Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/la3LJyTRemIGpoO4C2OhAj8ExTs.roa
File: la3LJyTRemIGpoO4C2OhAj8ExTs.roa (raw, json)
Hash identifier: J7Um7J7p7qJ6K79KO3TavAFi54TF7k+m0ZR96AxkzSY=
Subject key identifier: 95:AD:CB:27:24:D1:7A:62:06:A6:83:B8:0B:63:A1:02:3F:04:C5:3B
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB38D275276B0442E4C2BED08CF6CF
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/la3LJyTRemIGpoO4C2OhAj8ExTs.roa
Signing time: Wed 01 Jan 2025 17:47:56 +0000
ROA not before: Wed 01 Jan 2025 17:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:38:d2:75:27:6b:04:42:e4:c2:be:d0:8c:f6:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95adcb2724d17a6206a683b80b63a1023f04c53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:c2:79:24:a7:36:42:43:92:b6:f5:bd:16:
9f:38:09:e0:b5:8a:66:cb:65:52:4f:3e:c2:f7:32:
dc:c7:c5:58:cf:a7:ce:75:5f:df:51:02:5d:1d:00:
be:de:b7:64:fc:81:62:40:18:5b:3a:8a:fd:d7:b1:
ba:a7:91:fe:7d:93:cc:b4:08:19:80:dd:f5:ed:1f:
40:c9:00:83:88:ef:8f:d0:e6:a0:2a:6b:66:1d:6f:
74:20:0f:f3:45:97:13:7b:8a:76:a4:54:20:97:e5:
3a:20:d7:da:e6:4b:bb:b7:ab:93:c4:4f:b4:4b:53:
0b:95:1e:c7:82:53:3b:91:49:e9:95:6b:be:38:fd:
21:65:25:c1:17:2f:14:37:2e:16:09:88:00:47:71:
d3:c6:4d:3e:c1:b7:b9:22:fa:63:97:29:4a:b3:64:
c9:43:19:ba:b2:1f:dd:bd:50:22:bd:f3:c1:29:b0:
12:31:f5:84:85:10:68:c2:52:39:08:89:22:fa:42:
77:e6:91:21:f4:86:bb:c1:cd:33:9b:27:5f:9b:dd:
76:6d:8c:b9:fe:eb:03:40:a8:bd:2b:b2:b2:0b:ac:
5f:62:0a:1d:1f:71:f0:6f:fc:7b:18:5e:de:36:30:
5d:31:12:6c:95:45:9b:c1:79:db:8a:ad:60:9e:22:
cf:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AD:CB:27:24:D1:7A:62:06:A6:83:B8:0B:63:A1:02:3F:04:C5:3B
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/la3LJyTRemIGpoO4C2OhAj8ExTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
54:d4:0c:cf:5b:11:4a:31:ee:d2:78:87:07:62:cd:46:97:26:
bb:05:f0:3b:36:23:41:31:bf:14:7f:c2:96:06:bc:fb:94:64:
c6:c5:89:92:d8:f5:91:b6:68:c4:30:a2:8d:f3:ae:a7:c9:ec:
c6:a7:6a:f5:56:32:83:33:2d:c8:f7:a6:12:c1:c5:c2:45:1e:
58:f7:c4:eb:42:ed:49:31:a1:df:9b:0b:92:dd:6a:73:48:be:
90:dc:f8:b6:3c:78:10:6a:f5:54:25:7f:b6:45:b1:7d:1a:f6:
7b:7c:26:b8:07:6d:6a:5f:43:13:86:71:73:16:2a:e6:7a:6e:
2b:a2:fa:41:bb:3b:ea:d5:cb:1d:f7:b2:0a:d1:55:2a:22:5f:
5b:03:b6:de:06:f7:ba:61:e7:58:a8:58:b3:cd:11:fa:e3:0f:
89:9d:ea:d9:b2:7e:63:5f:6e:06:d7:e0:5d:50:85:6b:2b:6d:
58:74:68:47:fa:00:50:82:86:04:ca:5c:5f:d6:be:06:cf:04:
14:1c:2c:9b:48:f3:69:ac:b7:58:94:b9:4e:c8:4b:3c:5b:31:
28:6e:2f:b8:e2:9f:fb:20:05:4c:22:c6:2b:96:95:b2:da:cd:
6a:19:d8:92:fd:6b:1c:61:bf:db:61:20:25:92:0a:c6:e9:57:
3e:d2:f9:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zjSdSdrBELkwr7QjPbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFkY2IyNzI0ZDE3YTYyMDZhNjgzYjgwYjYzYTEwMjNmMDRjNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR3CeSSnNkJDkrb1vRafOAngtYpm
y2VSTz7C9zLcx8VYz6fOdV/fUQJdHQC+3rdk/IFiQBhbOor917G6p5H+fZPMtAgZ
gN317R9AyQCDiO+P0OagKmtmHW90IA/zRZcTe4p2pFQgl+U6INfa5ku7t6uTxE+0
S1MLlR7HglM7kUnplWu+OP0hZSXBFy8UNy4WCYgAR3HTxk0+wbe5IvpjlylKs2TJ
Qxm6sh/dvVAivfPBKbASMfWEhRBowlI5CIki+kJ35pEh9Ia7wc0zmydfm912bYy5
/usDQKi9K7KyC6xfYgodH3Hwb/x7GF7eNjBdMRJslUWbwXnbiq1gniLPHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWtyyck0XpiBqaDuAtjoQI/BMU7MB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvbGEzTEp5VFJlbUlHcG9PNEMyT2hBajhFeFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQBU1AzPWxFKMe7SeIcHYs1Glya7BfA7NiNBMb8Uf8KW
Brz7lGTGxYmS2PWRtmjEMKKN866nyezGp2r1VjKDMy3I96YSwcXCRR5Y98TrQu1J
MaHfmwuS3WpzSL6Q3Pi2PHgQavVUJX+2RbF9GvZ7fCa4B21qX0MThnFzFirmem4r
ovpBuzvq1csd97IK0VUqIl9bA7beBve6YedYqFizzRH64w+JnerZsn5jX24G1+Bd
UIVrK21YdGhH+gBQgoYEylxf1r4GzwQUHCybSPNprLdYlLlOyEs8WzEobi+44p/7
IAVMIsYrlpWy2s1qGdiS/WscYb/bYSAlkgrG6Vc+0vkk
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:05:22 2025 by rpki-client