Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7QN3l42DCh0jT4fhAtGbk82eqzI.roa
File: 7QN3l42DCh0jT4fhAtGbk82eqzI.roa (raw, json)
Hash identifier: mpDVRadw+OqVrYqpYGfTCbYAV7peTKu6LTzMi5HKmU0=
Subject key identifier: ED:03:77:97:8D:83:0A:1D:23:4F:87:E1:02:D1:9B:93:CD:9E:AB:32
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193BAA7DC1BF9741835847AF9A3C8954293
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7QN3l42DCh0jT4fhAtGbk82eqzI.roa
Signing time: Thu 12 Dec 2024 11:36:23 +0000
ROA not before: Thu 12 Dec 2024 11:36:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215826
IP address blocks: 212.87.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:a7:dc:1b:f9:74:18:35:84:7a:f9:a3:c8:95:42:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 12 11:36:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed0377978d830a1d234f87e102d19b93cd9eab32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:00:ad:a9:43:f5:64:83:54:43:89:2d:1e:29:
51:c1:aa:2e:5e:9a:4c:52:4d:fa:64:80:7a:21:e3:
da:93:26:6d:e9:2b:bc:12:f1:03:00:f9:de:aa:89:
77:89:f6:ae:38:6c:14:89:11:35:4e:7e:77:e6:4f:
fe:43:71:40:4c:77:6b:f7:30:56:59:af:13:fe:b8:
56:a8:32:3c:52:64:93:d8:6a:b8:1a:4a:72:c9:90:
10:a8:16:20:13:86:30:79:0a:93:66:59:99:77:00:
11:c5:39:13:37:7e:fd:5e:fc:99:c4:9f:d8:27:02:
49:0a:3b:9b:44:63:e2:ed:d6:b1:39:3a:93:e1:36:
0b:a2:5c:45:fb:09:78:02:e9:df:85:5b:40:84:a0:
63:5a:84:e9:2a:ad:11:2f:af:7e:31:4c:2c:12:4b:
e1:68:c3:66:b4:fe:9b:5d:35:b2:64:c9:05:d5:90:
65:63:a1:69:80:81:6f:ce:8b:22:a0:5b:16:de:c8:
8b:7c:7d:d9:24:7b:d2:cb:64:d7:32:55:89:c1:90:
ad:fd:d2:25:0e:71:3b:4f:20:9f:e8:89:71:bd:74:
fb:ca:88:f4:ef:b9:0b:bc:bb:e1:89:25:85:40:62:
f8:6b:3f:c7:43:60:3a:66:a1:9e:2c:b9:e0:d7:34:
9d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:03:77:97:8D:83:0A:1D:23:4F:87:E1:02:D1:9B:93:CD:9E:AB:32
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7QN3l42DCh0jT4fhAtGbk82eqzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.220.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:8c:3e:77:fe:8b:d3:7d:de:cc:51:4a:72:27:6b:ab:48:e7:
45:92:04:29:ec:76:5b:42:93:03:5a:e8:d0:53:d0:e6:98:f9:
bb:80:64:92:71:a9:aa:92:31:60:0f:04:9a:df:37:8c:78:9b:
2a:d5:06:a5:75:bb:15:77:67:75:ec:36:1a:83:6f:c6:c3:ef:
26:51:3d:71:8c:c0:5c:c4:fc:0b:a2:12:ca:bf:9d:88:e0:4b:
57:16:31:54:14:5c:d2:7f:20:db:5e:f5:ac:79:f0:33:de:2e:
6b:52:c8:51:0d:3a:b9:3c:4d:1d:7c:3f:1f:f8:2b:60:f6:6d:
f3:84:92:f1:3a:c8:80:77:a0:fe:f0:67:4c:ae:04:ef:8c:d7:
31:1f:7c:7b:fb:83:9f:c8:26:cc:d1:c2:2a:47:a1:aa:d3:79:
72:8b:18:6c:ae:4a:e5:6a:f6:c0:63:d7:f5:75:e3:ef:1d:c0:
20:e2:b8:78:2d:5f:16:4c:11:d7:de:a8:bd:5b:7b:5f:d0:a5:
01:a5:c2:31:04:3b:f2:2e:e1:ce:82:e4:fa:58:13:71:4e:1c:
d9:d1:4b:46:c1:6f:67:d0:a1:7c:6d:96:a3:2b:63:ea:a7:a6:
06:af:52:1b:8f:32:e4:39:fc:99:cc:c7:48:c5:30:b5:f7:4d:
d7:14:57:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO6p9wb+XQYNYR6+aPIlUKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjEyMTEzNjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDAzNzc5NzhkODMwYTFkMjM0Zjg3ZTEwMmQxOWI5M2NkOWVhYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQCtqUP1ZINUQ4ktHilRwaouXppM
Uk36ZIB6IePakyZt6Su8EvEDAPneqol3ifauOGwUiRE1Tn535k/+Q3FATHdr9zBW
Wa8T/rhWqDI8UmST2Gq4GkpyyZAQqBYgE4YweQqTZlmZdwARxTkTN379XvyZxJ/Y
JwJJCjubRGPi7daxOTqT4TYLolxF+wl4AunfhVtAhKBjWoTpKq0RL69+MUwsEkvh
aMNmtP6bXTWyZMkF1ZBlY6FpgIFvzosioFsW3siLfH3ZJHvSy2TXMlWJwZCt/dIl
DnE7TyCf6IlxvXT7yoj077kLvLvhiSWFQGL4az/HQ2A6ZqGeLLng1zSd0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0Dd5eNgwodI0+H4QLRm5PNnqsyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN1FOM2w0MkRDaDBqVDRmaEF0R2JrODJlcXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FfcMA0G
CSqGSIb3DQEBCwUAA4IBAQCljD53/ovTfd7MUUpyJ2urSOdFkgQp7HZbQpMDWujQ
U9DmmPm7gGSScamqkjFgDwSa3zeMeJsq1QaldbsVd2d17DYag2/Gw+8mUT1xjMBc
xPwLohLKv52I4EtXFjFUFFzSfyDbXvWsefAz3i5rUshRDTq5PE0dfD8f+Ctg9m3z
hJLxOsiAd6D+8GdMrgTvjNcxH3x7+4OfyCbM0cIqR6Gq03lyixhsrkrlavbAY9f1
dePvHcAg4rh4LV8WTBHX3qi9W3tf0KUBpcIxBDvyLuHOguT6WBNxThzZ0UtGwW9n
0KF8bZajK2Pqp6YGr1IbjzLkOfyZzMdIxTC1903XFFf/
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:09:19 2025 by rpki-client