Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ertowBIusXzVsOuF_-P1fFrhyKA.roa
File: ertowBIusXzVsOuF_-P1fFrhyKA.roa (raw, json)
Hash identifier: xMOwJwFgR169Y6pp1Q9AG0NCqQFH+9PwtdQ13v84WEk=
Subject key identifier: 7A:BB:68:C0:12:2E:B1:7C:D5:B0:EB:85:FF:E3:F5:7C:5A:E1:C8:A0
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 0195676106992CC32C1F091F1629A6D5A324
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ertowBIusXzVsOuF_-P1fFrhyKA.roa
Signing time: Wed 05 Mar 2025 17:36:06 +0000
ROA not before: Wed 05 Mar 2025 17:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 80.246.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 14:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:61:06:99:2c:c3:2c:1f:09:1f:16:29:a6:d5:a3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Mar 5 17:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7abb68c0122eb17cd5b0eb85ffe3f57c5ae1c8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:38:ae:5c:dc:8c:ec:46:2f:4b:55:af:be:f3:
b3:45:c4:54:e1:cd:30:54:d4:bd:4b:f6:e6:4a:fb:
4f:31:8c:be:11:50:ed:4b:b9:75:4e:e7:b3:49:88:
13:f6:0d:85:07:1e:31:c7:9f:88:7a:05:42:ea:87:
4e:2e:92:c4:1a:f7:90:1e:aa:ff:b4:65:0b:88:19:
74:eb:d1:2c:24:4b:06:05:6f:20:ee:02:dd:0d:82:
2f:bf:5f:19:8c:79:ab:34:7d:50:e9:7d:c3:ee:95:
96:cd:1e:e8:57:38:59:1a:3c:db:45:7f:9b:81:2a:
bd:8e:bd:ee:06:c8:f7:ea:31:06:29:39:df:5b:d4:
51:69:f2:d4:69:d3:51:41:7f:41:14:49:ca:46:da:
cf:1b:26:be:0b:77:d2:c1:68:f2:0c:d5:16:ce:7d:
cb:04:2b:a4:e2:2a:85:1f:ef:f2:bb:02:e3:5e:67:
9d:ce:1e:ef:ef:ea:04:33:a4:38:a7:4a:a3:7c:af:
84:a2:5b:77:4a:43:78:fb:45:96:65:c9:bb:67:1a:
cd:f5:33:47:94:14:fd:6c:5b:9a:e3:40:6b:28:d3:
f0:8d:e0:b3:14:a7:2c:23:20:ef:df:91:71:2a:89:
ee:81:05:a5:5a:df:9c:2c:eb:7c:6b:0d:9a:7f:81:
89:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BB:68:C0:12:2E:B1:7C:D5:B0:EB:85:FF:E3:F5:7C:5A:E1:C8:A0
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/ertowBIusXzVsOuF_-P1fFrhyKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.230.0/24
Signature Algorithm: sha256WithRSAEncryption
04:e9:4c:cf:f4:33:50:34:78:23:8a:ed:d8:d1:e5:2f:83:19:
b2:32:b7:ad:9b:e5:bc:f2:16:ca:45:47:83:34:a6:1a:45:34:
e9:99:2c:85:a9:a0:44:19:0a:03:17:6b:5a:45:e1:f7:ef:4a:
4d:01:22:51:57:73:06:9f:ce:ee:f0:e9:ed:b5:63:b4:cd:02:
20:cd:97:99:3f:fc:5b:ac:01:c5:45:4d:48:98:71:8f:41:76:
70:b2:31:16:03:17:67:01:c8:cd:ad:53:f7:c7:0d:19:cf:6d:
19:64:4c:ca:ef:0c:93:e5:01:9f:0b:88:49:1b:bf:e6:5d:4f:
03:5a:c5:6a:3c:15:16:a6:c4:cf:84:c4:96:5b:8e:cc:fa:b0:
26:0b:03:f6:d2:5a:85:bf:b7:1b:75:8a:eb:01:bd:b1:de:46:
d4:ac:43:c7:74:c5:0a:77:49:38:fa:bc:ca:4c:36:4f:68:89:
92:99:80:1b:e7:5f:e7:cf:25:43:50:d4:41:d3:27:4e:d4:57:
ce:43:17:bb:df:22:7a:dd:c5:31:de:9b:e7:7a:70:30:8f:ce:
22:07:49:70:a9:94:17:c3:12:60:fb:c5:ed:5b:50:39:2d:ad:
23:9a:fb:c4:c1:f6:0c:df:e0:65:d4:3c:a1:61:b5:cf:76:11:
b8:da:ac:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVnYQaZLMMsHwkfFimm1aMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjUwMzA1MTczNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJiNjhjMDEyMmViMTdjZDViMGViODVmZmUzZjU3YzVhZTFjOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwziuXNyM7EYvS1WvvvOzRcRU4c0w
VNS9S/bmSvtPMYy+EVDtS7l1TuezSYgT9g2FBx4xx5+IegVC6odOLpLEGveQHqr/
tGULiBl069EsJEsGBW8g7gLdDYIvv18ZjHmrNH1Q6X3D7pWWzR7oVzhZGjzbRX+b
gSq9jr3uBsj36jEGKTnfW9RRafLUadNRQX9BFEnKRtrPGya+C3fSwWjyDNUWzn3L
BCuk4iqFH+/yuwLjXmedzh7v7+oEM6Q4p0qjfK+Eolt3SkN4+0WWZcm7ZxrN9TNH
lBT9bFua40BrKNPwjeCzFKcsIyDv35FxKonugQWlWt+cLOt8aw2af4GJdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHq7aMASLrF81bDrhf/j9Xxa4cigMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvZXJ0b3dCSXVzWHpWc091Rl8tUDFmRnJoeUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUPbmMA0G
CSqGSIb3DQEBCwUAA4IBAQAE6UzP9DNQNHgjiu3Y0eUvgxmyMretm+W88hbKRUeD
NKYaRTTpmSyFqaBEGQoDF2taReH370pNASJRV3MGn87u8OnttWO0zQIgzZeZP/xb
rAHFRU1ImHGPQXZwsjEWAxdnAcjNrVP3xw0Zz20ZZEzK7wyT5QGfC4hJG7/mXU8D
WsVqPBUWpsTPhMSWW47M+rAmCwP20lqFv7cbdYrrAb2x3kbUrEPHdMUKd0k4+rzK
TDZPaImSmYAb51/nzyVDUNRB0ydO1FfOQxe73yJ63cUx3pvnenAwj84iB0lwqZQX
wxJg+8XtW1A5La0jmvvEwfYM3+Bl1DyhYbXPdhG42qzh
-----END CERTIFICATE-----
Generated at Thu May 1 16:59:45 2025 by rpki-client