Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/rSDAsEqMYNJk2eAS9D9yqii0nR4.roa
File: rSDAsEqMYNJk2eAS9D9yqii0nR4.roa (raw, json)
Hash identifier: hztjKkVhwI5m/ztncikSR2Gx2WolhtkywlCvoEibRVU=
Subject key identifier: AD:20:C0:B0:4A:8C:60:D2:64:D9:E0:12:F4:3F:72:AA:28:B4:9D:1E
Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c
Certificate serial: 01955D78878B142AF41DA688AEB11B7CD926
Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/rSDAsEqMYNJk2eAS9D9yqii0nR4.roa
Signing time: Mon 03 Mar 2025 19:25:34 +0000
ROA not before: Mon 03 Mar 2025 19:25:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198692
IP address blocks: 194.169.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 08:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5d:78:87:8b:14:2a:f4:1d:a6:88:ae:b1:1b:7c:d9:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c
Validity
Not Before: Mar 3 19:25:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad20c0b04a8c60d264d9e012f43f72aa28b49d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:eb:1e:a9:07:fd:e4:38:8c:f3:e2:85:1f:53:
7c:38:5b:42:08:9a:e2:0f:35:18:9b:a0:29:e4:a6:
39:51:44:5b:b1:4a:5e:f2:95:33:47:53:55:a2:a9:
72:81:90:b5:92:40:e9:fd:24:9d:58:4c:29:c5:df:
9d:28:a7:9a:6c:66:35:22:f9:94:7d:b3:2a:58:6e:
b6:cd:b2:73:54:82:98:ea:58:b4:63:25:ff:6d:6e:
d0:65:70:f2:a6:e6:a2:ab:77:9b:41:8c:59:e7:8b:
c9:c7:6b:90:0d:0d:b0:00:25:94:8f:14:8a:19:90:
1b:9e:6e:f9:24:9a:b6:54:66:19:ee:2f:66:7f:85:
43:9b:23:d8:02:22:9a:e6:d4:c4:b4:38:ca:53:c2:
dd:e1:b7:97:66:c9:42:f8:ad:6b:89:70:22:3d:40:
d4:2e:0c:00:da:bf:30:63:65:58:86:3b:d2:d6:49:
15:3d:aa:89:18:ff:3e:79:8e:69:98:13:b1:c3:c4:
2a:11:26:19:a6:ae:2c:61:f3:03:af:fd:ba:b0:61:
88:85:72:de:24:b9:ee:d2:1b:c7:ee:d0:aa:e0:ac:
3f:41:b0:bd:77:43:eb:b9:3b:ee:d2:a9:d1:a8:77:
0e:76:29:4b:e1:cd:b0:6a:ad:51:f3:94:b6:f8:6a:
01:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:20:C0:B0:4A:8C:60:D2:64:D9:E0:12:F4:3F:72:AA:28:B4:9D:1E
X509v3 Authority Key Identifier:
keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/rSDAsEqMYNJk2eAS9D9yqii0nR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.248.0/24
Signature Algorithm: sha256WithRSAEncryption
50:12:e4:f0:02:8e:ef:bc:3e:93:c4:da:b3:27:94:f0:60:68:
10:f3:02:65:93:5e:5c:f5:65:57:9c:47:02:b6:a5:72:06:d0:
13:7a:fd:50:07:d5:ab:5a:26:cd:81:5a:29:c9:39:12:8d:cb:
75:61:b4:c5:cc:3a:63:68:29:42:00:6e:ae:dd:96:f0:b6:bf:
46:d1:1c:93:ff:a5:ea:c0:ea:2d:86:a5:c9:b9:92:85:b0:2b:
01:1e:a5:17:93:43:3d:dd:4c:a8:8b:14:36:63:f9:65:32:93:
25:19:45:e9:15:2d:da:ab:d5:7e:04:84:81:70:e9:8a:dd:b2:
54:d4:21:6e:13:d4:b9:54:70:ba:7e:32:fe:f8:8b:c1:13:46:
dc:d4:5e:79:bf:f0:ba:7d:f6:79:65:dd:95:ab:ed:23:43:32:
ff:26:9b:cd:e2:58:d3:3f:3c:53:81:c5:fb:04:69:ee:5e:fa:
e9:f1:23:54:f3:20:75:c0:80:a0:e8:80:e0:01:3c:4f:0f:a2:
87:28:92:49:43:ef:da:b6:73:18:ee:e2:65:38:c8:fa:92:8e:
19:b9:06:6b:24:4b:98:64:9b:77:35:f9:95:8d:82:3d:95:48:
ee:36:fd:53:06:4c:37:9c:d2:e4:ca:b1:af:f6:e7:92:e4:ea:
7b:a7:d5:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVdeIeLFCr0HaaIrrEbfNkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw
Mjc2NmMwHhcNMjUwMzAzMTkyNTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDIwYzBiMDRhOGM2MGQyNjRkOWUwMTJmNDNmNzJhYTI4YjQ5ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+seqQf95DiM8+KFH1N8OFtCCJri
DzUYm6Ap5KY5UURbsUpe8pUzR1NVoqlygZC1kkDp/SSdWEwpxd+dKKeabGY1IvmU
fbMqWG62zbJzVIKY6li0YyX/bW7QZXDypuaiq3ebQYxZ54vJx2uQDQ2wACWUjxSK
GZAbnm75JJq2VGYZ7i9mf4VDmyPYAiKa5tTEtDjKU8Ld4beXZslC+K1riXAiPUDU
LgwA2r8wY2VYhjvS1kkVPaqJGP8+eY5pmBOxw8QqESYZpq4sYfMDr/26sGGIhXLe
JLnu0hvH7tCq4Kw/QbC9d0PruTvu0qnRqHcOdilL4c2waq1R85S2+GoBIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0gwLBKjGDSZNngEvQ/cqootJ0eMB8GA1UdIwQY
MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt
MjIyMjUyOTI5ODczLzEvclNEQXNFcU1ZTkprMmVBUzlEOXlxaWkwblI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz
LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqn4MA0G
CSqGSIb3DQEBCwUAA4IBAQBQEuTwAo7vvD6TxNqzJ5TwYGgQ8wJlk15c9WVXnEcC
tqVyBtATev1QB9WrWibNgVopyTkSjct1YbTFzDpjaClCAG6u3Zbwtr9G0RyT/6Xq
wOothqXJuZKFsCsBHqUXk0M93UyoixQ2Y/llMpMlGUXpFS3aq9V+BISBcOmK3bJU
1CFuE9S5VHC6fjL++IvBE0bc1F55v/C6ffZ5Zd2Vq+0jQzL/JpvN4ljTPzxTgcX7
BGnuXvrp8SNU8yB1wICg6IDgATxPD6KHKJJJQ+/atnMY7uJlOMj6ko4ZuQZrJEuY
ZJt3NfmVjYI9lUjuNv1TBkw3nNLkyrGv9ueS5Op7p9WN
-----END CERTIFICATE-----
Generated at Fri May 16 08:14:01 2025 by rpki-client