6b:1c:6c:5e:ca:
1f:6d:22:90:0f:d8:c5:1b:65:78:47:a8:9e:86:fd:fc:23:a1:
5c:66:e8:1f:f5:bf:5f:9c:16:c5:d3:e3:d5:6d:27:4e:9d:c0:
7b:30:92:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZXXnWyoskGE9f+YiS+whZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDIxMDgwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmMxM2I0YTJjMDdlNWQxYTE0NzNiZjAxNWUwNGM3OTY3ZjFjNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5cAq8HGGot4Y9cEluehfgKPFuf5
hsouZ3J1Xr/4fjIs5i6+CPlsxGKCrrREaO1wvmS6k/wHytCYx3qEhQ/Nr78VpuOe
Rol/w90KMGYLm9ZBpG/fw1UqZQv/dfxdI6T6FueKxtG0YcqLjZaDHD4AL/5cFzKP
+8kaYAiyCcLGDb970lJ4mODo7/LZKfsxpayHGlBJ48lebn7MoMaGwjT+wW7PgJhV
LCUFg3gYkLAEdVLk0tJeQLzzfNAW8k5mxN0uIM33bjUwPJ7DpIfc6jPQLdBbn7Kk
8HJIoApUhWDmfyw6JBsDIG3T8VG3STJxJC0vEprqRtPWjVmbMhAphHKmLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB/BO0osB+XRoUc78BXgTHln8cWHMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvSDhFN1Npd0g1ZEdoUnp2d0ZlQk1lV2Z4eFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAw3LGAwQA
1dwCAwQA1dwJMA0GCSqGSIb3DQEBCwUAA4IBAQBHCezUOl/DiFxNWLtLgbkTEvSA
ik2SAR+2Sj/EY1HS1ngCRXEWf8arz8oTMkutpgaEcOBL1Dbh9Rrijs+L/i3ROA+3
3x7IB5iD2ONfH4akaDXr6qUeCEYJLKFmOA5BQL/9NkAin9Eo7Yoo1kuyu1zQBJ6h
xKgZQNwfGE3PbsDvlZMDYAPdRqJkXcbWgADYnZ7i+D40EeHBb2PVWE8w3XB6As3t
8ZWTGA9Xrz23leZ1p9Gyak6MLLWLJ6RDc97Il34EBxkuPYQwfT+l9vJn2BjHehNv
axxsXsofbSKQD9jFG2V4R6iehv38I6FcZugf9b9fnBbF0+PVbSdOncB7MJKx
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:35:23 2025 by rpki-client