Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/XXtRIHBoYFve0IxGM5FvF81rlJQ.roa
File: XXtRIHBoYFve0IxGM5FvF81rlJQ.roa (raw, json)
Hash identifier: DSq601niqWY1sLwk+5EozrGX6yXwSn1GlRN15/U3K9A=
Subject key identifier: 5D:7B:51:20:70:68:60:5B:DE:D0:8C:46:33:91:6F:17:CD:6B:94:94
Certificate issuer: /CN=bc35904e24db0e990495a3445e77d1136ed618d7
Certificate serial: 019667A15D32B52E73251EC076294063D5E2
Authority key identifier: BC:35:90:4E:24:DB:0E:99:04:95:A3:44:5E:77:D1:13:6E:D6:18:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDWQTiTbDpkElaNEXnfRE27WGNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/XXtRIHBoYFve0IxGM5FvF81rlJQ.roa
Signing time: Thu 24 Apr 2025 11:49:10 +0000
ROA not before: Thu 24 Apr 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16589
IP address blocks: 213.165.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Sat 26 Apr 2025 17:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:a1:5d:32:b5:2e:73:25:1e:c0:76:29:40:63:d5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc35904e24db0e990495a3445e77d1136ed618d7
Validity
Not Before: Apr 24 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d7b51207068605bded08c4633916f17cd6b9494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:72:b5:90:c2:c3:2b:63:4b:1b:31:6f:10:ad:
c0:cf:91:3a:40:ec:93:02:18:9d:75:c7:f7:6c:bb:
05:d9:05:b6:14:a5:3d:ae:b6:a5:28:a7:61:50:71:
ed:4b:f0:c9:cc:ec:bf:49:57:3e:3b:21:4c:96:fa:
f5:5f:a1:9d:33:a7:96:17:d0:9d:96:90:81:52:97:
87:ae:f0:8e:1d:9c:11:21:45:3f:0f:88:d7:fd:72:
67:2f:af:e7:69:12:ed:f4:51:b2:2b:2a:65:25:c0:
04:bc:67:95:fb:b8:d6:eb:fb:ab:35:70:d2:97:be:
5e:2f:33:00:6e:7e:7d:f8:3b:40:33:4c:3c:a6:ce:
15:e1:0a:ec:37:d5:e1:6d:d2:f7:82:6a:1f:dc:db:
d4:2a:0c:0a:66:3f:66:85:6e:d1:db:68:fb:93:93:
b8:69:3e:97:01:4f:ea:00:dd:69:2f:78:b5:82:e8:
5e:44:02:e4:e3:d0:4a:c0:e9:1f:3d:b1:37:36:4e:
00:7d:5c:68:9e:bc:f5:df:19:ed:60:5f:50:9f:f0:
48:1d:ce:5f:42:bb:e2:57:6f:f3:22:a3:03:55:67:
2b:b1:8c:eb:e2:11:cd:b6:47:6c:61:53:12:bb:10:
a4:60:41:9f:77:e4:24:22:f4:1d:b0:3b:12:68:1e:
85:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7B:51:20:70:68:60:5B:DE:D0:8C:46:33:91:6F:17:CD:6B:94:94
X509v3 Authority Key Identifier:
keyid:BC:35:90:4E:24:DB:0E:99:04:95:A3:44:5E:77:D1:13:6E:D6:18:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDWQTiTbDpkElaNEXnfRE27WGNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/XXtRIHBoYFve0IxGM5FvF81rlJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/632dc0-4d2d-40c2-ab65-c38b1f9d457c/1/vDWQTiTbDpkElaNEXnfRE27WGNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.165.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b9:af:49:91:ab:e4:80:03:fd:33:47:33:54:57:6b:a2:68:c4:
2c:ed:9b:72:ec:a9:91:c3:2a:c4:0a:46:08:34:aa:c7:30:55:
70:f0:5e:52:ac:fc:6c:19:68:5d:38:b8:db:f1:92:0d:d7:b7:
08:d1:83:f7:86:cc:c5:21:b6:86:a3:06:53:45:7f:22:9f:cb:
ba:7c:37:75:58:75:ba:8a:93:23:ef:fb:68:6a:ff:0a:7f:e6:
5a:b6:3e:dc:aa:aa:6c:29:a5:66:bd:21:a2:c1:94:12:bd:64:
ce:84:e7:3c:c4:e4:2e:b8:2c:42:a9:18:1d:96:ba:1e:aa:21:
04:3e:61:0f:80:03:03:31:19:3c:e4:84:40:0b:af:25:00:49:
57:a4:6c:fc:28:2b:e4:4a:bf:dc:59:69:5c:bf:fc:f8:99:e8:
0d:26:b5:51:f1:83:1d:8f:8a:cf:fe:1a:60:34:32:c3:e8:72:
fe:ae:04:43:66:88:19:08:1f:8c:b6:82:9d:fc:98:59:2d:7b:
25:8c:57:70:0e:75:92:2b:5a:40:d0:7c:76:51:f4:c8:db:5b:
ab:71:f8:11:62:40:77:7b:96:76:a5:4b:d8:5d:f9:fe:c3:8b:
01:bd:98:18:6f:89:fd:a5:5e:ec:6e:85:48:70:01:f2:3e:8f:
fc:24:2e:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZnoV0ytS5zJR7AdilAY9XiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMzU5MDRlMjRkYjBlOTkwNDk1YTM0NDVlNzdkMTEzNmVk
NjE4ZDcwHhcNMjUwNDI0MTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDdiNTEyMDcwNjg2MDViZGVkMDhjNDYzMzkxNmYxN2NkNmI5NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3K1kMLDK2NLGzFvEK3Az5E6QOyT
Ahiddcf3bLsF2QW2FKU9rralKKdhUHHtS/DJzOy/SVc+OyFMlvr1X6GdM6eWF9Cd
lpCBUpeHrvCOHZwRIUU/D4jX/XJnL6/naRLt9FGyKyplJcAEvGeV+7jW6/urNXDS
l75eLzMAbn59+DtAM0w8ps4V4QrsN9XhbdL3gmof3NvUKgwKZj9mhW7R22j7k5O4
aT6XAU/qAN1pL3i1guheRALk49BKwOkfPbE3Nk4AfVxonrz13xntYF9Qn/BIHc5f
QrviV2/zIqMDVWcrsYzr4hHNtkdsYVMSuxCkYEGfd+QkIvQdsDsSaB6FZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF17USBwaGBb3tCMRjORbxfNa5SUMB8GA1UdIwQY
MBaAFLw1kE4k2w6ZBJWjRF530RNu1hjXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkRXUVRpVGJEcGtFbGFORVhuZlJFMjdXR05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82MzJkYzAtNGQyZC00MGMyLWFiNjUt
YzM4YjFmOWQ0NTdjLzEvWFh0UklIQm9ZRnZlMEl4R001RnZGODFybEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82MzJkYzAtNGQyZC00MGMyLWFiNjUtYzM4YjFmOWQ0NTdj
LzEvdkRXUVRpVGJEcGtFbGFORVhuZlJFMjdXR05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1aUgMA0G
CSqGSIb3DQEBCwUAA4IBAQC5r0mRq+SAA/0zRzNUV2uiaMQs7Zty7KmRwyrECkYI
NKrHMFVw8F5SrPxsGWhdOLjb8ZIN17cI0YP3hszFIbaGowZTRX8in8u6fDd1WHW6
ipMj7/toav8Kf+Zatj7cqqpsKaVmvSGiwZQSvWTOhOc8xOQuuCxCqRgdlroeqiEE
PmEPgAMDMRk85IRAC68lAElXpGz8KCvkSr/cWWlcv/z4megNJrVR8YMdj4rP/hpg
NDLD6HL+rgRDZogZCB+MtoKd/JhZLXsljFdwDnWSK1pA0Hx2UfTI21urcfgRYkB3
e5Z2pUvYXfn+w4sBvZgYb4n9pV7sboVIcAHyPo/8JC63
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:19:13 2025 by rpki-client