Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3mEJdKMqslp509j4bihVuys0mKE.roa
File: 3mEJdKMqslp509j4bihVuys0mKE.roa (raw, json)
Hash identifier: m3h1Y6CLC7FibqL7+G+JxAb2Lz+007eRl8xj4zWHW9A=
Subject key identifier: DE:61:09:74:A3:2A:B2:5A:79:D3:D8:F8:6E:28:55:BB:2B:34:98:A1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193C0B4B4622F849B4CCD68323AE5D648A3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3mEJdKMqslp509j4bihVuys0mKE.roa
Signing time: Fri 13 Dec 2024 15:48:08 +0000
ROA not before: Fri 13 Dec 2024 15:48:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211373
IP address blocks: 193.108.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:b4:b4:62:2f:84:9b:4c:cd:68:32:3a:e5:d6:48:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 13 15:48:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de610974a32ab25a79d3d8f86e2855bb2b3498a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:62:35:51:86:57:aa:c4:d7:7d:cf:54:8a:08:
37:58:43:e8:40:7d:be:b4:0d:2e:77:47:dd:16:86:
9c:f0:c1:db:a5:0e:ba:90:72:9e:5f:88:14:3c:cc:
85:90:6a:7c:fb:30:18:f8:6a:51:8c:1e:a3:59:31:
d2:2c:5b:d3:17:6e:10:68:e7:6b:da:41:69:65:cf:
94:86:e0:03:db:0e:b9:dd:d0:e4:07:5a:d4:5a:f9:
52:58:6e:15:1e:08:df:61:63:90:ba:39:fb:2f:c0:
e8:d7:1b:c6:2e:28:26:7a:3e:da:dd:89:bc:7d:df:
1f:11:5c:65:7d:66:c7:58:32:0c:18:d9:62:1f:a9:
aa:60:d8:ab:30:1e:7a:94:cb:cd:8e:3b:4e:11:e2:
54:24:fd:7f:5b:1f:ae:1d:84:3f:d8:cd:d5:34:80:
23:20:43:71:27:1c:4b:dc:80:d7:ad:74:1a:10:39:
a5:fd:48:cf:d2:a6:a9:91:f8:dc:f6:66:f5:14:a1:
ee:7b:42:82:cd:66:ed:3d:75:33:45:cf:8a:ea:b1:
c2:5b:8f:54:35:c0:0e:b6:74:95:14:32:eb:6b:07:
ae:c8:50:9d:01:b2:7a:39:3e:a6:b7:4f:37:e2:f0:
71:56:c3:1c:85:37:54:fd:dd:65:50:cc:e7:f4:b3:
46:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:61:09:74:A3:2A:B2:5A:79:D3:D8:F8:6E:28:55:BB:2B:34:98:A1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/3mEJdKMqslp509j4bihVuys0mKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.112.0/24
Signature Algorithm: sha256WithRSAEncryption
90:8f:43:f7:26:cc:8f:36:e4:43:18:83:12:d1:45:ce:3e:4a:
a8:89:7a:9d:ef:46:6d:d7:09:98:c7:f1:64:f9:6e:10:be:32:
4b:1b:36:74:04:44:64:ab:bb:74:5b:c9:92:0f:b2:b1:28:1e:
cf:48:87:04:52:70:30:b8:15:e1:19:93:b1:56:fc:85:fe:b6:
d3:d0:32:90:93:f3:5a:51:62:b4:a7:6a:09:4b:75:a0:bc:83:
8b:61:fc:32:12:0b:c0:bf:8d:c7:06:56:af:3c:6d:61:50:54:
02:04:79:e5:f6:d7:ed:2c:74:5d:5b:e1:60:61:fb:b2:d7:21:
df:a5:c0:9e:ea:c7:2d:49:5d:06:57:83:20:ff:2a:5b:22:e0:
4f:dc:47:2e:06:c7:81:45:77:79:d4:d8:0e:f6:bf:c2:7a:be:
a7:bb:7b:3d:56:9b:f5:a6:cd:52:d6:49:55:9c:dc:31:b5:a2:
f4:78:79:58:00:da:4d:2a:c6:be:db:fa:99:d7:71:c8:ab:f3:
8d:42:98:64:3b:ed:ed:23:f5:cd:83:c9:d3:01:c1:28:d5:8c:
57:80:62:7e:cf:bb:2c:d5:03:41:f7:f6:cd:aa:f2:bf:55:00:
15:d7:39:26:5c:52:2a:fa:af:0c:97:3b:c1:cb:bb:89:36:eb:
97:6b:5c:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPAtLRiL4SbTM1oMjrl1kijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEzMTU0ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTYxMDk3NGEzMmFiMjVhNzlkM2Q4Zjg2ZTI4NTViYjJiMzQ5OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWI1UYZXqsTXfc9Uigg3WEPoQH2+
tA0ud0fdFoac8MHbpQ66kHKeX4gUPMyFkGp8+zAY+GpRjB6jWTHSLFvTF24QaOdr
2kFpZc+UhuAD2w653dDkB1rUWvlSWG4VHgjfYWOQujn7L8Do1xvGLigmej7a3Ym8
fd8fEVxlfWbHWDIMGNliH6mqYNirMB56lMvNjjtOEeJUJP1/Wx+uHYQ/2M3VNIAj
IENxJxxL3IDXrXQaEDml/UjP0qapkfjc9mb1FKHue0KCzWbtPXUzRc+K6rHCW49U
NcAOtnSVFDLraweuyFCdAbJ6OT6mt0834vBxVsMchTdU/d1lUMzn9LNGiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5hCXSjKrJaedPY+G4oVbsrNJihMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvM21FSmRLTXFzbHA1MDlqNGJpaFZ1eXMwbUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWxwMA0G
CSqGSIb3DQEBCwUAA4IBAQCQj0P3JsyPNuRDGIMS0UXOPkqoiXqd70Zt1wmYx/Fk
+W4QvjJLGzZ0BERkq7t0W8mSD7KxKB7PSIcEUnAwuBXhGZOxVvyF/rbT0DKQk/Na
UWK0p2oJS3WgvIOLYfwyEgvAv43HBlavPG1hUFQCBHnl9tftLHRdW+FgYfuy1yHf
pcCe6sctSV0GV4Mg/ypbIuBP3EcuBseBRXd51NgO9r/Cer6nu3s9Vpv1ps1S1klV
nNwxtaL0eHlYANpNKsa+2/qZ13HIq/ONQphkO+3tI/XNg8nTAcEo1YxXgGJ+z7ss
1QNB9/bNqvK/VQAV1zkmXFIq+q8MlzvBy7uJNuuXa1yY
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:31:11 2025 by rpki-client