Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/e0FiCGE2h4uHORbZYkomT6hZq6A.roa
File: e0FiCGE2h4uHORbZYkomT6hZq6A.roa (raw, json)
Hash identifier: 0EWdjcc11vITjLoE3SGaSmVFU3dI0R0kd2oom3Tv2jE=
Subject key identifier: 7B:41:62:08:61:36:87:8B:87:39:16:D9:62:4A:26:4F:A8:59:AB:A0
Certificate issuer: /CN=78f29e87382159ca5e81387d7ee77e512fad1636
Certificate serial: 01942068700DA1C3237C19B065B43E9AD89B
Authority key identifier: 78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/e0FiCGE2h4uHORbZYkomT6hZq6A.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51505
IP address blocks: 194.154.32.0/19 maxlen: 19
2a14:6700::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Mar 2025 08:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:70:0d:a1:c3:23:7c:19:b0:65:b4:3e:9a:d8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78f29e87382159ca5e81387d7ee77e512fad1636
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b4162086136878b873916d9624a264fa859aba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6e:8c:c6:70:27:6a:05:04:6f:cc:a1:cc:61:
42:41:21:08:6d:11:59:15:a3:6a:a1:a4:b5:35:8f:
8e:49:70:bc:84:b8:d5:93:56:7f:64:a4:61:63:14:
f9:a5:85:4f:f6:0f:0e:49:34:b7:c1:77:63:7a:0a:
5b:e2:a4:8d:ce:61:6b:92:8a:0a:30:28:7c:0a:d2:
a7:1f:2c:e6:bb:83:b4:78:78:64:fe:60:1e:72:6a:
80:d7:f6:e6:68:5a:c3:a2:39:e0:0e:61:9c:72:3e:
80:db:30:af:bd:32:fd:e2:89:39:f9:51:76:07:6d:
89:50:39:c7:41:55:cb:ec:c4:20:9c:48:58:03:de:
9e:f8:e4:03:9e:08:b1:3c:4b:af:cc:59:c1:0e:51:
b1:29:dd:6f:aa:a9:9d:b0:15:89:0a:b8:ed:52:c1:
db:69:82:47:84:29:2e:4b:a2:3a:83:b6:2f:76:2a:
8a:69:22:64:ef:f9:3a:99:13:f7:8e:bd:ab:ac:1b:
24:ae:9a:b2:e5:af:a3:20:a5:9d:2f:bc:53:31:9f:
75:9f:43:43:ef:e6:af:da:e9:a2:ef:7a:fc:9b:26:
fb:36:38:8a:b4:10:5a:87:cb:d9:ab:a8:e3:5f:45:
50:24:46:be:16:8a:38:31:1d:2a:e6:65:a7:1a:f7:
b3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:41:62:08:61:36:87:8B:87:39:16:D9:62:4A:26:4F:A8:59:AB:A0
X509v3 Authority Key Identifier:
keyid:78:F2:9E:87:38:21:59:CA:5E:81:38:7D:7E:E7:7E:51:2F:AD:16:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ePKehzghWcpegTh9fud-US-tFjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/e0FiCGE2h4uHORbZYkomT6hZq6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4b48b-462e-45a6-860d-82f89cba26d8/1/ePKehzghWcpegTh9fud-US-tFjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.154.32.0/19
IPv6:
2a14:6700::/29
Signature Algorithm: sha256WithRSAEncryption
89:f6:85:34:32:80:8d:b4:11:32:de:92:26:0d:81:1f:b8:9e:
3b:1c:09:c8:21:eb:49:b1:f9:0a:ff:bd:6e:d7:be:a1:2e:07:
f0:c6:8b:47:87:5b:35:2c:04:d0:3f:2d:3b:87:63:49:47:40:
76:8a:bf:db:ad:fe:d4:70:b6:51:5c:b1:52:d2:b2:8e:15:4f:
54:cd:0f:4b:73:0a:ba:9d:5d:ad:75:53:38:46:2c:4c:6d:6e:
37:14:4b:e0:56:71:73:21:98:6d:28:5e:ef:95:32:c7:a1:6a:
89:0e:ca:a2:ad:4b:52:d7:4e:c3:0a:a2:23:cb:9e:af:3f:df:
00:a4:53:c5:c7:4b:c9:83:0a:a5:c1:0c:a6:51:72:a3:45:ad:
83:56:27:ec:d6:51:62:9c:34:f9:4f:63:5b:8d:ba:b2:ca:c8:
e0:8d:76:d3:c1:35:05:66:2c:9f:e0:e7:d8:81:08:49:54:a1:
be:d9:75:9a:63:02:8e:9d:8d:bd:0f:08:9f:d2:5f:5c:46:0d:
57:46:ef:65:5f:0c:20:7b:18:eb:4b:ba:ac:88:94:5d:5c:e6:
81:2b:5e:91:c3:40:cd:da:f8:aa:a9:aa:38:6b:df:42:55:bf:
dc:ec:b8:79:35:d9:19:1d:23:ca:38:92:ab:18:56:65:88:86:
1c:bb:1a:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaHANocMjfBmwZbQ+mtibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZjI5ZTg3MzgyMTU5Y2E1ZTgxMzg3ZDdlZTc3ZTUxMmZh
ZDE2MzYwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQxNjIwODYxMzY4NzhiODczOTE2ZDk2MjRhMjY0ZmE4NTlhYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W6MxnAnagUEb8yhzGFCQSEIbRFZ
FaNqoaS1NY+OSXC8hLjVk1Z/ZKRhYxT5pYVP9g8OSTS3wXdjegpb4qSNzmFrkooK
MCh8CtKnHyzmu4O0eHhk/mAecmqA1/bmaFrDojngDmGccj6A2zCvvTL94ok5+VF2
B22JUDnHQVXL7MQgnEhYA96e+OQDngixPEuvzFnBDlGxKd1vqqmdsBWJCrjtUsHb
aYJHhCkuS6I6g7YvdiqKaSJk7/k6mRP3jr2rrBskrpqy5a+jIKWdL7xTMZ91n0ND
7+av2umi73r8myb7NjiKtBBah8vZq6jjX0VQJEa+Foo4MR0q5mWnGvezwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHtBYghhNoeLhzkW2WJKJk+oWaugMB8GA1UdIwQY
MBaAFHjynoc4IVnKXoE4fX7nflEvrRY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQt
ODJmODljYmEyNmQ4LzEvZTBGaUNHRTJoNHVIT1JiWllrb21UNmhacTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGI0OGItNDYyZS00NWE2LTg2MGQtODJmODljYmEyNmQ4
LzEvZVBLZWh6Z2hXY3BlZ1RoOWZ1ZC1VUy10RmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwpogMA0E
AgACMAcDBQMqFGcAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ9oU0MoCNtBEy3pImDYEf
uJ47HAnIIetJsfkK/71u176hLgfwxotHh1s1LATQPy07h2NJR0B2ir/brf7UcLZR
XLFS0rKOFU9UzQ9Lcwq6nV2tdVM4RixMbW43FEvgVnFzIZhtKF7vlTLHoWqJDsqi
rUtS107DCqIjy56vP98ApFPFx0vJgwqlwQymUXKjRa2DVifs1lFinDT5T2Nbjbqy
ysjgjXbTwTUFZiyf4OfYgQhJVKG+2XWaYwKOnY29Dwif0l9cRg1XRu9lXwwgexjr
S7qsiJRdXOaBK16Rw0DN2viqqao4a99CVb/c7Lh5NdkZHSPKOJKrGFZliIYcuxpi
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:51:44 2025 by rpki-client