Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/7TcaGwyhJuZ1cqLcyaVNXN6DbNw.roa
File: 7TcaGwyhJuZ1cqLcyaVNXN6DbNw.roa (raw, json)
Hash identifier: Rb3Uf1cpm5Va5U0NJqp228FXIw7xXvz+YFsuNr9qg1Y=
Subject key identifier: ED:37:1A:1B:0C:A1:26:E6:75:72:A2:DC:C9:A5:4D:5C:DE:83:6C:DC
Certificate issuer: /CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Certificate serial: 01963E0BC216AF9D4DF8398748C2F7F0A9A6
Authority key identifier: CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/7TcaGwyhJuZ1cqLcyaVNXN6DbNw.roa
Signing time: Wed 16 Apr 2025 10:01:20 +0000
ROA not before: Wed 16 Apr 2025 10:01:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31445
IP address blocks: 195.128.226.0/24 maxlen: 24
195.128.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 10:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:0b:c2:16:af:9d:4d:f8:39:87:48:c2:f7:f0:a9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Validity
Not Before: Apr 16 10:01:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed371a1b0ca126e67572a2dcc9a54d5cde836cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:de:09:7f:11:ca:67:de:d4:23:48:67:65:02:
c7:f4:21:32:76:f1:77:6f:99:3d:4e:d1:cb:ca:19:
69:54:6c:0c:9f:97:f8:6f:3b:cb:0b:9d:62:aa:74:
3d:07:f4:1d:3d:3b:4c:11:cc:5e:ac:c4:e0:db:fd:
8f:73:fa:4e:7d:d5:28:09:d5:ac:31:cf:7d:4f:2d:
39:77:0e:9c:26:13:f8:bd:63:ce:41:b1:65:98:4d:
4c:15:b0:6f:5f:3d:c7:96:1f:05:d9:ff:13:1b:d7:
6d:30:12:04:5f:97:c7:c5:17:ff:f0:fb:5a:22:10:
da:4a:ef:02:3e:b6:d9:58:00:f1:ed:ed:ce:31:c3:
71:83:7b:df:7b:a2:ee:02:4c:dc:1f:1a:b5:5a:86:
95:af:46:fd:81:a5:b1:bb:75:a8:ae:8c:ad:81:a7:
d9:98:fb:62:dc:90:9e:32:40:c8:2b:bd:f7:a7:65:
c8:a4:d3:27:40:13:6e:07:04:f3:e5:a0:0a:7f:8e:
f2:63:88:95:d9:6d:a0:ec:af:13:f4:55:e8:85:24:
29:e8:6b:bd:e6:94:87:da:73:52:31:7d:01:3f:21:
48:08:f2:06:f3:91:b9:fb:c8:6f:2e:ce:6a:f0:3f:
f0:bd:85:49:06:61:40:de:32:4e:d9:9a:aa:5b:05:
e2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:37:1A:1B:0C:A1:26:E6:75:72:A2:DC:C9:A5:4D:5C:DE:83:6C:DC
X509v3 Authority Key Identifier:
keyid:CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/7TcaGwyhJuZ1cqLcyaVNXN6DbNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/zqedzVo97kUOrz-TFS7W2oBrv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.226.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:2a:97:f2:a7:cc:14:6f:e1:db:4d:4c:65:a0:f4:17:16:f2:
f8:45:3f:72:43:3c:6f:24:f9:11:15:87:af:01:a0:9a:e3:68:
5e:60:89:b3:ea:5e:93:11:bc:d8:10:ca:68:ce:16:17:cc:f2:
e8:17:5b:1e:b9:30:a5:94:a0:c5:53:a3:71:e0:99:6a:cb:6a:
ac:52:44:c6:3f:9a:66:d5:77:ed:dc:c2:32:36:3a:1c:6b:06:
53:01:7d:2a:43:d8:70:db:9f:a9:03:29:b0:51:01:ff:03:e7:
de:fe:e8:27:f8:16:cd:b2:90:c3:b9:d0:0f:93:62:49:ab:59:
a4:e4:87:e0:23:0e:5a:db:d2:d7:f4:5f:25:cf:7f:2f:14:57:
c5:52:57:8a:4f:de:a7:03:bc:fa:7c:41:85:ec:24:5b:eb:2e:
aa:a1:e5:98:db:84:2f:b0:03:c8:23:9f:08:53:94:39:42:15:
6c:47:4e:1a:02:eb:7d:af:49:71:ed:ee:84:76:be:4d:d8:a3:
7f:f9:88:10:4c:25:d5:63:66:ac:a5:62:14:45:67:1e:58:ef:
4e:34:7f:ae:de:b9:92:b3:1c:8a:d6:fb:3f:40:a2:f1:10:5e:
b4:7a:14:98:e6:8c:66:0f:2a:2b:55:fc:38:15:87:8c:9e:6b:
6e:58:4b:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY+C8IWr51N+DmHSML38KmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYTc5ZGNkNWEzZGVlNDUwZWFmM2Y5MzE1MmVkNmRhODA2
YmJmNzEwHhcNMjUwNDE2MTAwMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM3MWExYjBjYTEyNmU2NzU3MmEyZGNjOWE1NGQ1Y2RlODM2Y2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid4JfxHKZ97UI0hnZQLH9CEydvF3
b5k9TtHLyhlpVGwMn5f4bzvLC51iqnQ9B/QdPTtMEcxerMTg2/2Pc/pOfdUoCdWs
Mc99Ty05dw6cJhP4vWPOQbFlmE1MFbBvXz3Hlh8F2f8TG9dtMBIEX5fHxRf/8Pta
IhDaSu8CPrbZWADx7e3OMcNxg3vfe6LuAkzcHxq1WoaVr0b9gaWxu3WoroytgafZ
mPti3JCeMkDIK733p2XIpNMnQBNuBwTz5aAKf47yY4iV2W2g7K8T9FXohSQp6Gu9
5pSH2nNSMX0BPyFICPIG85G5+8hvLs5q8D/wvYVJBmFA3jJO2ZqqWwXicQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO03GhsMoSbmdXKi3MmlTVzeg2zcMB8GA1UdIwQY
MBaAFM6nnc1aPe5FDq8/kxUu1tqAa79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQt
ODZlMjQyNjA1MTZmLzEvN1RjYUd3eWhKdVoxY3FMY3lhVk5YTjZEYk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQtODZlMjQyNjA1MTZm
LzEvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4DiMA0G
CSqGSIb3DQEBCwUAA4IBAQAqKpfyp8wUb+HbTUxloPQXFvL4RT9yQzxvJPkRFYev
AaCa42heYImz6l6TEbzYEMpozhYXzPLoF1seuTCllKDFU6Nx4Jlqy2qsUkTGP5pm
1Xft3MIyNjocawZTAX0qQ9hw25+pAymwUQH/A+fe/ugn+BbNspDDudAPk2JJq1mk
5IfgIw5a29LX9F8lz38vFFfFUleKT96nA7z6fEGF7CRb6y6qoeWY24QvsAPII58I
U5Q5QhVsR04aAut9r0lx7e6Edr5N2KN/+YgQTCXVY2aspWIURWceWO9ONH+u3rmS
sxyK1vs/QKLxEF60ehSY5oxmDyorVfw4FYeMnmtuWEsR
-----END CERTIFICATE-----
Generated at Fri May 9 06:42:59 2025 by rpki-client