Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ra9wWQEn1m0vy98pvAyAjey8khI.roa
File: ra9wWQEn1m0vy98pvAyAjey8khI.roa (raw, json)
Hash identifier: sZQYITyNpAMeXFR4GFKT4D+nmwp8yW47qMpPdX0S1rQ=
Subject key identifier: AD:AF:70:59:01:27:D6:6D:2F:CB:DF:29:BC:0C:80:8D:EC:BC:92:12
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194EED280D25620EDC21CB48E27233B459C
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ra9wWQEn1m0vy98pvAyAjey8khI.roa
Signing time: Mon 10 Feb 2025 07:46:00 +0000
ROA not before: Mon 10 Feb 2025 07:46:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4515
IP address blocks: 213.18.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 12 Feb 2025 11:52:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ee:d2:80:d2:56:20:ed:c2:1c:b4:8e:27:23:3b:45:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 10 07:46:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adaf70590127d66d2fcbdf29bc0c808decbc9212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:89:61:c6:6e:43:1c:2f:bb:9a:d3:a7:56:b7:
9a:2d:f9:89:41:96:69:d5:da:ca:5c:e3:b0:a4:79:
c4:e9:7a:7e:d6:0d:1f:0c:40:5f:15:15:60:2f:20:
fe:58:3d:ef:1a:d6:ab:24:ed:38:7d:dc:bd:a7:a2:
c6:34:9f:af:dd:91:9a:2a:11:be:4b:bf:1b:55:00:
87:27:0a:ed:f0:19:8e:61:94:f4:d5:4a:b2:44:51:
2a:24:d3:9d:71:4e:25:4c:e5:c6:5b:03:b2:ac:39:
9b:6e:f6:2f:0b:8d:8f:e2:4e:dc:40:1f:17:81:c2:
0e:09:93:e9:30:35:8f:65:e4:74:44:f5:23:6c:e4:
46:51:bd:94:98:71:59:e6:d6:09:0d:cc:bf:3e:77:
1c:63:8c:03:28:fa:2e:d2:dc:af:ec:5e:4f:d6:75:
b1:20:57:b2:2a:3d:ca:a6:bb:a0:2e:13:45:6e:46:
48:81:72:8c:30:72:9a:24:a5:c6:c5:14:7a:b7:dc:
ae:cf:44:1d:bd:63:13:a2:28:52:38:e4:42:28:9c:
61:1c:2f:7c:3d:71:08:d9:2e:07:20:3f:e6:f6:a5:
6f:51:ad:c8:36:7e:00:d7:bf:78:96:32:73:dc:d2:
4c:cf:e2:b9:06:8e:33:cb:bc:4e:e7:1c:17:38:e2:
67:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:70:59:01:27:D6:6D:2F:CB:DF:29:BC:0C:80:8D:EC:BC:92:12
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/ra9wWQEn1m0vy98pvAyAjey8khI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.18.196.0/22
Signature Algorithm: sha256WithRSAEncryption
74:fd:f1:43:04:bb:5c:df:18:19:2a:e4:c8:02:bb:ba:39:a8:
21:d3:46:dc:c0:73:b1:3b:1b:0c:1c:45:4e:7d:42:00:31:5b:
d7:67:cb:38:7c:34:28:00:18:a6:90:2d:91:ca:9e:93:af:fe:
05:09:88:a8:93:76:f0:93:26:f3:4c:d3:86:90:a4:b9:e8:94:
63:30:f6:04:e8:fb:fd:e1:0e:fe:eb:ef:68:fe:83:16:7e:1a:
46:31:b0:7e:ae:5d:c6:6f:7d:ef:6c:d9:69:b4:15:9c:8b:cc:
e8:f0:5a:ab:f0:16:83:52:9f:c9:d1:82:79:d8:de:49:21:1b:
de:ef:60:22:1c:7a:94:92:6b:0d:ae:b7:70:a0:33:56:2e:38:
2f:91:31:44:44:b6:69:4d:19:cf:ff:5a:43:3d:1d:4c:c3:a0:
58:b2:34:25:77:39:46:0a:8a:e2:07:1b:12:e4:5b:c3:6b:5a:
33:7c:81:6f:57:19:7a:2c:84:e3:2f:6f:6e:75:2a:fe:87:04:
f8:1e:62:fc:e2:24:e9:6d:ab:b8:7f:aa:46:7d:af:c3:e2:56:
32:1d:3c:05:ad:fb:83:23:02:4d:33:d2:7c:f4:76:9c:e7:e3:
77:aa:ec:f0:c4:30:52:49:70:c0:68:20:64:3b:44:31:dd:c9:
63:e5:fe:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTu0oDSViDtwhy0jicjO0WcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjEwMDc0NjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFmNzA1OTAxMjdkNjZkMmZjYmRmMjliYzBjODA4ZGVjYmM5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4lhxm5DHC+7mtOnVreaLfmJQZZp
1drKXOOwpHnE6Xp+1g0fDEBfFRVgLyD+WD3vGtarJO04fdy9p6LGNJ+v3ZGaKhG+
S78bVQCHJwrt8BmOYZT01UqyRFEqJNOdcU4lTOXGWwOyrDmbbvYvC42P4k7cQB8X
gcIOCZPpMDWPZeR0RPUjbORGUb2UmHFZ5tYJDcy/PnccY4wDKPou0tyv7F5P1nWx
IFeyKj3KprugLhNFbkZIgXKMMHKaJKXGxRR6t9yuz0QdvWMToihSOORCKJxhHC98
PXEI2S4HID/m9qVvUa3INn4A1794ljJz3NJMz+K5Bo4zy7xO5xwXOOJnVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2vcFkBJ9ZtL8vfKbwMgI3svJISMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvcmE5d1dRRW4xbTB2eTk4cHZBeUFqZXk4a2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1RLEMA0G
CSqGSIb3DQEBCwUAA4IBAQB0/fFDBLtc3xgZKuTIAru6Oagh00bcwHOxOxsMHEVO
fUIAMVvXZ8s4fDQoABimkC2Ryp6Tr/4FCYiok3bwkybzTNOGkKS56JRjMPYE6Pv9
4Q7+6+9o/oMWfhpGMbB+rl3Gb33vbNlptBWci8zo8Fqr8BaDUp/J0YJ52N5JIRve
72AiHHqUkmsNrrdwoDNWLjgvkTFERLZpTRnP/1pDPR1Mw6BYsjQldzlGCoriBxsS
5FvDa1ozfIFvVxl6LITjL29udSr+hwT4HmL84iTpbau4f6pGfa/D4lYyHTwFrfuD
IwJNM9J89Hac5+N3quzwxDBSSXDAaCBkO0Qx3clj5f5f
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:04:25 2025 by rpki-client