Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/rFQ264eRv1_4ELx0GZO3bsI9OjI.roa
File: rFQ264eRv1_4ELx0GZO3bsI9OjI.roa (raw, json)
Hash identifier: +R31SEv32YT0alftZtXQlt+y6Nwtr7jIqK2Neu8AS4w=
Subject key identifier: AC:54:36:EB:87:91:BF:5F:F8:10:BC:74:19:93:B7:6E:C2:3D:3A:32
Certificate issuer: /CN=a0d3ed5795348a04e7ecd172d7642fa962097287
Certificate serial: 01956FCD4B5A0DF35B887FBC3532849119F9
Authority key identifier: A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/rFQ264eRv1_4ELx0GZO3bsI9OjI.roa
Signing time: Fri 07 Mar 2025 08:51:19 +0000
ROA not before: Fri 07 Mar 2025 08:51:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214593
IP address blocks: 194.164.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 10:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:cd:4b:5a:0d:f3:5b:88:7f:bc:35:32:84:91:19:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3ed5795348a04e7ecd172d7642fa962097287
Validity
Not Before: Mar 7 08:51:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac5436eb8791bf5ff810bc741993b76ec23d3a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f3:a1:09:30:25:ff:97:01:27:7f:3b:0f:63:
4c:bc:13:ef:89:1b:24:93:bf:fb:8c:16:55:e6:e3:
78:3b:45:eb:04:e3:3b:38:02:99:fa:05:7b:e6:5a:
cb:a5:18:16:41:4e:30:40:66:89:e8:bb:94:b7:90:
34:f3:d1:e7:d6:1e:73:89:7d:8e:96:ef:0a:d1:f0:
29:86:e0:93:b2:32:89:fa:2e:7d:b0:a6:1c:41:0c:
58:db:51:79:03:ce:0a:17:33:55:63:4a:e4:66:6d:
f9:9f:45:ba:3a:6f:42:19:78:b1:a5:c2:d3:9a:1f:
26:10:26:cd:f4:14:60:a4:89:b2:06:7c:5f:f3:04:
9a:72:3c:29:95:71:dd:00:de:92:59:fd:20:50:f2:
78:bf:5d:1e:27:4d:5e:d2:e0:bc:35:9b:45:82:17:
6a:60:73:da:e4:f4:76:f1:0f:20:d9:40:88:54:eb:
5f:c6:a7:25:c5:47:c5:90:44:3a:82:46:71:b6:89:
ec:ff:16:f1:7a:d3:d8:29:a1:58:88:29:11:7b:12:
e2:dd:b6:e2:41:12:3b:d3:99:56:25:de:6a:ff:6a:
3d:ba:4b:ec:a6:46:24:06:77:68:7d:69:af:7f:e3:
20:b6:05:28:41:12:be:c6:01:ec:49:c3:55:b9:62:
b1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:54:36:EB:87:91:BF:5F:F8:10:BC:74:19:93:B7:6E:C2:3D:3A:32
X509v3 Authority Key Identifier:
keyid:A0:D3:ED:57:95:34:8A:04:E7:EC:D1:72:D7:64:2F:A9:62:09:72:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNPtV5U0igTn7NFy12QvqWIJcoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/rFQ264eRv1_4ELx0GZO3bsI9OjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a3b11e-5909-49fe-bb75-790bc91a59e6/1/oNPtV5U0igTn7NFy12QvqWIJcoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.164.111.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:0d:9d:99:c2:8d:24:d8:3a:04:4d:8f:f8:20:90:a3:d8:a7:
5f:75:e9:fb:32:a3:31:17:a9:58:8a:2b:69:2f:1f:06:65:7c:
20:30:92:20:0b:f4:28:b4:10:cf:2f:e0:f1:c1:c4:13:3f:64:
8e:05:aa:c7:6d:8a:e7:31:b0:2e:d9:b7:8a:4c:11:29:9b:9a:
3d:b3:bd:43:41:9c:92:c1:9e:d5:26:23:a0:3d:3a:c7:1e:05:
13:3c:a5:05:b1:f6:a6:b5:fa:0f:63:78:79:5b:9e:a8:51:50:
64:b5:a2:5b:11:a2:cf:e2:05:90:47:6d:39:ad:74:77:ed:ab:
28:a1:0c:f8:92:c4:62:73:cf:d0:e1:c2:6d:83:00:38:63:dc:
e8:21:46:28:18:d6:e1:34:b4:0a:d4:42:a3:8b:16:94:50:6c:
2b:df:4e:d0:53:ee:fa:7c:78:cd:41:c2:b9:53:03:ca:76:f8:
34:bc:e9:fd:b9:fc:59:90:d9:3f:2b:e7:32:79:7b:31:af:1d:
5c:fc:79:fd:57:bc:49:98:38:c4:cd:d1:b5:9d:93:69:05:99:
b9:d1:4c:0c:0f:a9:e7:dc:61:41:09:b8:a0:3f:c4:2a:58:ee:
03:9c:29:d9:67:72:ed:46:12:a6:51:b8:a0:47:93:b0:21:03:
45:64:f8:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVvzUtaDfNbiH+8NTKEkRn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDNlZDU3OTUzNDhhMDRlN2VjZDE3MmQ3NjQyZmE5NjIw
OTcyODcwHhcNMjUwMzA3MDg1MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU0MzZlYjg3OTFiZjVmZjgxMGJjNzQxOTkzYjc2ZWMyM2QzYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPOhCTAl/5cBJ387D2NMvBPviRsk
k7/7jBZV5uN4O0XrBOM7OAKZ+gV75lrLpRgWQU4wQGaJ6LuUt5A089Hn1h5ziX2O
lu8K0fAphuCTsjKJ+i59sKYcQQxY21F5A84KFzNVY0rkZm35n0W6Om9CGXixpcLT
mh8mECbN9BRgpImyBnxf8wSacjwplXHdAN6SWf0gUPJ4v10eJ01e0uC8NZtFghdq
YHPa5PR28Q8g2UCIVOtfxqclxUfFkEQ6gkZxtons/xbxetPYKaFYiCkRexLi3bbi
QRI705lWJd5q/2o9ukvspkYkBndofWmvf+MgtgUoQRK+xgHsScNVuWKxvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxUNuuHkb9f+BC8dBmTt27CPToyMB8GA1UdIwQY
MBaAFKDT7VeVNIoE5+zRctdkL6liCXKHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUt
NzkwYmM5MWE1OWU2LzEvckZRMjY0ZVJ2MV80RUx4MEdaTzNic0k5T2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hM2IxMWUtNTkwOS00OWZlLWJiNzUtNzkwYmM5MWE1OWU2
LzEvb05QdFY1VTBpZ1RuN05GeTEyUXZxV0lKY29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqRvMA0G
CSqGSIb3DQEBCwUAA4IBAQC2DZ2Zwo0k2DoETY/4IJCj2Kdfden7MqMxF6lYiitp
Lx8GZXwgMJIgC/QotBDPL+DxwcQTP2SOBarHbYrnMbAu2beKTBEpm5o9s71DQZyS
wZ7VJiOgPTrHHgUTPKUFsfamtfoPY3h5W56oUVBktaJbEaLP4gWQR205rXR37aso
oQz4ksRic8/Q4cJtgwA4Y9zoIUYoGNbhNLQK1EKjixaUUGwr307QU+76fHjNQcK5
UwPKdvg0vOn9ufxZkNk/K+cyeXsxrx1c/Hn9V7xJmDjEzdG1nZNpBZm50UwMD6nn
3GFBCbigP8QqWO4DnCnZZ3LtRhKmUbigR5OwIQNFZPi2
-----END CERTIFICATE-----
Generated at Tue May 6 10:06:15 2025 by rpki-client