Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/IH17ojWLYNtT_Pz9Hp1WIXbb3I8.roa
File: IH17ojWLYNtT_Pz9Hp1WIXbb3I8.roa (raw, json)
Hash identifier: rxcBOLnC7qr72SiT5mNEvdiUGAYjrCgz3+RuxHPl4rA=
Subject key identifier: 20:7D:7B:A2:35:8B:60:DB:53:FC:FC:FD:1E:9D:56:21:76:DB:DC:8F
Certificate issuer: /CN=0c7887582d83d3f087682af8780a324a353ce782
Certificate serial: 0195CCB551674AACFC493C5D6BFBC5E0FCB1
Authority key identifier: 0C:78:87:58:2D:83:D3:F0:87:68:2A:F8:78:0A:32:4A:35:3C:E7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DHiHWC2D0_CHaCr4eAoySjU854I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/IH17ojWLYNtT_Pz9Hp1WIXbb3I8.roa
Signing time: Tue 25 Mar 2025 09:49:49 +0000
ROA not before: Tue 25 Mar 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13251
IP address blocks: 213.179.64.0/24 maxlen: 24
213.179.65.0/24 maxlen: 24
213.179.66.0/24 maxlen: 24
213.179.67.0/24 maxlen: 24
213.179.68.0/24 maxlen: 24
213.179.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 12:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:b5:51:67:4a:ac:fc:49:3c:5d:6b:fb:c5:e0:fc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c7887582d83d3f087682af8780a324a353ce782
Validity
Not Before: Mar 25 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=207d7ba2358b60db53fcfcfd1e9d562176dbdc8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bd:80:78:2b:fa:9d:16:37:b7:8c:28:52:25:
ab:f8:c8:ac:cf:9c:fc:f1:e0:01:7b:b9:f5:17:39:
5e:32:7d:02:ab:ae:44:7c:19:3c:9c:91:3b:66:d8:
d7:94:6f:92:3a:28:64:87:0d:4b:a9:c6:d1:01:8c:
7c:5f:6b:bf:0f:56:db:89:3a:e3:8e:95:c1:46:97:
11:39:8d:0a:11:60:6b:61:2a:64:00:30:01:fb:57:
ca:42:ce:91:11:04:b0:6e:30:cd:e8:59:23:4a:41:
5f:d3:fc:2e:e7:c9:7b:83:98:c1:cb:c3:d9:e9:8d:
9d:cb:de:e1:54:82:30:c7:6d:cd:e7:e1:bd:6f:4c:
9a:ba:e3:9a:bd:37:6d:a2:19:50:e5:79:1e:76:4c:
82:00:c4:c3:38:3b:24:96:da:77:c4:a9:b6:a0:70:
fd:86:44:a3:ea:4d:0b:3e:b8:5d:63:36:d4:4a:61:
7a:fd:75:d8:e1:a6:03:9e:95:1f:c5:fc:47:af:b6:
7e:48:fd:85:b9:18:08:03:5d:3a:6d:26:8a:20:b1:
a4:f1:80:e2:3e:7f:10:76:df:17:6e:2e:6b:c0:ce:
ff:1a:5b:b3:ba:bb:a1:4b:ef:11:80:0b:5a:0c:8a:
ef:ca:5b:ae:44:ae:8c:c3:c4:91:81:fa:1f:bf:b6:
88:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7D:7B:A2:35:8B:60:DB:53:FC:FC:FD:1E:9D:56:21:76:DB:DC:8F
X509v3 Authority Key Identifier:
keyid:0C:78:87:58:2D:83:D3:F0:87:68:2A:F8:78:0A:32:4A:35:3C:E7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DHiHWC2D0_CHaCr4eAoySjU854I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/IH17ojWLYNtT_Pz9Hp1WIXbb3I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/bff48f-0a30-478d-b2db-ad4a1da393a1/1/DHiHWC2D0_CHaCr4eAoySjU854I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.179.64.0-213.179.69.255
Signature Algorithm: sha256WithRSAEncryption
89:6f:18:db:3f:14:30:b8:ee:a9:d9:1f:67:16:17:3e:19:a8:
92:72:40:23:1a:de:ce:28:cc:30:50:eb:28:f9:b9:14:fe:af:
3c:bd:e2:4d:e4:be:0c:c3:b7:b3:0b:1f:7f:0c:fb:81:ff:dc:
67:19:82:79:59:ac:d3:6c:4e:00:7f:e5:fa:c7:83:83:6c:63:
f0:36:57:4a:15:5b:25:07:2d:7c:f5:b7:a6:93:2c:ee:18:3c:
15:d0:6c:6b:d8:9a:68:63:47:5d:7f:a2:3b:4a:0a:e4:c1:44:
ff:44:fb:9e:44:93:c1:a9:69:fd:06:28:ee:12:3f:4e:c5:8c:
0a:94:f2:d4:ec:e8:79:39:a7:bf:88:16:40:49:6f:4f:94:be:
a9:b9:98:9c:ae:3f:7f:6a:29:89:0a:01:d6:11:93:27:d8:3e:
4a:96:e9:10:9d:06:76:87:fa:cb:ec:02:49:cb:df:bf:80:dd:
4f:dd:8a:db:1c:1b:3e:44:1c:6a:bd:7b:32:62:99:70:75:a2:
4c:40:74:f9:92:02:f1:24:ad:69:a3:1c:18:85:4b:dc:2e:cb:
97:27:d8:2f:8c:fa:2e:a2:f4:87:9d:e9:f5:25:92:ab:03:5a:
10:b9:14:93:15:c2:8d:3f:be:69:ed:bb:4e:50:9c:e1:ce:d9:
7d:5a:e9:a9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZXMtVFnSqz8STxda/vF4PyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNzg4NzU4MmQ4M2QzZjA4NzY4MmFmODc4MGEzMjRhMzUz
Y2U3ODIwHhcNMjUwMzI1MDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDdkN2JhMjM1OGI2MGRiNTNmY2ZjZmQxZTlkNTYyMTc2ZGJkYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA272AeCv6nRY3t4woUiWr+Misz5z8
8eABe7n1FzleMn0Cq65EfBk8nJE7ZtjXlG+SOihkhw1LqcbRAYx8X2u/D1bbiTrj
jpXBRpcROY0KEWBrYSpkADAB+1fKQs6REQSwbjDN6FkjSkFf0/wu58l7g5jBy8PZ
6Y2dy97hVIIwx23N5+G9b0yauuOavTdtohlQ5XkedkyCAMTDODskltp3xKm2oHD9
hkSj6k0LPrhdYzbUSmF6/XXY4aYDnpUfxfxHr7Z+SP2FuRgIA106bSaKILGk8YDi
Pn8Qdt8Xbi5rwM7/GluzuruhS+8RgAtaDIrvyluuRK6Mw8SRgfofv7aILQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCB9e6I1i2DbU/z8/R6dViF229yPMB8GA1UdIwQY
MBaAFAx4h1gtg9Pwh2gq+HgKMko1POeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREhpSFdDMkQwX0NIYUNyNGVBb3lTalU4NTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZmY0OGYtMGEzMC00NzhkLWIyZGIt
YWQ0YTFkYTM5M2ExLzEvSUgxN29qV0xZTnRUX1B6OUhwMVdJWGJiM0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9iZmY0OGYtMGEzMC00NzhkLWIyZGItYWQ0YTFkYTM5M2Ex
LzEvREhpSFdDMkQwX0NIYUNyNGVBb3lTalU4NTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAbVs0AD
BAHVs0QwDQYJKoZIhvcNAQELBQADggEBAIlvGNs/FDC47qnZH2cWFz4ZqJJyQCMa
3s4ozDBQ6yj5uRT+rzy94k3kvgzDt7MLH38M+4H/3GcZgnlZrNNsTgB/5frHg4Ns
Y/A2V0oVWyUHLXz1t6aTLO4YPBXQbGvYmmhjR11/ojtKCuTBRP9E+55Ek8Gpaf0G
KO4SP07FjAqU8tTs6Hk5p7+IFkBJb0+Uvqm5mJyuP39qKYkKAdYRkyfYPkqW6RCd
BnaH+svsAknL37+A3U/ditscGz5EHGq9ezJimXB1okxAdPmSAvEkrWmjHBiFS9wu
y5cn2C+M+i6i9Ied6fUlkqsDWhC5FJMVwo0/vmntu05QnOHO2X1a6ak=
-----END CERTIFICATE-----
Generated at Mon Apr 28 16:31:59 2025 by rpki-client