Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/K4cz4DMsfeqiK4HsXVUX4B46zJI.roa
File: K4cz4DMsfeqiK4HsXVUX4B46zJI.roa (raw, json)
Hash identifier: na1AgayLSXASKeiw6gVjgkU6C5cSyA0P8F1Iq/+YNeE=
Subject key identifier: 2B:87:33:E0:33:2C:7D:EA:A2:2B:81:EC:5D:55:17:E0:1E:3A:CC:92
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01966232AD0458DA30C7D67D028F67E2FF78
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/K4cz4DMsfeqiK4HsXVUX4B46zJI.roa
Signing time: Wed 23 Apr 2025 10:30:10 +0000
ROA not before: Wed 23 Apr 2025 10:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 194.238.40.0/23 maxlen: 24
213.18.196.0/22 maxlen: 22
217.179.50.0/23 maxlen: 24
217.179.72.0/23 maxlen: 24
217.179.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 07:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:32:ad:04:58:da:30:c7:d6:7d:02:8f:67:e2:ff:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 23 10:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b8733e0332c7deaa22b81ec5d5517e01e3acc92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b4:da:c0:50:e7:72:45:37:14:5f:d7:f1:22:
5e:8b:e2:ec:38:88:35:08:95:3f:aa:1c:0d:d6:a1:
8f:53:1a:a7:6a:02:31:8a:90:e1:d5:10:2b:b3:58:
06:ad:09:68:eb:d3:4d:04:c4:fc:a9:fa:30:de:ce:
92:6c:7a:73:56:c4:eb:5b:02:fe:cf:af:b0:41:ad:
7c:ea:58:e5:e6:df:c0:dd:24:c0:7a:b3:29:d1:ce:
2a:b7:15:dd:47:0c:21:f2:fb:ad:04:6b:0a:65:09:
eb:cb:6e:f9:33:b8:69:73:35:f1:6d:7d:ca:04:50:
0a:e1:29:43:8d:49:6d:3f:96:d3:f9:97:1d:c3:28:
ba:de:98:2c:88:75:d1:4a:cd:89:22:f6:22:15:ac:
1d:2a:a2:98:6c:84:65:79:47:4f:e6:94:6f:c2:99:
4d:77:c4:f7:e4:ab:67:f1:2c:b0:d1:bf:57:d6:78:
9e:16:07:a4:ef:42:ec:e4:22:2e:9f:ca:bd:ed:22:
fd:70:18:21:91:75:33:58:f0:f4:1d:0b:c7:3a:cf:
27:46:ce:ac:1d:13:b4:b0:77:44:b2:7c:c9:39:d0:
d3:fe:fd:d2:d7:6b:fa:7d:b0:d0:44:a0:7e:4e:e8:
94:a5:aa:cd:b2:42:1a:89:33:b8:5b:ec:68:ad:b9:
7f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:87:33:E0:33:2C:7D:EA:A2:2B:81:EC:5D:55:17:E0:1E:3A:CC:92
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/K4cz4DMsfeqiK4HsXVUX4B46zJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.40.0/23
213.18.196.0/22
217.179.50.0/23
217.179.72.0/23
217.179.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:bf:68:61:e9:e2:5d:fd:0e:b4:5c:22:f9:23:98:5b:d5:d4:
ed:62:54:d5:33:7c:00:b6:0a:7b:f1:5a:b1:88:a8:e2:59:33:
9e:0c:3f:c2:9e:ff:0a:2f:6b:24:f1:94:98:db:ac:6b:d3:c7:
a9:e0:de:8f:3d:c2:07:f6:95:7c:fc:25:3d:74:d9:38:6c:84:
4c:75:0e:ec:8b:9f:0b:e8:14:ae:4f:ad:96:1f:c5:4b:4f:aa:
c7:f2:12:6e:c1:72:db:02:ce:51:3f:85:7c:16:f9:e9:1b:d1:
44:f6:94:33:13:e0:d4:29:1c:03:f3:75:dc:50:ec:ee:70:85:
ab:27:6e:5a:92:27:e8:7c:37:f0:e3:8b:75:92:79:15:0e:6e:
25:65:e7:bc:b9:bb:43:32:30:c5:42:f2:e4:ce:f4:af:cb:47:
fd:8f:70:51:9c:84:7e:0a:e5:3d:31:a6:d9:1e:06:b1:c4:d4:
5c:e8:30:a3:7f:68:63:66:65:dc:6c:5e:33:fa:b4:53:25:b7:
27:64:72:da:d6:2a:6b:f6:7a:bc:f6:71:6b:e5:71:95:91:ba:
f0:9b:fc:3d:1e:7c:bd:4d:b0:d1:27:29:4c:b1:53:f5:4c:4b:
0e:4d:ac:a8:5d:22:dd:7b:fc:29:8a:20:e7:0d:7a:03:9c:d9:
e3:ab:99:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZiMq0EWNowx9Z9Ao9n4v94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDIzMTAzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg3MzNlMDMzMmM3ZGVhYTIyYjgxZWM1ZDU1MTdlMDFlM2FjYzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bTawFDnckU3FF/X8SJei+LsOIg1
CJU/qhwN1qGPUxqnagIxipDh1RArs1gGrQlo69NNBMT8qfow3s6SbHpzVsTrWwL+
z6+wQa186ljl5t/A3STAerMp0c4qtxXdRwwh8vutBGsKZQnry275M7hpczXxbX3K
BFAK4SlDjUltP5bT+Zcdwyi63pgsiHXRSs2JIvYiFawdKqKYbIRleUdP5pRvwplN
d8T35Ktn8Syw0b9X1nieFgek70Ls5CIun8q97SL9cBghkXUzWPD0HQvHOs8nRs6s
HRO0sHdEsnzJOdDT/v3S12v6fbDQRKB+TuiUparNskIaiTO4W+xorbl/4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCuHM+AzLH3qoiuB7F1VF+AeOsySMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSzRjejRETXNmZXFpSzRIc1hWVVg0QjQ2ekpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwu4oAwQC
1RLEAwQB2bMyAwQB2bNIAwQC2bPkMA0GCSqGSIb3DQEBCwUAA4IBAQA+v2hh6eJd
/Q60XCL5I5hb1dTtYlTVM3wAtgp78VqxiKjiWTOeDD/Cnv8KL2sk8ZSY26xr08ep
4N6PPcIH9pV8/CU9dNk4bIRMdQ7si58L6BSuT62WH8VLT6rH8hJuwXLbAs5RP4V8
FvnpG9FE9pQzE+DUKRwD83XcUOzucIWrJ25akifofDfw44t1knkVDm4lZee8ubtD
MjDFQvLkzvSvy0f9j3BRnIR+CuU9MabZHgaxxNRc6DCjf2hjZmXcbF4z+rRTJbcn
ZHLa1ipr9nq89nFr5XGVkbrwm/w9Hny9TbDRJylMsVP1TEsOTayoXSLde/wpiiDn
DXoDnNnjq5mi
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:33:36 2025 by rpki-client