Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w1vWv3A_32-lp9vGW6PZ77YMTlg.roa
File: w1vWv3A_32-lp9vGW6PZ77YMTlg.roa (raw, json)
Hash identifier: 9JWSSqKDfxrc4n9RoKW8Hp8HUKgXjI+nX2mpBThjLIw=
Subject key identifier: C3:5B:D6:BF:70:3F:DF:6F:A5:A7:DB:C6:5B:A3:D9:EF:B6:0C:4E:58
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143D81FCB33185589140EC1C9BAD5C9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w1vWv3A_32-lp9vGW6PZ77YMTlg.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 194.105.90.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d8:1f:cb:33:18:55:89:14:0e:c1:c9:ba:d5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c35bd6bf703fdf6fa5a7dbc65ba3d9efb60c4e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6c:9f:f7:ec:0e:e9:27:95:10:b2:93:2d:5e:
31:56:fe:02:f9:99:39:09:dd:1d:29:78:23:a8:b7:
41:fb:ea:a8:c7:7e:46:30:0c:ec:44:e4:f0:4a:06:
26:ff:3a:24:b1:5f:09:f5:29:03:e1:27:a1:2d:89:
02:b3:d7:32:aa:71:e6:7c:ec:8b:92:fb:88:e9:1b:
45:d0:ba:e7:68:d9:6b:0e:9a:c4:ac:68:6e:57:04:
5c:f3:5b:03:7f:ab:85:c2:82:f2:b2:c3:3c:16:b3:
bb:5b:0c:e5:42:fd:9d:e1:3b:d7:03:fc:ff:06:cc:
10:19:98:73:11:81:f6:77:97:67:2f:e6:71:71:4b:
f0:9e:e9:82:b9:2e:6b:35:06:fa:a6:b7:cb:fa:7f:
80:af:28:a0:6e:fa:97:97:7f:c9:53:bd:54:12:ea:
d9:e8:b1:e6:db:7e:c0:57:21:db:af:01:de:bb:e5:
f3:d3:7e:5e:0b:ec:4f:ba:ad:1f:e1:e5:32:c4:59:
b3:6f:d9:70:49:e6:81:a1:e6:ab:2e:ee:af:f1:cf:
35:5e:de:e2:88:90:4d:8e:10:16:69:f0:83:af:12:
69:45:f1:0f:f0:69:5e:af:4d:df:ba:af:19:cd:ee:
af:64:82:a3:81:03:2c:d4:9a:74:ff:6a:51:57:7a:
3d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:5B:D6:BF:70:3F:DF:6F:A5:A7:DB:C6:5B:A3:D9:EF:B6:0C:4E:58
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w1vWv3A_32-lp9vGW6PZ77YMTlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.105.90.0/24
213.130.138.0/24
Signature Algorithm: sha256WithRSAEncryption
64:f9:db:5d:41:d7:97:16:10:d9:5d:db:3a:8f:0b:79:9b:bf:
98:74:b2:d6:7a:a8:b5:f0:9b:2a:0c:1a:b7:6b:12:c3:5d:11:
5f:26:a0:b3:1f:98:61:d7:67:e5:77:c9:29:d7:c5:8c:9f:81:
1d:92:e0:3c:fc:04:00:c1:d3:89:13:db:cd:8f:84:35:2a:01:
26:f7:39:3a:5a:bd:ce:a4:ee:d1:d9:e4:6f:6c:65:a3:7a:05:
ca:7e:15:25:ce:2b:d6:1d:e4:f3:34:c7:2e:ba:46:10:df:3a:
33:2f:44:b7:8d:18:46:f4:6b:df:16:7e:7f:f7:a2:f2:34:a3:
bc:dd:e4:90:b8:f8:31:49:ad:a4:e4:d6:10:3f:9c:3d:19:d3:
fb:78:b4:e4:cb:45:f9:17:28:5a:c7:f7:01:6f:0c:66:e5:fd:
7c:03:3b:b2:a8:47:dd:c8:b2:d6:ca:68:95:8e:c8:1c:f3:9a:
fa:04:f8:e0:4c:d8:ae:1a:14:8d:3e:ce:a2:f1:2f:1f:36:d2:
9a:ee:03:6a:fc:8a:ce:d1:17:44:79:30:e9:2c:3c:81:f0:d2:
69:1e:c3:c7:0b:7a:df:9e:b0:ca:c9:d4:1a:65:8f:3a:63:41:
dd:c4:94:9d:16:90:38:03:b2:a0:25:74:db:65:3c:64:6d:c3:
74:36:4b:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ9gfyzMYVYkUDsHJutXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzViZDZiZjcwM2ZkZjZmYTVhN2RiYzY1YmEzZDllZmI2MGM0ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Gyf9+wO6SeVELKTLV4xVv4C+Zk5
Cd0dKXgjqLdB++qox35GMAzsROTwSgYm/zoksV8J9SkD4SehLYkCs9cyqnHmfOyL
kvuI6RtF0LrnaNlrDprErGhuVwRc81sDf6uFwoLyssM8FrO7WwzlQv2d4TvXA/z/
BswQGZhzEYH2d5dnL+ZxcUvwnumCuS5rNQb6prfL+n+AryigbvqXl3/JU71UEurZ
6LHm237AVyHbrwHeu+Xz035eC+xPuq0f4eUyxFmzb9lwSeaBoearLu6v8c81Xt7i
iJBNjhAWafCDrxJpRfEP8Gler03fuq8Zze6vZIKjgQMs1Jp0/2pRV3o9UQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMNb1r9wP99vpafbxluj2e+2DE5YMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdzF2V3YzQV8zMi1scDl2R1c2UFo3N1lNVGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmlaAwQA
1YKKMA0GCSqGSIb3DQEBCwUAA4IBAQBk+dtdQdeXFhDZXds6jwt5m7+YdLLWeqi1
8JsqDBq3axLDXRFfJqCzH5hh12fld8kp18WMn4EdkuA8/AQAwdOJE9vNj4Q1KgEm
9zk6Wr3OpO7R2eRvbGWjegXKfhUlzivWHeTzNMcuukYQ3zozL0S3jRhG9GvfFn5/
96LyNKO83eSQuPgxSa2k5NYQP5w9GdP7eLTky0X5Fyhax/cBbwxm5f18AzuyqEfd
yLLWymiVjsgc85r6BPjgTNiuGhSNPs6i8S8fNtKa7gNq/IrO0RdEeTDpLDyB8NJp
HsPHC3rfnrDKydQaZY86Y0HdxJSdFpA4A7KgJXTbZTxkbcN0Nkuz
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:05:23 2025 by rpki-client