Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/9binQhHYpiTLO6SW9t1VDmhGgLA.roa
File: 9binQhHYpiTLO6SW9t1VDmhGgLA.roa (raw, json)
Hash identifier: CEJUa9JQ9JDJ07C07qLt+SgGMC/vI3iD3zOBO+I95zI=
Subject key identifier: F5:B8:A7:42:11:D8:A6:24:CB:3B:A4:96:F6:DD:55:0E:68:46:80:B0
Certificate issuer: /CN=79a3b2c3622df9e87982ea8350978a6c9875a7c8
Certificate serial: 019584C744B48D60CD4D48EE27AD8E0E5B51
Authority key identifier: 79:A3:B2:C3:62:2D:F9:E8:79:82:EA:83:50:97:8A:6C:98:75:A7:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaOyw2It-eh5guqDUJeKbJh1p8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/9binQhHYpiTLO6SW9t1VDmhGgLA.roa
Signing time: Tue 11 Mar 2025 10:36:46 +0000
ROA not before: Tue 11 Mar 2025 10:36:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215567
IP address blocks: 194.187.210.0/24 maxlen: 24
194.187.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 11:29:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:c7:44:b4:8d:60:cd:4d:48:ee:27:ad:8e:0e:5b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a3b2c3622df9e87982ea8350978a6c9875a7c8
Validity
Not Before: Mar 11 10:36:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5b8a74211d8a624cb3ba496f6dd550e684680b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8b:7c:ab:0c:64:c9:ab:f1:a2:0f:38:35:c7:
70:ca:07:3d:45:94:1c:63:e1:43:45:fe:80:68:6d:
3f:37:5b:6d:40:e4:bb:ba:74:f9:ab:a6:ae:03:ec:
57:54:ac:ff:45:cb:dc:e7:89:b3:49:92:17:b7:30:
fc:a1:54:7d:55:d0:da:d4:f2:42:26:98:06:35:53:
d7:f9:9f:d4:b1:15:51:0e:76:a9:d9:51:e4:21:e2:
d3:ed:ff:1b:04:50:c3:86:f3:eb:8a:75:ef:3e:d9:
ef:a7:77:15:c2:32:22:00:9e:34:17:d5:2a:2c:27:
32:0c:60:3e:1f:06:34:84:76:05:3a:9a:4b:39:92:
4e:e9:cc:33:66:4e:da:e3:66:cf:7e:3a:44:1d:0c:
c9:42:d7:9e:3c:15:a6:20:55:c4:60:a2:9d:83:ce:
75:81:55:c3:ef:21:c3:49:7d:1c:0e:8a:b2:48:61:
08:24:aa:45:4f:46:63:fa:ed:9b:5b:a8:66:57:25:
13:6c:ea:a4:87:01:c3:be:4c:b4:66:82:01:86:ac:
86:f5:da:94:b4:24:5d:4e:47:0d:9e:16:4b:e1:95:
cb:33:93:4e:dc:98:38:01:e0:d1:6d:fb:16:6f:15:
62:a9:9c:89:e8:a8:62:77:d6:f7:d7:0f:14:76:21:
7e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B8:A7:42:11:D8:A6:24:CB:3B:A4:96:F6:DD:55:0E:68:46:80:B0
X509v3 Authority Key Identifier:
keyid:79:A3:B2:C3:62:2D:F9:E8:79:82:EA:83:50:97:8A:6C:98:75:A7:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaOyw2It-eh5guqDUJeKbJh1p8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/9binQhHYpiTLO6SW9t1VDmhGgLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e5069b-1cad-45a4-a619-c24ff682f7ad/1/eaOyw2It-eh5guqDUJeKbJh1p8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.210.0/23
Signature Algorithm: sha256WithRSAEncryption
56:6b:d1:f2:1d:f7:b3:e3:b1:b9:8f:7c:01:59:4f:e5:34:07:
e7:b0:38:a6:83:97:7a:9d:72:db:d6:23:5d:28:74:15:47:75:
67:b5:56:65:09:85:76:2a:43:14:0c:23:bb:eb:ca:f1:72:2f:
1e:ca:30:05:25:26:1f:b8:ea:6a:2c:b4:fd:d5:ec:48:ed:14:
2e:ad:13:f7:07:91:3b:5c:e4:83:5c:23:77:c9:f1:70:f0:c8:
be:e3:3c:4d:10:56:7f:e9:c4:bf:e4:e7:be:ed:5e:09:b6:68:
6f:7c:e3:dd:cf:d8:23:36:8e:5c:05:7d:37:aa:80:02:98:be:
e2:7f:cf:0f:23:74:71:1c:03:63:07:be:a1:c5:1a:8b:f7:66:
1b:cf:13:50:d5:00:a8:1a:fb:1f:14:eb:a2:09:13:3e:d2:65:
fd:de:8a:2d:41:ca:92:fc:2c:58:98:4a:b1:e9:d2:5f:88:16:
1f:59:d5:6f:ac:28:f4:6a:0f:39:ed:fc:5c:41:75:26:f7:f0:
f6:70:82:ff:b5:bf:c2:d5:ac:78:0a:6b:4b:95:a9:d0:96:7c:
c4:bd:ad:30:b9:30:b8:1d:fd:19:05:5e:0a:36:fb:44:05:39:
4d:7c:ac:35:b5:70:02:a7:3f:45:2d:38:68:51:c5:53:cf:84:
f6:2e:8b:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWEx0S0jWDNTUjuJ62ODltRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTNiMmMzNjIyZGY5ZTg3OTgyZWE4MzUwOTc4YTZjOTg3
NWE3YzgwHhcNMjUwMzExMTAzNjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI4YTc0MjExZDhhNjI0Y2IzYmE0OTZmNmRkNTUwZTY4NDY4MGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnot8qwxkyavxog84Ncdwygc9RZQc
Y+FDRf6AaG0/N1ttQOS7unT5q6auA+xXVKz/Rcvc54mzSZIXtzD8oVR9VdDa1PJC
JpgGNVPX+Z/UsRVRDnap2VHkIeLT7f8bBFDDhvPrinXvPtnvp3cVwjIiAJ40F9Uq
LCcyDGA+HwY0hHYFOppLOZJO6cwzZk7a42bPfjpEHQzJQteePBWmIFXEYKKdg851
gVXD7yHDSX0cDoqySGEIJKpFT0Zj+u2bW6hmVyUTbOqkhwHDvky0ZoIBhqyG9dqU
tCRdTkcNnhZL4ZXLM5NO3Jg4AeDRbfsWbxViqZyJ6Khid9b31w8UdiF+2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPW4p0IR2KYkyzuklvbdVQ5oRoCwMB8GA1UdIwQY
MBaAFHmjssNiLfnoeYLqg1CXimyYdafIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFPeXcySXQtZWg1Z3VxRFVKZUtiSmgxcDhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9lNTA2OWItMWNhZC00NWE0LWE2MTkt
YzI0ZmY2ODJmN2FkLzEvOWJpblFoSFlwaVRMTzZTVzl0MVZEbWhHZ0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9lNTA2OWItMWNhZC00NWE0LWE2MTktYzI0ZmY2ODJmN2Fk
LzEvZWFPeXcySXQtZWg1Z3VxRFVKZUtiSmgxcDhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwrvSMA0G
CSqGSIb3DQEBCwUAA4IBAQBWa9HyHfez47G5j3wBWU/lNAfnsDimg5d6nXLb1iNd
KHQVR3VntVZlCYV2KkMUDCO768rxci8eyjAFJSYfuOpqLLT91exI7RQurRP3B5E7
XOSDXCN3yfFw8Mi+4zxNEFZ/6cS/5Oe+7V4JtmhvfOPdz9gjNo5cBX03qoACmL7i
f88PI3RxHANjB76hxRqL92YbzxNQ1QCoGvsfFOuiCRM+0mX93ootQcqS/CxYmEqx
6dJfiBYfWdVvrCj0ag857fxcQXUm9/D2cIL/tb/C1ax4CmtLlanQlnzEva0wuTC4
Hf0ZBV4KNvtEBTlNfKw1tXACpz9FLThoUcVTz4T2LouG
-----END CERTIFICATE-----
Generated at Sat May 3 12:35:06 2025 by rpki-client