Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/frjt8LedxDJUCXc5Ysfa40GEUJ8.roa
File: frjt8LedxDJUCXc5Ysfa40GEUJ8.roa (raw, json)
Hash identifier: 3GQ9tV0AwS8SDm/KpQB1qsLcD5QUtO9EnUPb3E5qQP4=
Subject key identifier: 7E:B8:ED:F0:B7:9D:C4:32:54:09:77:39:62:C7:DA:E3:41:84:50:9F
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 01968F5CE00AB5B1FD591B70BE792DBF4FCA
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/frjt8LedxDJUCXc5Ysfa40GEUJ8.roa
Signing time: Fri 02 May 2025 04:59:10 +0000
ROA not before: Fri 02 May 2025 04:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34232
IP address blocks: 109.175.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 May 2025 03:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8f:5c:e0:0a:b5:b1:fd:59:1b:70:be:79:2d:bf:4f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: May 2 04:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7eb8edf0b79dc4325409773962c7dae34184509f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:da:c1:63:11:83:3f:28:85:d1:08:ca:64:
d0:9c:f0:dc:c2:6b:08:1a:3d:24:78:4b:d7:cc:21:
25:fa:a5:d1:19:d3:e0:e8:19:fb:26:a7:a4:d4:d1:
cd:f7:31:67:ad:b8:8d:98:c5:66:5c:36:01:ec:66:
1b:e0:72:e9:c5:be:ec:80:92:7b:f8:65:f8:74:d0:
7a:78:bc:1a:4e:74:d1:d2:47:31:50:50:00:90:9e:
c7:65:81:e8:27:01:92:cb:b1:64:4e:38:a5:96:44:
35:df:45:01:66:ea:83:f1:7d:94:a8:01:d5:88:e8:
d8:6c:5e:f2:4d:3a:1f:27:6f:3c:e5:d2:28:a4:9b:
4a:fe:af:dd:08:17:88:a8:be:a7:c4:42:69:0c:ef:
d1:71:b6:d2:02:bd:f2:36:4b:eb:6a:46:59:b4:b2:
2d:b3:01:71:d7:f3:31:9a:af:40:3f:dc:1c:e3:f2:
1e:25:0d:cb:51:48:a6:2d:5b:d0:4b:36:4c:0e:31:
77:54:c7:1c:51:a3:d4:13:f8:73:8b:d1:4d:df:e0:
fd:11:e2:75:c3:07:d5:d8:31:a5:64:56:7c:d1:d8:
f4:ae:3c:08:69:8d:61:be:d3:d9:48:d7:e4:ac:ba:
3a:a6:48:f1:3b:4c:99:a1:87:8c:14:e3:c1:5d:74:
15:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B8:ED:F0:B7:9D:C4:32:54:09:77:39:62:C7:DA:E3:41:84:50:9F
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/frjt8LedxDJUCXc5Ysfa40GEUJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.225.0/24
Signature Algorithm: sha256WithRSAEncryption
38:3d:ff:89:ff:00:49:5d:47:18:25:52:dc:b2:c4:c3:34:79:
7a:4c:ad:0e:d9:76:fa:0c:c8:a7:4f:1d:4a:9b:69:52:94:b9:
14:96:6b:2d:92:fc:38:c5:17:44:d1:17:65:a8:f2:7d:5d:94:
21:2a:67:e8:70:6b:01:b2:c6:ac:bf:14:97:8a:6a:a1:c3:f4:
39:b8:c8:83:c2:ab:b0:6d:21:3e:4b:42:fc:03:93:5e:2f:d4:
b9:e6:61:6d:97:51:d4:8f:d3:a6:76:c5:eb:91:6b:57:a6:30:
45:d7:1a:5c:f5:c1:64:b0:48:23:ea:4b:c6:b0:31:6e:2c:d1:
40:4b:5f:2f:cc:8e:a0:24:5f:17:5d:b5:e4:82:7f:7e:04:3d:
b9:a8:94:0b:21:d3:6a:f6:33:6a:8c:1d:9f:1a:ca:d7:3f:bc:
40:6b:11:f6:2d:81:ff:32:ef:78:ed:2f:93:5a:c2:f4:c6:15:
ce:4e:c2:fe:b2:26:a4:6e:63:36:20:5d:ad:fc:e0:f7:a3:16:
ec:97:05:80:cb:65:1c:c2:dc:b8:60:aa:dc:b5:b8:31:ee:f4:
1e:d2:2f:2d:87:bb:ab:cb:a1:9b:c1:17:c2:cf:f0:01:a8:52:
e6:c8:ce:93:a1:c0:07:58:45:59:69:b9:1a:49:13:3e:7d:ff:
80:19:bf:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaPXOAKtbH9WRtwvnktv0/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjUwNTAyMDQ1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWI4ZWRmMGI3OWRjNDMyNTQwOTc3Mzk2MmM3ZGFlMzQxODQ1MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl3awWMRgz8ohdEIymTQnPDcwmsI
Gj0keEvXzCEl+qXRGdPg6Bn7Jqek1NHN9zFnrbiNmMVmXDYB7GYb4HLpxb7sgJJ7
+GX4dNB6eLwaTnTR0kcxUFAAkJ7HZYHoJwGSy7FkTjillkQ130UBZuqD8X2UqAHV
iOjYbF7yTTofJ2885dIopJtK/q/dCBeIqL6nxEJpDO/RcbbSAr3yNkvrakZZtLIt
swFx1/Mxmq9AP9wc4/IeJQ3LUUimLVvQSzZMDjF3VMccUaPUE/hzi9FN3+D9EeJ1
wwfV2DGlZFZ80dj0rjwIaY1hvtPZSNfkrLo6pkjxO0yZoYeMFOPBXXQV0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH647fC3ncQyVAl3OWLH2uNBhFCfMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvZnJqdDhMZWR4REpVQ1hjNVlzZmE0MEdFVUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAba/hMA0G
CSqGSIb3DQEBCwUAA4IBAQA4Pf+J/wBJXUcYJVLcssTDNHl6TK0O2Xb6DMinTx1K
m2lSlLkUlmstkvw4xRdE0RdlqPJ9XZQhKmfocGsBssasvxSXimqhw/Q5uMiDwquw
bSE+S0L8A5NeL9S55mFtl1HUj9OmdsXrkWtXpjBF1xpc9cFksEgj6kvGsDFuLNFA
S18vzI6gJF8XXbXkgn9+BD25qJQLIdNq9jNqjB2fGsrXP7xAaxH2LYH/Mu947S+T
WsL0xhXOTsL+siakbmM2IF2t/OD3oxbslwWAy2Ucwty4YKrctbgx7vQe0i8th7ur
y6GbwRfCz/ABqFLmyM6TocAHWEVZabkaSRM+ff+AGb8R
-----END CERTIFICATE-----
Generated at Mon May 12 23:00:20 2025 by rpki-client