Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/s_N59_9YuYx_S_S9Hm1lKARjffo.roa
File: s_N59_9YuYx_S_S9Hm1lKARjffo.roa (raw, json)
Hash identifier: GhhV4leMWyahypivsrxSC4fcpybmWn8mstmkJxBTYXU=
Subject key identifier: B3:F3:79:F7:FF:58:B9:8C:7F:4B:F4:BD:1E:6D:65:28:04:63:7D:FA
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 01942521AD5BEA3B99B84327E2520CB121FD
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/s_N59_9YuYx_S_S9Hm1lKARjffo.roa
Signing time: Thu 02 Jan 2025 03:49:11 +0000
ROA not before: Thu 02 Jan 2025 03:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209369
IP address blocks: 185.22.96.0/22 maxlen: 22
213.134.21.0/24 maxlen: 24
2a13:5280::/29 maxlen: 64
Validation: Failed, certificate revoked on Fri 07 Feb 2025 11:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ad:5b:ea:3b:99:b8:43:27:e2:52:0c:b1:21:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Jan 2 03:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3f379f7ff58b98c7f4bf4bd1e6d652804637dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:71:71:a1:71:b8:cd:f4:82:09:51:3b:63:e8:
08:f1:df:10:dc:a1:e8:2f:44:f5:d4:53:1c:d5:96:
e4:e1:cf:71:7e:73:ff:41:5a:38:6b:3c:21:54:e9:
96:c3:c5:12:fa:0c:f8:6a:32:0e:86:5e:fd:77:26:
45:1e:c1:df:f9:f3:f6:d4:69:73:46:ac:b9:74:0a:
67:73:28:6f:41:b9:87:0d:b2:0f:25:77:c2:9c:03:
6c:f7:85:3e:85:4a:e2:80:b0:38:7a:95:c6:6f:1c:
14:73:4c:a6:9c:c3:66:c9:38:ab:f4:23:db:dc:df:
49:a5:05:b6:eb:f0:5f:08:21:e2:83:bc:48:83:37:
ec:35:0e:1c:a8:1a:e4:e8:e5:11:4f:e3:7b:fb:bc:
db:8f:b0:16:63:1f:32:a8:11:37:a8:e6:70:61:1b:
c8:25:27:cd:2e:35:19:81:f3:88:03:0e:5a:d5:bc:
a3:66:e7:e5:3d:d6:97:5f:ec:41:c0:71:3b:1a:0a:
b2:4e:70:5b:9b:56:31:6a:98:c0:af:5c:62:d1:b0:
46:71:24:d2:b1:05:86:c2:9f:f1:f5:78:02:14:a0:
bd:44:8b:56:d5:3f:2d:85:b7:95:61:cc:8b:ce:40:
d5:54:93:30:64:b8:f4:ae:45:98:24:43:75:18:23:
de:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F3:79:F7:FF:58:B9:8C:7F:4B:F4:BD:1E:6D:65:28:04:63:7D:FA
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/s_N59_9YuYx_S_S9Hm1lKARjffo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.96.0/22
213.134.21.0/24
IPv6:
2a13:5280::/29
Signature Algorithm: sha256WithRSAEncryption
19:86:29:b5:88:4a:c3:5c:1a:3a:6f:1f:a2:9c:c4:77:18:b5:
65:04:2e:05:2f:13:85:b9:11:ff:a0:1e:80:80:80:54:e1:e7:
15:ef:89:d3:11:4a:8f:40:ce:fa:91:eb:68:60:0c:04:d9:f9:
b8:2b:51:95:9e:5f:b9:dd:fe:c5:bc:95:bc:44:7f:e9:f4:a5:
e2:6e:8d:52:ae:8d:83:8c:1a:9f:c2:a3:10:1e:91:5e:7a:95:
cf:ea:92:84:f1:da:ac:b3:2d:4d:91:3a:ed:a5:df:a1:06:8c:
d3:45:74:aa:90:e1:46:be:62:4a:3b:38:8c:3f:63:ee:af:24:
65:ed:d0:34:4e:b2:1f:94:66:7a:0e:80:1d:7b:ac:7c:33:45:
45:9f:e5:28:39:99:cc:bf:c6:de:2a:34:62:8a:29:2b:8b:b4:
f3:bf:82:3b:9f:71:f6:71:cd:22:0f:47:e0:e4:1f:4c:3e:30:
1c:e9:27:5e:14:e4:b2:39:b4:02:fc:e8:d8:67:79:90:3c:95:
8c:73:e4:02:90:11:b9:9e:f3:f8:1d:c9:ca:ff:6b:ad:8d:af:
35:65:f6:3b:e9:72:5f:02:c2:3b:31:75:9b:e7:ef:bf:b7:3f:
e4:7d:71:08:d1:ef:29:e0:fe:5f:ad:0a:5c:bb:6e:a0:26:36:
d1:f6:69:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIa1b6juZuEMn4lIMsSH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjUwMTAyMDM0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2YzNzlmN2ZmNThiOThjN2Y0YmY0YmQxZTZkNjUyODA0NjM3ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3FxoXG4zfSCCVE7Y+gI8d8Q3KHo
L0T11FMc1Zbk4c9xfnP/QVo4azwhVOmWw8US+gz4ajIOhl79dyZFHsHf+fP21Glz
Rqy5dApncyhvQbmHDbIPJXfCnANs94U+hUrigLA4epXGbxwUc0ymnMNmyTir9CPb
3N9JpQW26/BfCCHig7xIgzfsNQ4cqBrk6OURT+N7+7zbj7AWYx8yqBE3qOZwYRvI
JSfNLjUZgfOIAw5a1byjZuflPdaXX+xBwHE7GgqyTnBbm1YxapjAr1xi0bBGcSTS
sQWGwp/x9XgCFKC9RItW1T8thbeVYcyLzkDVVJMwZLj0rkWYJEN1GCPe6QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLPzeff/WLmMf0v0vR5tZSgEY336MB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvc19ONTlfOVl1WXhfU19TOUhtMWxLQVJqZmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRZgAwQA
1YYVMA0EAgACMAcDBQMqE1KAMA0GCSqGSIb3DQEBCwUAA4IBAQAZhim1iErDXBo6
bx+inMR3GLVlBC4FLxOFuRH/oB6AgIBU4ecV74nTEUqPQM76ketoYAwE2fm4K1GV
nl+53f7FvJW8RH/p9KXibo1Sro2DjBqfwqMQHpFeepXP6pKE8dqssy1NkTrtpd+h
BozTRXSqkOFGvmJKOziMP2PuryRl7dA0TrIflGZ6DoAde6x8M0VFn+UoOZnMv8be
KjRiiikri7Tzv4I7n3H2cc0iD0fg5B9MPjAc6SdeFOSyObQC/OjYZ3mQPJWMc+QC
kBG5nvP4HcnK/2utja81ZfY76XJfAsI7MXWb5++/tz/kfXEI0e8p4P5frQpcu26g
JjbR9mmU
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:10:00 2025 by rpki-client