Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rDZ6ivvD4SlyJPPc1yOq5pFEZoY.roa
File: rDZ6ivvD4SlyJPPc1yOq5pFEZoY.roa (raw, json)
Hash identifier: Lm1pL3km6Ao30uiJ4W+WoXDsOUh2+a4cKX4wmODCl00=
Subject key identifier: AC:36:7A:8A:FB:C3:E1:29:72:24:F3:DC:D7:23:AA:E6:91:44:66:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019416FEB85DBEF1976F7C93BCB807DAE268
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rDZ6ivvD4SlyJPPc1yOq5pFEZoY.roa
Signing time: Mon 30 Dec 2024 09:56:19 +0000
ROA not before: Mon 30 Dec 2024 09:56:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214417
IP address blocks: 176.125.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:16:fe:b8:5d:be:f1:97:6f:7c:93:bc:b8:07:da:e2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 30 09:56:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac367a8afbc3e1297224f3dcd723aae691446686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f3:bf:5e:ea:3d:8b:52:7f:b8:0b:09:f6:c9:
ff:3b:e4:fb:70:ba:0a:82:b4:95:27:36:86:d0:d7:
77:70:df:e1:13:6a:91:5f:68:62:a2:e3:cc:81:f2:
79:78:c3:ae:e4:e2:52:89:c8:40:9f:8d:0e:95:24:
4a:c7:67:f9:32:43:e5:92:1e:e0:02:d7:d8:b1:cc:
c9:1f:3f:2e:54:c8:c7:48:a7:df:11:03:11:52:73:
1e:aa:69:eb:20:d3:3d:40:4c:a7:07:68:48:c9:4a:
b3:bb:fe:3a:a9:e8:1a:dd:ca:85:4b:9a:57:25:b1:
b3:92:a0:95:e0:66:f5:4e:4a:9b:0d:92:64:cc:de:
fa:a0:b8:41:58:c0:3f:6a:1d:0c:9f:99:75:30:cf:
b5:27:29:f5:9a:31:7f:97:43:7e:b0:2d:03:a6:a5:
aa:ad:fd:d0:90:80:7a:fc:d7:b3:70:fa:eb:71:15:
86:0d:bf:a7:ac:78:08:a9:eb:77:93:6b:7a:0c:c3:
df:21:8a:28:86:17:3c:e7:ba:3e:d3:3d:e3:2b:ca:
d7:49:3f:1d:87:d8:47:ad:43:23:7b:0e:44:99:07:
52:23:67:1f:f9:fa:9b:63:46:ff:d0:45:90:bf:72:
a0:69:d1:40:48:ec:35:58:15:95:fa:90:81:d9:00:
2e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:36:7A:8A:FB:C3:E1:29:72:24:F3:DC:D7:23:AA:E6:91:44:66:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rDZ6ivvD4SlyJPPc1yOq5pFEZoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.254.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b8:57:c4:75:a2:92:fe:ef:0b:af:3e:38:41:82:eb:76:49:
14:48:02:2f:42:88:1e:57:97:75:3d:ad:39:88:e9:17:3d:4e:
f0:11:95:9c:2c:e5:ac:ef:d0:3e:4d:49:bd:ac:57:9a:d7:7f:
3b:34:1f:be:60:ad:11:da:19:31:e6:0e:79:ba:27:97:4b:ce:
3a:cd:a1:4b:8b:a1:b6:2e:7c:f4:57:b4:56:d4:75:a3:ab:0a:
fd:69:1e:59:37:df:85:6c:e3:b9:09:87:c1:bf:ba:c2:d2:19:
73:54:0d:59:13:c2:8f:41:03:a2:c6:23:d5:e4:76:5c:d0:b0:
52:c2:c0:b6:74:ce:6f:4a:52:23:3d:d4:cc:6f:2d:f1:17:54:
c8:b8:35:89:25:ba:51:49:1e:bc:36:bf:a4:f2:70:6d:07:23:
2d:d1:13:6e:11:8d:44:57:a9:48:fa:af:75:87:20:b8:a0:ae:
c8:06:e7:fe:0a:33:da:56:c3:41:6b:64:f0:d8:82:53:88:1d:
e0:ad:7d:30:f9:e2:dc:31:0b:a6:65:3e:e7:63:c7:48:ae:64:
97:2c:53:47:87:2e:a5:32:79:f1:52:f6:ae:20:cc:ac:b7:1f:
7d:c7:42:08:30:03:3b:2c:d2:d0:f2:30:86:26:e6:65:3f:93:
35:fe:3f:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQW/rhdvvGXb3yTvLgH2uJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjMwMDk1NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzM2N2E4YWZiYzNlMTI5NzIyNGYzZGNkNzIzYWFlNjkxNDQ2Njg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/O/Xuo9i1J/uAsJ9sn/O+T7cLoK
grSVJzaG0Nd3cN/hE2qRX2hiouPMgfJ5eMOu5OJSichAn40OlSRKx2f5MkPlkh7g
AtfYsczJHz8uVMjHSKffEQMRUnMeqmnrINM9QEynB2hIyUqzu/46qega3cqFS5pX
JbGzkqCV4Gb1TkqbDZJkzN76oLhBWMA/ah0Mn5l1MM+1Jyn1mjF/l0N+sC0DpqWq
rf3QkIB6/NezcPrrcRWGDb+nrHgIqet3k2t6DMPfIYoohhc857o+0z3jK8rXST8d
h9hHrUMjew5EmQdSI2cf+fqbY0b/0EWQv3KgadFASOw1WBWV+pCB2QAuCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKw2eor7w+EpciTz3NcjquaRRGaGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvckRaNml2dkQ0U2x5SlBQYzF5T3E1cEZFWm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsH3+MA0G
CSqGSIb3DQEBCwUAA4IBAQATuFfEdaKS/u8Lrz44QYLrdkkUSAIvQogeV5d1Pa05
iOkXPU7wEZWcLOWs79A+TUm9rFea1387NB++YK0R2hkx5g55uieXS846zaFLi6G2
Lnz0V7RW1HWjqwr9aR5ZN9+FbOO5CYfBv7rC0hlzVA1ZE8KPQQOixiPV5HZc0LBS
wsC2dM5vSlIjPdTMby3xF1TIuDWJJbpRSR68Nr+k8nBtByMt0RNuEY1EV6lI+q91
hyC4oK7IBuf+CjPaVsNBa2Tw2IJTiB3grX0w+eLcMQumZT7nY8dIrmSXLFNHhy6l
MnnxUvauIMystx99x0IIMAM7LNLQ8jCGJuZlP5M1/j+H
-----END CERTIFICATE-----
Generated at Wed Apr 30 12:04:12 2025 by rpki-client