Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/yWfOELdJhoe8LMukYDAJBTZQfjI.roa
File: yWfOELdJhoe8LMukYDAJBTZQfjI.roa (raw, json)
Hash identifier: CrqW4V0u9pnO6V180nZ3E4+n94qS73tSB/q0By1xMJs=
Subject key identifier: C9:67:CE:10:B7:49:86:87:BC:2C:CB:A4:60:30:09:05:36:50:7E:32
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019657679DF470FD6BBD587F3C9CB3E3D039
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/yWfOELdJhoe8LMukYDAJBTZQfjI.roa
Signing time: Mon 21 Apr 2025 08:12:10 +0000
ROA not before: Mon 21 Apr 2025 08:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 195.114.198.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Apr 2025 07:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:67:9d:f4:70:fd:6b:bd:58:7f:3c:9c:b3:e3:d0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 21 08:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c967ce10b7498687bc2ccba46030090536507e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:9e:2b:c7:92:23:43:ed:bb:4b:4d:8d:b0:
a4:67:ba:85:65:67:56:51:f7:a0:99:59:10:29:0a:
08:57:de:f0:5c:be:ab:e1:d3:85:86:42:a3:d1:cf:
46:e7:7a:7c:74:32:06:b1:88:4d:96:d7:25:7f:0e:
35:00:fb:86:11:d5:cf:be:b8:fa:30:05:14:9d:72:
95:1e:90:14:90:46:e6:12:5b:9a:e0:f0:d3:a3:98:
4b:d7:7e:8e:65:67:3e:28:98:14:af:21:c5:04:66:
cb:5e:63:5d:a2:83:04:09:ef:fa:7c:e6:f1:bc:7a:
97:92:2e:a0:93:85:95:b2:01:a1:d0:af:b8:22:eb:
a1:09:bc:9d:90:68:bc:ce:0b:12:3b:87:1b:bf:0a:
c2:d0:96:4d:b9:07:04:54:61:2e:2a:26:a3:ac:d3:
11:d8:94:83:f7:62:da:c8:1a:df:70:94:bf:93:69:
2c:08:e6:27:16:65:82:11:03:71:70:69:5f:60:ef:
60:48:0c:8b:ac:d0:3d:80:9e:40:fb:39:c0:98:27:
01:a9:b0:d3:d2:70:49:c5:83:60:96:0d:e8:f4:8b:
ff:9b:66:dc:f2:46:6d:09:d1:58:61:8e:29:99:10:
19:4c:ae:09:8a:1d:8e:dc:b6:b5:2d:a4:92:0f:91:
14:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:67:CE:10:B7:49:86:87:BC:2C:CB:A4:60:30:09:05:36:50:7E:32
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/yWfOELdJhoe8LMukYDAJBTZQfjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.198.0/24
213.220.9.0/24
Signature Algorithm: sha256WithRSAEncryption
40:af:dc:14:b8:7f:81:f8:3e:8d:bd:ca:4f:48:1e:8c:8f:97:
ab:66:de:02:d3:59:87:87:42:ef:ee:c7:ac:54:0d:d3:69:9e:
bf:a1:a8:54:0f:54:e1:af:f9:03:7f:4a:a1:49:5a:e7:64:24:
0b:e8:eb:b3:fd:07:83:64:0d:bd:21:a4:9b:ba:63:ba:d1:6a:
f5:67:6f:34:f1:82:44:29:4f:33:8c:a2:65:23:d6:39:cd:6c:
98:cf:23:7d:a4:eb:03:0d:c4:91:97:c6:f3:99:5c:dd:fe:d4:
e0:a2:ee:d9:aa:1a:31:9d:f5:7e:a0:f0:72:6c:1e:11:81:59:
c0:b1:64:24:a5:66:e8:54:78:3e:26:15:a4:8b:ae:6c:2d:ff:
05:db:1f:e0:14:77:54:64:90:d0:da:ce:01:46:c2:6d:18:ee:
a7:2b:17:75:2e:db:3b:51:cb:25:a6:10:c4:cc:d5:df:e8:4b:
05:38:44:46:bb:9c:16:7c:02:0e:3c:1a:bc:ee:9c:64:1d:06:
a8:55:31:97:fb:ed:d6:c7:98:77:8f:02:43:89:46:f6:e2:a3:
b2:13:fc:19:4e:42:1e:ae:d2:df:13:38:c6:d2:43:c1:8f:fa:
0b:6d:50:04:9e:91:f0:53:b4:1b:73:c6:e4:1d:02:d4:1a:06:
72:f8:bc:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZXZ530cP1rvVh/PJyz49A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDIxMDgxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTY3Y2UxMGI3NDk4Njg3YmMyY2NiYTQ2MDMwMDkwNTM2NTA3ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1SeK8eSI0Ptu0tNjbCkZ7qFZWdW
UfegmVkQKQoIV97wXL6r4dOFhkKj0c9G53p8dDIGsYhNltclfw41APuGEdXPvrj6
MAUUnXKVHpAUkEbmElua4PDTo5hL136OZWc+KJgUryHFBGbLXmNdooMECe/6fObx
vHqXki6gk4WVsgGh0K+4IuuhCbydkGi8zgsSO4cbvwrC0JZNuQcEVGEuKiajrNMR
2JSD92LayBrfcJS/k2ksCOYnFmWCEQNxcGlfYO9gSAyLrNA9gJ5A+znAmCcBqbDT
0nBJxYNglg3o9Iv/m2bc8kZtCdFYYY4pmRAZTK4Jih2O3La1LaSSD5EUpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMlnzhC3SYaHvCzLpGAwCQU2UH4yMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEveVdmT0VMZEpob2U4TE11a1lEQUpCVFpRZmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3LGAwQA
1dwJMA0GCSqGSIb3DQEBCwUAA4IBAQBAr9wUuH+B+D6NvcpPSB6Mj5erZt4C01mH
h0Lv7sesVA3TaZ6/oahUD1Thr/kDf0qhSVrnZCQL6Ouz/QeDZA29IaSbumO60Wr1
Z2808YJEKU8zjKJlI9Y5zWyYzyN9pOsDDcSRl8bzmVzd/tTgou7ZqhoxnfV+oPBy
bB4RgVnAsWQkpWboVHg+JhWki65sLf8F2x/gFHdUZJDQ2s4BRsJtGO6nKxd1Lts7
UcslphDEzNXf6EsFOERGu5wWfAIOPBq87pxkHQaoVTGX++3Wx5h3jwJDiUb24qOy
E/wZTkIertLfEzjG0kPBj/oLbVAEnpHwU7Qbc8bkHQLUGgZy+LwZ
-----END CERTIFICATE-----
Generated at Fri May 9 20:33:18 2025 by rpki-client