Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/_kQghqoSb_X-J1eU6Veg5jZb_lM.roa
File: _kQghqoSb_X-J1eU6Veg5jZb_lM.roa (raw, json)
Hash identifier: orSjRm3BUlA0zgYAAY5tZI6SycvEHAlos/+pRkt9kWw=
Subject key identifier: FE:44:20:86:AA:12:6F:F5:FE:27:57:94:E9:57:A0:E6:36:5B:FE:53
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 019424448D126347BE84133D1791CA34BF7E
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/_kQghqoSb_X-J1eU6Veg5jZb_lM.roa
Signing time: Wed 01 Jan 2025 23:47:39 +0000
ROA not before: Wed 01 Jan 2025 23:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28917
IP address blocks: 212.233.68.0/22 maxlen: 24
2a13:6d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Feb 2025 10:55:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:8d:12:63:47:be:84:13:3d:17:91:ca:34:bf:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Jan 1 23:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe442086aa126ff5fe275794e957a0e6365bfe53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f8:d3:53:2e:cb:3f:74:42:27:80:0e:ae:54:
e0:e9:2d:18:c9:2a:12:d0:e7:75:48:f0:19:ac:58:
f0:69:44:df:1c:34:89:4d:7e:09:b6:38:af:4a:39:
81:7f:ab:2e:a8:a7:95:a2:7e:99:8c:27:48:0d:d1:
dd:82:97:9a:3f:a1:5d:b9:ea:ba:f8:96:d8:0c:d0:
1b:87:ae:fb:d7:63:53:34:fb:d1:45:ff:44:a9:a8:
72:1a:d7:84:ee:e6:20:3c:e5:31:0f:32:e7:b9:83:
64:98:e1:46:e4:3f:4a:59:08:37:bb:88:3e:f0:d2:
6c:b0:5a:dd:a3:bd:68:42:45:2b:f2:15:f2:2a:76:
91:9b:c2:6c:69:e8:48:c5:83:fb:b7:0e:9a:cd:0a:
e7:be:28:59:f5:11:fe:01:a5:a7:32:62:cc:18:2c:
8a:27:0a:7c:d2:16:4d:2a:2f:2b:90:99:cb:ae:11:
d7:ba:d2:3a:12:5f:20:aa:ef:2d:5b:73:85:2e:d9:
ea:18:46:5f:30:44:21:28:ba:de:77:7e:f3:b7:59:
9e:46:4f:96:a2:c6:53:c3:4a:fa:94:c5:31:1e:79:
bb:79:26:aa:c6:ae:df:05:2d:8a:34:7e:04:eb:e3:
0f:df:24:5a:62:24:7e:f7:8d:de:6c:95:63:02:7c:
a1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:44:20:86:AA:12:6F:F5:FE:27:57:94:E9:57:A0:E6:36:5B:FE:53
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/_kQghqoSb_X-J1eU6Veg5jZb_lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.233.68.0/22
IPv6:
2a13:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
91:d3:4d:9f:9f:46:c5:06:28:be:1d:21:39:d2:ca:d3:85:62:
fa:7b:b0:0a:98:4c:24:ff:02:64:0f:4e:67:db:5c:06:c9:db:
5a:94:19:8b:b2:3c:2a:06:8f:3e:6b:b4:bf:d0:10:3e:5f:c3:
e3:95:c1:ff:4f:7b:e1:94:1e:c3:c4:9a:d6:ca:27:d8:68:34:
d0:dc:92:a9:0c:01:07:f9:08:13:0c:0f:f6:0b:f0:58:88:16:
64:aa:1f:78:11:d1:40:bb:b1:cb:f0:d3:e7:bf:31:06:6d:dc:
3f:b6:c6:99:49:24:aa:d7:ae:0c:c2:55:a2:41:f0:2e:71:9e:
01:d3:46:c8:a2:12:79:3f:27:2b:44:5c:f5:f0:e8:9a:31:e0:
a9:28:d7:e6:d6:d6:59:cf:da:eb:19:04:ce:2d:4c:c2:c5:37:
2d:20:d9:75:cb:65:d7:11:11:32:03:1c:42:c3:46:25:e6:b2:
75:04:76:1c:15:92:41:94:c7:10:5e:2c:52:b2:97:50:02:44:
49:b6:ce:db:22:8c:73:bf:60:ce:44:20:f6:e5:ec:3a:bf:1e:
5d:46:f4:98:9e:bd:8d:29:78:07:f1:94:a6:cf:83:85:1f:c6:
db:01:5a:a2:c4:fd:76:3b:4c:77:ba:96:92:60:84:22:2c:3f:
50:9a:81:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRI0SY0e+hBM9F5HKNL9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjUwMTAxMjM0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ0MjA4NmFhMTI2ZmY1ZmUyNzU3OTRlOTU3YTBlNjM2NWJmZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/jTUy7LP3RCJ4AOrlTg6S0YySoS
0Od1SPAZrFjwaUTfHDSJTX4JtjivSjmBf6suqKeVon6ZjCdIDdHdgpeaP6Fdueq6
+JbYDNAbh67712NTNPvRRf9EqahyGteE7uYgPOUxDzLnuYNkmOFG5D9KWQg3u4g+
8NJssFrdo71oQkUr8hXyKnaRm8JsaehIxYP7tw6azQrnvihZ9RH+AaWnMmLMGCyK
Jwp80hZNKi8rkJnLrhHXutI6El8gqu8tW3OFLtnqGEZfMEQhKLred37zt1meRk+W
osZTw0r6lMUxHnm7eSaqxq7fBS2KNH4E6+MP3yRaYiR+943ebJVjAnyhiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP5EIIaqEm/1/idXlOlXoOY2W/5TMB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvX2tRZ2hxb1NiX1gtSjFlVTZWZWc1alpiX2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1OlEMA0E
AgACMAcDBQMqE21AMA0GCSqGSIb3DQEBCwUAA4IBAQCR002fn0bFBii+HSE50srT
hWL6e7AKmEwk/wJkD05n21wGydtalBmLsjwqBo8+a7S/0BA+X8PjlcH/T3vhlB7D
xJrWyifYaDTQ3JKpDAEH+QgTDA/2C/BYiBZkqh94EdFAu7HL8NPnvzEGbdw/tsaZ
SSSq164MwlWiQfAucZ4B00bIohJ5PycrRFz18OiaMeCpKNfm1tZZz9rrGQTOLUzC
xTctINl1y2XXEREyAxxCw0Yl5rJ1BHYcFZJBlMcQXixSspdQAkRJts7bIoxzv2DO
RCD25ew6vx5dRvSYnr2NKXgH8ZSmz4OFH8bbAVqixP12O0x3upaSYIQiLD9QmoGt
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:13:13 2025 by rpki-client