Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/2_Cp5SNGmoF6GDaUViuOzZmeVdk.roa
File: 2_Cp5SNGmoF6GDaUViuOzZmeVdk.roa (raw, json)
Hash identifier: b3nxc8LCUzfcls2WdDGbEpVAldWHUQENxktkKFzYpe0=
Subject key identifier: DB:F0:A9:E5:23:46:9A:81:7A:18:36:94:56:2B:8E:CD:99:9E:55:D9
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0196681C0AC49C716A4730E4BF1FEA8031F4
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/2_Cp5SNGmoF6GDaUViuOzZmeVdk.roa
Signing time: Thu 24 Apr 2025 14:03:10 +0000
ROA not before: Thu 24 Apr 2025 14:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 188.190.21.0/24 maxlen: 24
188.190.22.0/24 maxlen: 24
188.190.23.0/24 maxlen: 24
188.190.24.0/24 maxlen: 24
188.190.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 14:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:1c:0a:c4:9c:71:6a:47:30:e4:bf:1f:ea:80:31:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Apr 24 14:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbf0a9e523469a817a183694562b8ecd999e55d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:07:6e:ac:45:8f:93:b7:19:13:ba:7b:30:91:
08:c2:ca:fe:e3:de:cb:06:2b:d6:50:ba:32:01:b1:
ed:27:44:7a:7d:a1:65:5f:82:35:54:7a:37:7e:20:
2a:58:5a:e1:8d:6e:d0:88:1b:48:58:e3:4b:89:3a:
bc:db:9c:1a:0f:39:a0:8b:e0:52:81:ed:42:cb:36:
fe:43:ab:fe:b6:e0:e5:2f:9d:f9:92:ac:9a:ad:12:
52:65:c8:d6:36:e8:bd:4a:7a:b8:08:ed:f8:6d:33:
74:83:24:8d:10:b5:a8:82:ed:98:c8:0b:57:65:f2:
56:c2:13:92:6a:e8:b6:a4:8a:33:b6:dd:ef:60:f3:
e7:b3:b6:d0:5e:ed:4c:51:58:98:b8:3d:2e:45:c8:
61:0c:1d:4c:f9:f8:cf:77:d0:7b:55:43:6b:79:35:
ce:43:73:73:83:49:84:8a:6a:ca:14:80:8d:64:71:
1c:c3:7d:d8:4d:88:11:b1:d6:0f:05:0f:61:4c:84:
c3:af:3d:9b:a0:a4:c4:eb:23:d5:8f:b1:a6:d7:ca:
60:0d:de:e7:be:14:3a:ce:46:ad:af:5d:16:e1:e2:
d7:9a:93:34:d3:a9:f7:8f:ed:6c:2c:b1:1b:fc:17:
b7:5a:e2:e4:db:8a:ba:59:d7:1a:55:da:30:bf:cf:
bf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F0:A9:E5:23:46:9A:81:7A:18:36:94:56:2B:8E:CD:99:9E:55:D9
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/2_Cp5SNGmoF6GDaUViuOzZmeVdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.21.0-188.190.25.255
Signature Algorithm: sha256WithRSAEncryption
08:c0:e4:c1:d4:75:ff:09:1e:74:44:ca:e5:e3:78:a4:d7:5b:
3e:40:5f:ae:ae:4c:28:1c:8e:d4:58:9a:3d:18:88:3b:bb:58:
d6:f0:20:1e:20:f3:aa:3b:e8:8f:24:e3:b1:f5:d7:8b:72:e5:
14:1b:89:5d:0a:13:4d:a8:ea:87:7b:cb:1a:bc:f4:8b:97:64:
18:a1:1c:44:12:b9:72:7d:9f:b6:59:71:87:c2:0c:54:81:e1:
c5:65:93:b7:c0:e4:d2:6a:aa:f0:67:69:31:70:2c:50:6f:6b:
c9:18:1a:ea:65:d0:a1:6b:20:c2:36:97:ff:5d:02:78:27:a6:
c6:cc:cc:86:55:8f:4d:dc:4a:b5:cb:d2:2f:b2:45:2d:50:e4:
7b:52:9b:94:de:3a:15:5f:bb:21:37:bd:4d:5d:fb:ff:ec:6f:
3a:c6:b9:43:f4:b4:33:1c:47:dd:44:c8:46:3c:1f:01:fd:e7:
dd:96:8b:f5:56:7b:a1:6d:db:65:71:dc:19:32:d2:37:2d:e3:
31:db:0c:14:a2:d2:f3:da:00:d5:74:09:76:96:81:13:54:f4:
e5:74:6f:48:57:51:86:f6:29:c0:7f:41:40:72:d0:58:f3:f5:
86:2a:7a:60:e8:57:2e:12:d3:b4:4d:15:7f:dd:66:cd:34:46:
21:9c:67:c3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZoHArEnHFqRzDkvx/qgDH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjUwNDI0MTQwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYwYTllNTIzNDY5YTgxN2ExODM2OTQ1NjJiOGVjZDk5OWU1NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgdurEWPk7cZE7p7MJEIwsr+497L
BivWULoyAbHtJ0R6faFlX4I1VHo3fiAqWFrhjW7QiBtIWONLiTq825waDzmgi+BS
ge1Cyzb+Q6v+tuDlL535kqyarRJSZcjWNui9Snq4CO34bTN0gySNELWogu2YyAtX
ZfJWwhOSaui2pIoztt3vYPPns7bQXu1MUViYuD0uRchhDB1M+fjPd9B7VUNreTXO
Q3Nzg0mEimrKFICNZHEcw33YTYgRsdYPBQ9hTITDrz2boKTE6yPVj7Gm18pgDd7n
vhQ6zkatr10W4eLXmpM006n3j+1sLLEb/Be3WuLk24q6WdcaVdowv8+//QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNvwqeUjRpqBehg2lFYrjs2ZnlXZMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvMl9DcDVTTkdtb0Y2R0RhVVZpdU96Wm1lVmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC8vhUD
BAG8vhgwDQYJKoZIhvcNAQELBQADggEBAAjA5MHUdf8JHnREyuXjeKTXWz5AX66u
TCgcjtRYmj0YiDu7WNbwIB4g86o76I8k47H114ty5RQbiV0KE02o6od7yxq89IuX
ZBihHEQSuXJ9n7ZZcYfCDFSB4cVlk7fA5NJqqvBnaTFwLFBva8kYGupl0KFrIMI2
l/9dAngnpsbMzIZVj03cSrXL0i+yRS1Q5HtSm5TeOhVfuyE3vU1d+//sbzrGuUP0
tDMcR91EyEY8HwH9592Wi/VWe6Ft22Vx3Bky0jct4zHbDBSi0vPaANV0CXaWgRNU
9OV0b0hXUYb2KcB/QUBy0Fjz9YYqemDoVy4S07RNFX/dZs00RiGcZ8M=
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:12:25 2025 by rpki-client