Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/4NpG4ARt1DW2hYR5tiaZ0y7IAUk.roa
File: 4NpG4ARt1DW2hYR5tiaZ0y7IAUk.roa (raw, json)
Hash identifier: G4eC2uuQytHEyAaU1enbj/iL+VgveUQItCUIppZ9M9A=
Subject key identifier: E0:DA:46:E0:04:6D:D4:35:B6:85:84:79:B6:26:99:D3:2E:C8:01:49
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 0194D7BEB3EAECF2802067CC5D4E4C4BA790
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/4NpG4ARt1DW2hYR5tiaZ0y7IAUk.roa
Signing time: Wed 05 Feb 2025 20:13:06 +0000
ROA not before: Wed 05 Feb 2025 20:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 80.246.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Feb 2025 08:09:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:be:b3:ea:ec:f2:80:20:67:cc:5d:4e:4c:4b:a7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Feb 5 20:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0da46e0046dd435b6858479b62699d32ec80149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3f:94:e4:46:6e:3e:a6:22:8b:84:da:23:58:
a0:19:96:c2:8b:57:21:72:ca:6a:cc:5c:cf:03:1d:
f0:c1:9b:77:93:b3:97:9b:88:59:06:12:97:73:f9:
a4:98:19:ab:9d:1e:d1:5b:7c:5c:39:0d:dc:b6:d0:
9a:87:df:6a:3e:fd:00:1e:b3:46:bf:ad:a7:5d:67:
92:6d:25:03:0d:e6:ca:fa:b7:bf:3a:3b:ee:0a:4c:
e6:e2:d4:fe:42:8e:50:ad:3f:53:ce:68:83:17:54:
82:1b:f5:03:64:7c:ff:d7:d8:b7:3c:c7:44:c1:f5:
30:7f:37:0f:db:43:02:91:a2:af:2e:46:96:58:26:
ac:cb:74:b4:1f:71:d1:5f:98:86:60:2f:de:88:3f:
79:9a:9f:04:97:d8:98:ee:d8:9a:88:95:a3:c1:75:
64:84:da:23:a2:55:9b:85:33:51:60:5c:86:7a:af:
ec:a5:cd:88:42:63:6b:52:2f:cb:b9:d7:a4:c7:67:
9c:dd:65:98:6f:d6:c1:8b:f3:24:9d:e7:14:a7:be:
c2:66:53:9c:a0:c4:7a:a6:a7:b5:84:1c:88:43:b7:
2c:12:2a:19:37:fe:e9:6a:32:96:e0:61:d3:9c:85:
a1:1b:e0:82:89:03:8c:86:c9:b7:de:79:97:49:41:
81:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DA:46:E0:04:6D:D4:35:B6:85:84:79:B6:26:99:D3:2E:C8:01:49
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/4NpG4ARt1DW2hYR5tiaZ0y7IAUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
73:93:eb:27:86:56:62:19:71:d1:d6:b8:30:e3:95:21:b0:71:
90:56:97:4e:24:81:d1:b7:9f:7b:42:bd:f7:f6:c2:bd:74:dc:
24:02:8c:ba:99:68:75:ca:68:0e:2b:66:7a:53:9e:77:2d:a9:
73:dc:44:ca:58:90:bd:21:d8:23:2b:2b:3d:11:ce:71:f7:21:
07:08:64:d8:f6:ad:fa:4e:0b:a6:7f:23:48:40:89:53:f7:b7:
a1:85:67:3a:8d:b9:72:26:32:d9:ed:32:af:5f:c0:01:ec:f4:
3e:4c:ff:40:c6:3e:31:47:e5:b6:eb:31:bc:b9:08:fc:20:37:
2f:b8:8d:b0:42:ea:2f:69:30:4d:61:00:8e:7e:a2:5b:50:2d:
84:f3:af:fc:9d:c4:d2:83:c1:68:ee:83:68:07:fd:32:33:b8:
d3:0b:e3:db:ba:29:4b:ec:ab:2f:b3:47:6e:39:d7:e5:7d:1b:
5b:11:ea:0c:87:d3:84:2c:86:08:c4:c3:0e:d9:1d:73:2f:5b:
e4:78:8b:64:9d:66:9f:88:ce:d1:b3:26:19:48:49:38:8c:ce:
ff:12:4d:43:e3:9e:e1:32:a8:44:82:38:22:9f:9c:e6:b0:58:
6f:bf:13:03:8c:18:02:ed:a5:42:14:fe:8b:5c:45:8b:90:59:
27:ff:f4:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTXvrPq7PKAIGfMXU5MS6eQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjUwMjA1MjAxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGRhNDZlMDA0NmRkNDM1YjY4NTg0NzliNjI2OTlkMzJlYzgwMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj+U5EZuPqYii4TaI1igGZbCi1ch
cspqzFzPAx3wwZt3k7OXm4hZBhKXc/mkmBmrnR7RW3xcOQ3cttCah99qPv0AHrNG
v62nXWeSbSUDDebK+re/OjvuCkzm4tT+Qo5QrT9TzmiDF1SCG/UDZHz/19i3PMdE
wfUwfzcP20MCkaKvLkaWWCasy3S0H3HRX5iGYC/eiD95mp8El9iY7tiaiJWjwXVk
hNojolWbhTNRYFyGeq/spc2IQmNrUi/Ludekx2ec3WWYb9bBi/MknecUp77CZlOc
oMR6pqe1hByIQ7csEioZN/7pajKW4GHTnIWhG+CCiQOMhsm33nmXSUGB6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODaRuAEbdQ1toWEebYmmdMuyAFJMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvNE5wRzRBUnQxRFcyaFlSNXRpYVoweTdJQVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPboMA0G
CSqGSIb3DQEBCwUAA4IBAQBzk+snhlZiGXHR1rgw45UhsHGQVpdOJIHRt597Qr33
9sK9dNwkAoy6mWh1ymgOK2Z6U553Lalz3ETKWJC9IdgjKys9Ec5x9yEHCGTY9q36
TgumfyNIQIlT97ehhWc6jblyJjLZ7TKvX8AB7PQ+TP9Axj4xR+W26zG8uQj8IDcv
uI2wQuovaTBNYQCOfqJbUC2E86/8ncTSg8Fo7oNoB/0yM7jTC+PbuilL7Ksvs0du
OdflfRtbEeoMh9OELIYIxMMO2R1zL1vkeItknWafiM7RsyYZSEk4jM7/Ek1D457h
MqhEgjgin5zmsFhvvxMDjBgC7aVCFP6LXEWLkFkn//TD
-----END CERTIFICATE-----
Generated at Tue May 13 11:26:45 2025 by rpki-client