Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/a1JOJviHkvrew9ESG9IUx-nQpvg.roa
File: a1JOJviHkvrew9ESG9IUx-nQpvg.roa (raw, json)
Hash identifier: rJUKo269EEDiZDKDl9lHuotOjCB4YYh2j5MARQpcJjA=
Subject key identifier: 6B:52:4E:26:F8:87:92:FA:DE:C3:D1:12:1B:D2:14:C7:E9:D0:A6:F8
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0195A4B17BD6A5FA5CC219132A0838A7776C
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/a1JOJviHkvrew9ESG9IUx-nQpvg.roa
Signing time: Mon 17 Mar 2025 15:20:49 +0000
ROA not before: Mon 17 Mar 2025 15:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 213.220.2.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 15:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:b1:7b:d6:a5:fa:5c:c2:19:13:2a:08:38:a7:77:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Mar 17 15:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b524e26f88792fadec3d1121bd214c7e9d0a6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:08:74:10:fb:52:cd:cf:64:91:84:a3:df:a3:
bd:f8:66:0f:cd:f4:c1:b0:41:a0:cd:68:0e:3e:2f:
9e:d5:1d:21:13:35:ec:b9:83:bc:fe:87:de:50:6c:
1d:da:89:7e:5f:3c:7b:f0:d3:9a:d4:43:09:7a:6e:
56:25:c1:2c:8d:d7:e7:99:5c:10:af:49:37:2e:00:
84:69:98:51:3e:88:64:66:43:0e:43:a9:cd:0c:58:
98:80:de:2e:b9:ce:0c:a9:a8:96:26:d9:89:78:36:
70:c9:6d:68:54:a8:3b:17:36:5c:1b:30:7d:41:0a:
27:cf:d1:e7:2e:b7:6b:52:d0:52:6c:3c:4c:5f:66:
cc:61:51:e4:a8:4d:ec:22:47:c4:dd:92:b1:84:b8:
b8:d1:f5:be:c2:68:bf:0d:d3:b6:58:36:9c:c5:58:
7d:a4:36:d5:ca:73:01:91:23:e2:52:e1:47:8c:63:
19:aa:fd:52:97:ef:de:97:0c:b7:1a:29:35:8a:c6:
fd:b4:4b:4b:7f:e1:6e:cc:90:05:75:48:f2:c6:70:
bf:58:52:ad:e6:6f:e3:ca:36:bf:4a:e6:ef:3e:40:
c1:8e:dd:d7:cb:46:c8:72:b8:0b:68:a5:bb:61:4b:
2f:58:6d:52:c2:4e:e1:2f:b6:0d:ac:be:c0:3b:c2:
b9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:52:4E:26:F8:87:92:FA:DE:C3:D1:12:1B:D2:14:C7:E9:D0:A6:F8
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/a1JOJviHkvrew9ESG9IUx-nQpvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.220.2.0/24
213.220.5.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:17:af:2f:9a:34:2c:0d:81:62:e0:14:60:a2:be:d7:0d:3d:
67:a4:df:4b:1a:06:77:63:30:40:3a:5e:7d:db:0e:18:90:ec:
3d:ae:b2:07:e4:d3:fc:78:d5:d1:6c:da:5d:d4:e8:87:ee:f6:
94:3f:7e:10:6a:b8:c7:db:36:c0:e6:39:4c:3c:0e:63:9f:20:
60:3f:c2:1f:0a:96:ab:e5:62:18:af:30:19:f7:21:3c:61:4f:
ce:aa:27:bc:c2:55:1c:9b:e7:1f:13:13:86:b0:af:fe:dd:8d:
69:dc:57:6b:e3:4d:33:ac:db:72:bf:d6:b9:bb:4c:44:06:13:
c2:2b:b9:1c:88:97:4f:a9:de:b3:36:57:0c:a6:71:36:ec:7a:
39:b5:a9:fc:85:bd:d0:65:75:36:b1:44:9b:b7:f2:7f:8c:21:
cd:35:26:e6:65:a7:1e:0d:b5:29:de:12:33:3b:4e:26:1d:0d:
d2:80:70:44:90:fb:c2:96:44:8c:d2:11:06:ec:81:86:9d:7c:
be:8e:f4:e0:51:2a:ea:9c:cf:b1:de:27:c5:b5:ef:ab:6b:ce:
da:4f:fd:11:91:be:5d:01:05:3c:a8:33:60:4f:0f:e4:09:e9:
72:c9:4d:89:98:52:08:c9:b0:ee:70:de:e3:fe:65:95:dd:7c:
ed:24:5e:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWksXvWpfpcwhkTKgg4p3dsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMzE3MTUyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjUyNGUyNmY4ODc5MmZhZGVjM2QxMTIxYmQyMTRjN2U5ZDBhNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qh0EPtSzc9kkYSj36O9+GYPzfTB
sEGgzWgOPi+e1R0hEzXsuYO8/ofeUGwd2ol+Xzx78NOa1EMJem5WJcEsjdfnmVwQ
r0k3LgCEaZhRPohkZkMOQ6nNDFiYgN4uuc4MqaiWJtmJeDZwyW1oVKg7FzZcGzB9
QQonz9HnLrdrUtBSbDxMX2bMYVHkqE3sIkfE3ZKxhLi40fW+wmi/DdO2WDacxVh9
pDbVynMBkSPiUuFHjGMZqv1Sl+/elwy3Gik1isb9tEtLf+FuzJAFdUjyxnC/WFKt
5m/jyja/SubvPkDBjt3Xy0bIcrgLaKW7YUsvWG1Swk7hL7YNrL7AO8K5XQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGtSTib4h5L63sPREhvSFMfp0Kb4MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvYTFKT0p2aUhrdnJldzlFU0c5SVV4LW5RcHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1dwCAwQA
1dwFMA0GCSqGSIb3DQEBCwUAA4IBAQCPF68vmjQsDYFi4BRgor7XDT1npN9LGgZ3
YzBAOl592w4YkOw9rrIH5NP8eNXRbNpd1OiH7vaUP34QarjH2zbA5jlMPA5jnyBg
P8IfCpar5WIYrzAZ9yE8YU/Oqie8wlUcm+cfExOGsK/+3Y1p3Fdr400zrNtyv9a5
u0xEBhPCK7kciJdPqd6zNlcMpnE27Ho5tan8hb3QZXU2sUSbt/J/jCHNNSbmZace
DbUp3hIzO04mHQ3SgHBEkPvClkSM0hEG7IGGnXy+jvTgUSrqnM+x3ifFte+ra87a
T/0Rkb5dAQU8qDNgTw/kCelyyU2JmFIIybDucN7j/mWV3XztJF4k
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:16:49 2025 by rpki-client