Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o-tSuOveYmeYH3NkeS2XQIO7ftM.roa
File: o-tSuOveYmeYH3NkeS2XQIO7ftM.roa (raw, json)
Hash identifier: Uh9YXkGW+0GehT5AezZoptMEAwiyIyxVFUhSL4EcD5o=
Subject key identifier: A3:EB:52:B8:EB:DE:62:67:98:1F:73:64:79:2D:97:40:83:BB:7E:D3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019692C7342E3F0EA531FFBE29C05F89C619
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o-tSuOveYmeYH3NkeS2XQIO7ftM.roa
Signing time: Fri 02 May 2025 20:54:10 +0000
ROA not before: Fri 02 May 2025 20:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209693
IP address blocks: 87.121.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 May 2025 11:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:92:c7:34:2e:3f:0e:a5:31:ff:be:29:c0:5f:89:c6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 2 20:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3eb52b8ebde6267981f7364792d974083bb7ed3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c8:0b:7f:b2:cd:90:a5:3f:6c:e8:33:4b:3c:
47:a9:22:07:e3:0c:46:b6:78:38:48:cc:12:54:40:
8c:51:94:ea:26:bb:09:a4:5f:58:98:26:2a:0f:fc:
4b:a2:f2:5b:f2:f6:cf:83:c8:ab:14:5f:b7:c5:fc:
d1:02:10:52:27:73:35:f4:0f:a2:b6:fc:b2:ac:ca:
99:a5:65:6e:4e:6a:58:f7:b7:65:b5:5c:eb:df:8e:
b2:7b:2f:d3:ca:58:2e:1e:d8:35:d0:b4:a8:e5:2b:
30:0a:0b:2d:73:3c:23:06:8c:18:6d:c8:15:65:86:
6a:36:ba:d1:85:78:ac:8a:08:15:e8:b4:14:ab:fd:
01:cc:8e:07:6a:0b:95:31:27:fa:34:4d:61:b8:4c:
be:81:38:d7:11:ac:d2:12:74:9b:9b:d9:e2:27:a1:
50:4c:53:e7:a1:e1:5c:66:c0:03:c2:81:66:53:33:
fd:69:f4:c4:56:0e:ec:b1:43:5b:fc:de:f3:9d:e4:
ca:87:48:d6:cb:66:73:ec:f4:b2:dd:84:7e:fd:37:
07:ff:33:bd:e8:a4:1c:80:9d:d8:39:1b:fa:42:c3:
4d:e5:a9:a3:c8:12:21:b8:19:2e:87:03:82:b4:30:
11:02:3f:07:76:79:08:eb:fd:9f:c5:eb:1e:b6:6c:
a0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EB:52:B8:EB:DE:62:67:98:1F:73:64:79:2D:97:40:83:BB:7E:D3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/o-tSuOveYmeYH3NkeS2XQIO7ftM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.86.0/24
Signature Algorithm: sha256WithRSAEncryption
39:ce:40:04:b3:c0:27:93:59:37:15:61:01:04:e6:bb:5d:28:
66:a8:4b:ee:92:b8:1d:ba:68:e0:36:4a:c3:c5:11:f3:8b:7c:
d1:ec:3e:6f:1f:9a:1d:5b:23:d6:f9:75:fb:07:5b:5a:08:a3:
1a:e7:c4:a6:6b:fd:37:96:af:c0:f3:8f:c9:8b:07:75:b9:d7:
d8:41:d1:8f:2d:27:c3:0f:ab:5b:15:e6:9e:ff:85:8f:82:a6:
37:af:37:92:be:5c:52:33:cd:75:65:c3:ed:e9:f9:9e:91:f5:
ad:ec:76:e9:dc:fd:01:cb:3b:b7:38:2a:4b:04:18:92:2d:4f:
a0:2b:75:94:c8:2b:97:31:92:ee:0f:49:8b:9f:6c:61:59:f8:
d0:4e:a6:71:57:96:aa:96:91:98:15:24:84:d5:10:52:18:6e:
9d:f9:36:13:88:d4:13:f2:19:0e:71:4b:18:cb:b2:cf:81:62:
ca:9c:c4:ac:ce:6e:f0:81:2a:db:75:72:69:2e:e0:21:f8:be:
26:d2:f9:c6:b3:91:4b:f2:8b:78:86:32:5e:b2:e9:5f:f7:7c:
71:ae:64:1a:0f:d0:47:3d:e0:e1:16:2d:b0:f6:b0:9b:48:ee:
d8:28:91:0f:82:4e:f7:59:01:c1:db:02:a6:69:bb:91:20:4f:
c1:eb:42:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaSxzQuPw6lMf++KcBficYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNTAyMjA1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ViNTJiOGViZGU2MjY3OTgxZjczNjQ3OTJkOTc0MDgzYmI3ZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMgLf7LNkKU/bOgzSzxHqSIH4wxG
tng4SMwSVECMUZTqJrsJpF9YmCYqD/xLovJb8vbPg8irFF+3xfzRAhBSJ3M19A+i
tvyyrMqZpWVuTmpY97dltVzr346yey/TylguHtg10LSo5SswCgstczwjBowYbcgV
ZYZqNrrRhXisiggV6LQUq/0BzI4HaguVMSf6NE1huEy+gTjXEazSEnSbm9niJ6FQ
TFPnoeFcZsADwoFmUzP9afTEVg7ssUNb/N7zneTKh0jWy2Zz7PSy3YR+/TcH/zO9
6KQcgJ3YORv6QsNN5amjyBIhuBkuhwOCtDARAj8HdnkI6/2fxesetmygfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPrUrjr3mJnmB9zZHktl0CDu37TMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvby10U3VPdmVZbWVZSDNOa2VTMlhRSU83ZnRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3lWMA0G
CSqGSIb3DQEBCwUAA4IBAQA5zkAEs8Ank1k3FWEBBOa7XShmqEvukrgdumjgNkrD
xRHzi3zR7D5vH5odWyPW+XX7B1taCKMa58Sma/03lq/A84/Jiwd1udfYQdGPLSfD
D6tbFeae/4WPgqY3rzeSvlxSM811ZcPt6fmekfWt7Hbp3P0Byzu3OCpLBBiSLU+g
K3WUyCuXMZLuD0mLn2xhWfjQTqZxV5aqlpGYFSSE1RBSGG6d+TYTiNQT8hkOcUsY
y7LPgWLKnMSszm7wgSrbdXJpLuAh+L4m0vnGs5FL8ot4hjJesulf93xxrmQaD9BH
PeDhFi2w9rCbSO7YKJEPgk73WQHB2wKmabuRIE/B60J5
-----END CERTIFICATE-----
Generated at Tue May 13 17:25:14 2025 by rpki-client