Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/6dUCQVSzwxHbcenhpkp8nQSgtho.roa
File: 6dUCQVSzwxHbcenhpkp8nQSgtho.roa (raw, json)
Hash identifier: LX0b7TTC/P6UrbJUy5PxkbCeTJc6QoDxMocRmmiyAlc=
Subject key identifier: E9:D5:02:41:54:B3:C3:11:DB:71:E9:E1:A6:4A:7C:9D:04:A0:B6:1A
Certificate issuer: /CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Certificate serial: 0195948CCB36278AB58C32A31060D4718C2F
Authority key identifier: 87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/6dUCQVSzwxHbcenhpkp8nQSgtho.roa
Signing time: Fri 14 Mar 2025 12:06:49 +0000
ROA not before: Fri 14 Mar 2025 12:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 188.211.169.0/24 maxlen: 24
193.163.93.0/24 maxlen: 24
2a11:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 24 Mar 2025 15:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:8c:cb:36:27:8a:b5:8c:32:a3:10:60:d4:71:8c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870e2a207f6977214a957a8e148d1f8b5a5cd082
Validity
Not Before: Mar 14 12:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9d5024154b3c311db71e9e1a64a7c9d04a0b61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:8e:74:c3:f5:bb:c0:7e:00:df:e9:42:c3:
20:b9:fc:96:c1:e0:46:19:65:6f:37:56:35:1f:a8:
57:e3:17:f6:d0:cc:c2:14:26:a5:ca:ed:1f:73:e6:
c8:cb:cb:d7:f8:9a:b8:59:58:ba:9b:a6:d4:f5:fe:
35:20:b2:b5:be:c9:9b:62:39:4b:99:2c:3c:e4:c6:
2d:50:0a:8d:6e:b7:69:33:39:3a:39:7d:6c:42:03:
cc:37:e5:80:d7:60:c8:49:9d:09:1a:0f:c1:55:45:
c0:3a:4e:21:4f:a5:67:da:a1:80:83:9e:9f:cb:dd:
22:72:a5:3c:5f:70:4a:d6:e2:d4:d6:73:f5:ac:83:
0e:68:81:3e:12:60:b6:14:0b:f0:ea:95:ee:a3:0d:
c2:69:d9:a5:df:31:67:a1:24:0b:04:d6:05:fe:d5:
bb:29:d3:f1:53:34:94:b7:fd:39:06:2e:e5:ec:12:
61:d6:a2:4d:37:94:cc:d0:be:a8:59:84:1e:68:da:
7e:14:54:ae:a3:f1:8b:19:cf:b7:d8:7d:ca:41:eb:
4d:74:b0:03:7e:2a:26:6e:a9:22:45:67:51:e3:e4:
7f:ef:40:64:09:96:2e:c7:75:66:1c:76:8e:e9:b9:
c8:b5:6d:8a:6a:c3:94:04:71:b5:c8:82:ea:d5:a9:
6d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D5:02:41:54:B3:C3:11:DB:71:E9:E1:A6:4A:7C:9D:04:A0:B6:1A
X509v3 Authority Key Identifier:
keyid:87:0E:2A:20:7F:69:77:21:4A:95:7A:8E:14:8D:1F:8B:5A:5C:D0:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hw4qIH9pdyFKlXqOFI0fi1pc0II.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/6dUCQVSzwxHbcenhpkp8nQSgtho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/421158-f0c6-4619-afa5-8a94687dba6f/1/hw4qIH9pdyFKlXqOFI0fi1pc0II.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.211.169.0/24
193.163.93.0/24
IPv6:
2a11:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
58:89:c9:f4:2a:93:77:46:4a:3a:59:47:fe:a7:86:18:8e:ca:
7e:8b:e7:8d:be:07:50:55:6c:92:af:13:65:8e:55:d0:41:e2:
f8:fa:8f:47:7d:d6:e0:4e:79:c3:56:ce:0c:75:3c:bc:b6:e6:
02:62:2f:91:3d:1a:d4:ef:6e:46:d6:77:75:7f:74:c9:89:fc:
48:19:50:d8:0d:78:75:a1:8b:5f:d0:b4:39:bf:fc:18:05:24:
43:61:3d:e1:9d:ad:2d:6b:aa:de:ea:bb:05:e3:e0:1c:39:9c:
76:eb:4b:78:5e:0e:d8:e6:2c:ef:af:89:61:f0:a7:a0:21:79:
1b:e7:5c:b6:73:53:1c:a9:ba:b1:a3:ae:c7:ce:2b:e1:c6:5f:
78:5c:a5:1c:c5:20:2c:67:b6:af:82:03:48:ad:af:99:47:6c:
dc:46:5d:03:4a:d3:ce:5c:cc:47:3c:95:4b:f0:75:4e:52:41:
8d:f9:a5:b0:df:65:53:9f:fa:05:38:8d:ea:2e:4e:54:aa:fe:
d5:3f:eb:46:00:fd:48:1d:a6:23:19:c8:e8:16:35:ca:e2:d1:
dd:b3:2b:eb:e0:7d:2f:f3:80:49:c0:fc:22:54:5c:78:f4:20:
dc:2c:db:96:41:7b:5c:d3:a4:d6:18:73:43:22:4f:ae:01:42:
d7:2e:55:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZWUjMs2J4q1jDKjEGDUcYwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGUyYTIwN2Y2OTc3MjE0YTk1N2E4ZTE0OGQxZjhiNWE1
Y2QwODIwHhcNMjUwMzE0MTIwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ1MDI0MTU0YjNjMzExZGI3MWU5ZTFhNjRhN2M5ZDA0YTBiNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS+OdMP1u8B+AN/pQsMgufyWweBG
GWVvN1Y1H6hX4xf20MzCFCalyu0fc+bIy8vX+Jq4WVi6m6bU9f41ILK1vsmbYjlL
mSw85MYtUAqNbrdpMzk6OX1sQgPMN+WA12DISZ0JGg/BVUXAOk4hT6Vn2qGAg56f
y90icqU8X3BK1uLU1nP1rIMOaIE+EmC2FAvw6pXuow3Cadml3zFnoSQLBNYF/tW7
KdPxUzSUt/05Bi7l7BJh1qJNN5TM0L6oWYQeaNp+FFSuo/GLGc+32H3KQetNdLAD
fiombqkiRWdR4+R/70BkCZYux3VmHHaO6bnItW2KasOUBHG1yILq1altxQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOnVAkFUs8MR23Hp4aZKfJ0EoLYaMB8GA1UdIwQY
MBaAFIcOKiB/aXchSpV6jhSNH4taXNCCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUt
OGE5NDY4N2RiYTZmLzEvNmRVQ1FWU3p3eEhiY2VuaHBrcDhuUVNndGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80MjExNTgtZjBjNi00NjE5LWFmYTUtOGE5NDY4N2RiYTZm
LzEvaHc0cUlIOXBkeUZLbFhxT0ZJMGZpMXBjMElJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvNOpAwQA
waNdMA0EAgACMAcDBQMqER9AMA0GCSqGSIb3DQEBCwUAA4IBAQBYicn0KpN3Rko6
WUf+p4YYjsp+i+eNvgdQVWySrxNljlXQQeL4+o9HfdbgTnnDVs4MdTy8tuYCYi+R
PRrU725G1nd1f3TJifxIGVDYDXh1oYtf0LQ5v/wYBSRDYT3hna0ta6re6rsF4+Ac
OZx260t4Xg7Y5izvr4lh8KegIXkb51y2c1Mcqbqxo67Hzivhxl94XKUcxSAsZ7av
ggNIra+ZR2zcRl0DStPOXMxHPJVL8HVOUkGN+aWw32VTn/oFOI3qLk5Uqv7VP+tG
AP1IHaYjGcjoFjXK4tHdsyvr4H0v84BJwPwiVFx49CDcLNuWQXtc06TWGHNDIk+u
AULXLlU0
-----END CERTIFICATE-----
Generated at Wed Apr 30 07:49:32 2025 by rpki-client