Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/dXB0-73hj9L2qL74MaBClG6nPO4.roa
File: dXB0-73hj9L2qL74MaBClG6nPO4.roa (raw, json)
Hash identifier: KAKpfKpBKfdhEwll2Ug9e9XvuP+bR+hnXcuN/XZT2kE=
Subject key identifier: 75:70:74:FB:BD:E1:8F:D2:F6:A8:BE:F8:31:A0:42:94:6E:A7:3C:EE
Certificate issuer: /CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Certificate serial: 0194CB601BA5265CC24D5D235A84B0FE2C45
Authority key identifier: 7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/dXB0-73hj9L2qL74MaBClG6nPO4.roa
Signing time: Mon 03 Feb 2025 10:34:20 +0000
ROA not before: Mon 03 Feb 2025 10:34:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213744
IP address blocks: 91.142.129.0/24 maxlen: 24
212.233.68.0/24 maxlen: 24
212.233.69.0/24 maxlen: 24
212.233.70.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 03 Feb 2025 10:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:60:1b:a5:26:5c:c2:4d:5d:23:5a:84:b0:fe:2c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7abe11843dbe80340b2460fc160ec6b9b88f222a
Validity
Not Before: Feb 3 10:34:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=757074fbbde18fd2f6a8bef831a042946ea73cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:10:67:a6:4e:ef:a9:3a:b4:fc:d1:55:05:b9:
86:a8:fd:7f:86:e3:6e:a5:6f:6e:a7:6d:51:3c:72:
5c:19:0c:75:ed:c4:7e:1b:f5:b4:d4:00:85:13:ac:
e0:7c:d6:60:84:ca:fd:69:e0:16:6f:5e:41:b4:d8:
86:14:c2:d2:6f:ba:d0:70:d5:e5:de:14:b9:eb:2a:
3d:c5:1e:82:d3:68:60:25:f2:92:bb:cd:c6:db:5c:
6b:26:6f:86:59:73:34:d7:c4:15:2f:e7:b1:b7:f3:
b7:bc:ab:14:34:20:35:78:d3:d1:df:44:90:76:57:
b4:4f:de:95:31:d7:94:bb:d5:7b:d7:8f:96:e5:82:
c1:84:ef:cf:97:d3:c9:51:e8:56:fd:4e:de:62:00:
87:45:8a:2f:65:77:7e:d4:76:08:59:bc:5b:49:4d:
1f:b3:81:9c:ca:3d:4f:d1:67:3e:31:56:32:4d:3d:
cd:df:e9:52:07:46:b6:b0:89:af:da:5c:05:06:4f:
46:1b:95:ba:ba:be:a4:da:fa:3b:77:23:a3:e7:41:
12:74:13:99:36:a2:b0:14:3a:a8:d5:42:73:ce:83:
ba:61:11:7a:56:e5:2d:6e:65:ff:7e:39:28:b4:57:
12:cc:c3:4b:bf:9e:38:d6:73:52:40:1d:85:72:f6:
0f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:70:74:FB:BD:E1:8F:D2:F6:A8:BE:F8:31:A0:42:94:6E:A7:3C:EE
X509v3 Authority Key Identifier:
keyid:7A:BE:11:84:3D:BE:80:34:0B:24:60:FC:16:0E:C6:B9:B8:8F:22:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/er4RhD2-gDQLJGD8Fg7GubiPIio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/dXB0-73hj9L2qL74MaBClG6nPO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/623561-0715-4277-a0be-3411c6fb4fca/1/er4RhD2-gDQLJGD8Fg7GubiPIio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.129.0/24
212.233.68.0/22
Signature Algorithm: sha256WithRSAEncryption
86:e2:d9:c3:31:4c:c0:a8:54:f7:78:96:52:93:72:7b:48:55:
95:2d:49:05:26:c5:2d:07:a9:30:4a:ab:7b:7e:6f:07:e9:ca:
fe:9e:0d:11:f2:1a:1f:af:47:c6:69:19:cb:dc:79:81:8e:46:
f2:1f:a0:b8:c9:19:c6:0a:77:15:71:ba:49:77:fe:cf:d6:e2:
12:70:ca:20:ed:f2:04:75:b6:61:c1:4b:f5:8e:4c:83:5c:2f:
94:2f:ce:35:5f:f7:60:b8:37:46:ad:40:46:ec:a3:95:14:b3:
57:1d:32:fa:12:6d:05:54:3a:e0:50:9c:fe:a1:06:20:23:ae:
a5:21:69:2d:46:2c:0a:d2:2a:45:38:05:42:df:8a:e1:89:12:
d9:49:20:c2:67:78:f2:56:fb:80:48:a3:b1:db:b8:e9:48:1c:
c5:1e:ce:4d:ba:f5:b1:66:44:de:a0:8e:1b:cc:cc:22:dd:ef:
34:e4:f6:12:21:2c:86:db:7a:8b:36:d7:4b:14:5e:e3:de:b8:
1f:0b:24:d0:a0:d6:b9:77:b9:fa:fe:19:d3:40:ec:d5:b5:5d:
83:cf:62:61:2d:45:81:73:f2:5c:45:c6:a8:cd:12:2a:aa:0a:
d2:37:b6:47:69:09:4e:d3:65:84:ca:a1:90:e1:27:8d:22:c2:
56:ad:1d:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTLYBulJlzCTV0jWoSw/ixFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYmUxMTg0M2RiZTgwMzQwYjI0NjBmYzE2MGVjNmI5Yjg4
ZjIyMmEwHhcNMjUwMjAzMTAzNDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTcwNzRmYmJkZTE4ZmQyZjZhOGJlZjgzMWEwNDI5NDZlYTczY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxBnpk7vqTq0/NFVBbmGqP1/huNu
pW9up21RPHJcGQx17cR+G/W01ACFE6zgfNZghMr9aeAWb15BtNiGFMLSb7rQcNXl
3hS56yo9xR6C02hgJfKSu83G21xrJm+GWXM018QVL+ext/O3vKsUNCA1eNPR30SQ
dle0T96VMdeUu9V714+W5YLBhO/Pl9PJUehW/U7eYgCHRYovZXd+1HYIWbxbSU0f
s4Gcyj1P0Wc+MVYyTT3N3+lSB0a2sImv2lwFBk9GG5W6ur6k2vo7dyOj50ESdBOZ
NqKwFDqo1UJzzoO6YRF6VuUtbmX/fjkotFcSzMNLv5441nNSQB2FcvYP6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHVwdPu94Y/S9qi++DGgQpRupzzuMB8GA1UdIwQY
MBaAFHq+EYQ9voA0CyRg/BYOxrm4jyIqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUt
MzQxMWM2ZmI0ZmNhLzEvZFhCMC03M2hqOUwycUw3NE1hQkNsRzZuUE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82MjM1NjEtMDcxNS00Mjc3LWEwYmUtMzQxMWM2ZmI0ZmNh
LzEvZXI0UmhEMi1nRFFMSkdEOEZnN0d1YmlQSWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW46BAwQC
1OlEMA0GCSqGSIb3DQEBCwUAA4IBAQCG4tnDMUzAqFT3eJZSk3J7SFWVLUkFJsUt
B6kwSqt7fm8H6cr+ng0R8hofr0fGaRnL3HmBjkbyH6C4yRnGCncVcbpJd/7P1uIS
cMog7fIEdbZhwUv1jkyDXC+UL841X/dguDdGrUBG7KOVFLNXHTL6Em0FVDrgUJz+
oQYgI66lIWktRiwK0ipFOAVC34rhiRLZSSDCZ3jyVvuASKOx27jpSBzFHs5NuvWx
ZkTeoI4bzMwi3e805PYSISyG23qLNtdLFF7j3rgfCyTQoNa5d7n6/hnTQOzVtV2D
z2JhLUWBc/JcRcaozRIqqgrSN7ZHaQlO02WEyqGQ4SeNIsJWrR1r
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:55:09 2025 by rpki-client