Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/CLUuTLZEvhP9a92KnK-eItC1inM.roa
File: CLUuTLZEvhP9a92KnK-eItC1inM.roa (raw, json)
Hash identifier: 2Ri2AUgV0QW1CGKCE3hLOAPp2cpY+EAI4FjrPvKHqKQ=
Subject key identifier: 08:B5:2E:4C:B6:44:BE:13:FD:6B:DD:8A:9C:AF:9E:22:D0:B5:8A:73
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 0194A9F09F52325AC9CB671B13A1EE6EAD35
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/CLUuTLZEvhP9a92KnK-eItC1inM.roa
Signing time: Mon 27 Jan 2025 22:45:06 +0000
ROA not before: Mon 27 Jan 2025 22:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210099
IP address blocks: 212.64.210.0/24 maxlen: 24
212.64.211.0/24 maxlen: 24
212.64.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 14:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a9:f0:9f:52:32:5a:c9:cb:67:1b:13:a1:ee:6e:ad:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 27 22:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08b52e4cb644be13fd6bdd8a9caf9e22d0b58a73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6e:49:33:b3:10:46:14:13:44:d1:30:8a:23:
0a:6f:7b:c0:47:ce:43:6d:ae:2d:2b:b1:f6:6e:e3:
aa:88:21:0c:0b:5f:9d:88:43:d5:59:ef:5a:d1:6b:
81:96:26:e7:ca:a3:fe:29:2e:e8:10:cd:50:c7:11:
02:7e:b4:4d:a7:82:2a:fc:3e:1f:76:59:f0:9b:b8:
3f:80:98:e2:fc:4b:cc:7c:95:81:c7:59:25:6b:f1:
e6:f0:58:4a:6f:eb:de:e1:4e:d8:9e:e9:48:c8:64:
7f:d3:c2:e4:0c:10:ed:d3:41:34:95:bf:29:76:1a:
76:e5:ad:d2:b4:4f:67:47:95:f6:63:7f:0c:c9:ee:
fc:2c:44:a4:53:84:74:c9:b2:e5:a4:3c:34:44:4e:
64:d7:7e:4c:81:93:2f:81:6f:09:c8:90:e9:2d:2e:
6e:38:05:98:94:0f:16:f5:37:09:59:4b:02:69:1c:
87:3b:ef:fa:ea:d2:75:6e:e5:b0:1d:2c:4e:cc:ce:
15:45:2e:72:93:d3:e9:39:11:88:d3:4b:27:4e:38:
c5:ad:78:0f:8b:cf:f7:66:05:5f:72:5a:f2:0f:91:
59:21:24:85:46:99:40:f6:be:54:74:33:57:22:72:
f2:41:9e:a6:1f:5e:3a:07:9a:1e:0f:c2:57:3c:bc:
b9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B5:2E:4C:B6:44:BE:13:FD:6B:DD:8A:9C:AF:9E:22:D0:B5:8A:73
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/CLUuTLZEvhP9a92KnK-eItC1inM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.210.0/23
212.64.214.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6e:6e:57:3b:81:77:4f:14:54:3b:a0:01:dc:c5:80:7e:3a:
34:aa:11:28:01:c8:50:1c:63:fd:1e:af:ac:c4:d1:e6:ca:6f:
06:ee:5d:f8:f2:71:d5:72:08:70:09:86:dc:4b:7f:44:d7:a7:
5a:29:ee:32:8f:b2:a5:25:e5:1b:bb:fb:1d:38:ad:66:82:b4:
3f:24:ce:08:70:11:41:53:75:37:4c:48:6a:05:9f:1f:ea:cb:
bd:7d:d5:58:24:2d:98:f7:d3:bf:5f:67:c4:2e:43:97:53:7c:
b5:9e:01:e0:fb:df:92:0f:b3:0e:f3:e1:27:32:56:80:c3:9b:
27:0f:00:55:30:a4:21:5e:97:4e:67:f6:ff:28:33:ec:f4:69:
ff:9e:d9:9e:a7:cb:58:1a:ed:47:22:c7:e8:c9:01:d1:3d:72:
af:f9:21:f1:f7:13:23:70:80:7f:35:75:ea:f0:1a:3d:7c:fb:
20:2b:72:55:26:cc:d4:67:4f:13:e3:51:47:0c:9d:09:f7:a3:
e3:db:b5:18:bf:e8:64:d8:80:c6:99:05:7d:0a:49:da:b2:6b:
48:23:74:4a:03:f4:3b:70:b5:34:9f:19:01:eb:44:d3:c1:3e:
63:2f:c5:cb:93:4e:8a:fa:22:c3:b4:60:d0:3e:75:e8:5c:c4:
80:85:95:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSp8J9SMlrJy2cbE6Hubq01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjUwMTI3MjI0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGI1MmU0Y2I2NDRiZTEzZmQ2YmRkOGE5Y2FmOWUyMmQwYjU4YTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W5JM7MQRhQTRNEwiiMKb3vAR85D
ba4tK7H2buOqiCEMC1+diEPVWe9a0WuBlibnyqP+KS7oEM1QxxECfrRNp4Iq/D4f
dlnwm7g/gJji/EvMfJWBx1kla/Hm8FhKb+ve4U7YnulIyGR/08LkDBDt00E0lb8p
dhp25a3StE9nR5X2Y38Mye78LESkU4R0ybLlpDw0RE5k135MgZMvgW8JyJDpLS5u
OAWYlA8W9TcJWUsCaRyHO+/66tJ1buWwHSxOzM4VRS5yk9PpORGI00snTjjFrXgP
i8/3ZgVfclryD5FZISSFRplA9r5UdDNXInLyQZ6mH146B5oeD8JXPLy5qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAi1Lky2RL4T/WvdipyvniLQtYpzMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvQ0xVdVRMWkV2aFA5YTkyS25LLWVJdEMxaW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1EDSAwQA
1EDWMA0GCSqGSIb3DQEBCwUAA4IBAQCJbm5XO4F3TxRUO6AB3MWAfjo0qhEoAchQ
HGP9Hq+sxNHmym8G7l348nHVcghwCYbcS39E16daKe4yj7KlJeUbu/sdOK1mgrQ/
JM4IcBFBU3U3TEhqBZ8f6su9fdVYJC2Y99O/X2fELkOXU3y1ngHg+9+SD7MO8+En
MlaAw5snDwBVMKQhXpdOZ/b/KDPs9Gn/ntmep8tYGu1HIsfoyQHRPXKv+SHx9xMj
cIB/NXXq8Bo9fPsgK3JVJszUZ08T41FHDJ0J96Pj27UYv+hk2IDGmQV9CknasmtI
I3RKA/Q7cLU0nxkB60TTwT5jL8XLk06K+iLDtGDQPnXoXMSAhZUU
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:36:39 2025 by rpki-client