Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PVoSDME9GPBaVTXrgabfhhWPznc.roa
File: PVoSDME9GPBaVTXrgabfhhWPznc.roa (raw, json)
Hash identifier: C2j2kQKmCsHTE4yoKraAHk1fM4O0LyQmgcQSO9W4gEw=
Subject key identifier: 3D:5A:12:0C:C1:3D:18:F0:5A:55:35:EB:81:A6:DF:86:15:8F:CE:77
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019428251C695D01B14C328E9DB146429369
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PVoSDME9GPBaVTXrgabfhhWPznc.roa
Signing time: Thu 02 Jan 2025 17:51:48 +0000
ROA not before: Thu 02 Jan 2025 17:51:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398373
IP address blocks: 194.87.41.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 05:58:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:1c:69:5d:01:b1:4c:32:8e:9d:b1:46:42:93:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 17:51:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d5a120cc13d18f05a5535eb81a6df86158fce77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e7:62:4c:0a:2d:20:59:ba:1e:f3:e1:19:70:
a4:79:2a:47:79:72:d5:f0:9c:24:0c:b4:e8:fc:fd:
b9:f1:84:05:46:ef:8d:78:13:67:a6:6a:45:8f:37:
73:51:e5:63:23:5e:d7:aa:03:15:e9:77:bc:22:e9:
a6:9f:47:4f:98:6a:ce:e8:e4:0f:7f:7e:71:6f:89:
24:3e:d9:e2:2c:cf:e7:91:c4:2f:e7:2b:42:4e:e3:
77:9e:43:85:42:d7:77:8e:48:b2:c0:84:df:09:bf:
bc:52:e5:b0:9a:c4:be:08:bf:7a:65:e9:37:9e:82:
5a:70:bb:ee:75:9c:4f:26:c6:09:9a:12:09:62:93:
44:63:c8:17:bb:8d:e1:ce:f6:da:d5:54:03:b5:3e:
f3:3a:07:15:30:aa:59:35:a3:b2:55:94:8b:35:9f:
bf:db:a0:96:bb:bd:18:0e:91:0c:db:4a:50:3d:f2:
2f:ed:c3:59:26:1b:96:52:13:ff:76:90:20:7e:9f:
8e:04:92:71:fd:95:43:ef:f8:98:1f:ec:a8:c5:fd:
c4:da:1c:24:ed:28:26:91:4d:26:fa:98:d0:f5:87:
05:6d:54:cd:06:1a:2f:1c:cd:24:43:e0:60:6c:d8:
46:4b:19:a0:3a:e3:60:35:8f:50:2c:4d:ea:f1:37:
d5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5A:12:0C:C1:3D:18:F0:5A:55:35:EB:81:A6:DF:86:15:8F:CE:77
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PVoSDME9GPBaVTXrgabfhhWPznc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.41.0/24
194.87.61.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:88:95:b9:88:e0:a8:2c:e7:74:52:77:cd:98:89:fa:69:0a:
b1:c5:a4:de:82:3d:77:95:6c:7e:5e:76:cf:48:aa:c4:24:91:
09:b0:b7:71:3b:9f:f1:df:52:6d:68:4a:7a:07:71:d1:a3:28:
62:06:4b:ce:7b:c5:fb:de:a5:1b:9a:e5:11:66:33:2c:6a:cd:
3c:be:33:9a:bf:97:5f:a3:14:d3:1c:1f:48:d5:6d:74:fd:a0:
ff:bb:be:a7:3e:0b:b9:e4:5a:54:9c:7d:65:66:7b:bf:82:b1:
15:92:e8:48:63:21:52:1a:38:30:38:50:84:2a:a6:f1:46:66:
42:83:32:b8:d9:7b:c5:b8:5f:1d:4d:c9:28:dd:6e:06:c9:bc:
99:56:13:63:bd:39:0e:ef:ef:32:a1:46:0f:d5:19:fe:f7:cb:
fe:21:e2:43:ba:50:b7:69:7a:c3:18:dc:f0:5c:68:7b:88:55:
75:45:f1:8b:f0:04:83:7d:6d:76:5b:cd:df:40:40:bb:df:ce:
be:ca:26:dc:69:dc:5b:16:95:0c:6a:59:c4:02:1d:e6:0d:e8:
d3:ed:e5:4f:f9:55:18:19:b9:f5:d9:3b:19:ae:26:a1:ff:d8:
3b:7f:7f:54:bf:33:3b:84:4b:89:d4:d6:d0:af:ac:9f:6d:66:
b6:c7:03:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJRxpXQGxTDKOnbFGQpNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMTAyMTc1MTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDVhMTIwY2MxM2QxOGYwNWE1NTM1ZWI4MWE2ZGY4NjE1OGZjZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvudiTAotIFm6HvPhGXCkeSpHeXLV
8JwkDLTo/P258YQFRu+NeBNnpmpFjzdzUeVjI17XqgMV6Xe8Iummn0dPmGrO6OQP
f35xb4kkPtniLM/nkcQv5ytCTuN3nkOFQtd3jkiywITfCb+8UuWwmsS+CL96Zek3
noJacLvudZxPJsYJmhIJYpNEY8gXu43hzvba1VQDtT7zOgcVMKpZNaOyVZSLNZ+/
26CWu70YDpEM20pQPfIv7cNZJhuWUhP/dpAgfp+OBJJx/ZVD7/iYH+yoxf3E2hwk
7SgmkU0m+pjQ9YcFbVTNBhovHM0kQ+BgbNhGSxmgOuNgNY9QLE3q8TfVHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1aEgzBPRjwWlU164Gm34YVj853MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUFZvU0RNRTlHUEJhVlRYcmdhYmZoaFdQem5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlcpAwQA
wlc9MA0GCSqGSIb3DQEBCwUAA4IBAQAbiJW5iOCoLOd0UnfNmIn6aQqxxaTegj13
lWx+XnbPSKrEJJEJsLdxO5/x31JtaEp6B3HRoyhiBkvOe8X73qUbmuURZjMsas08
vjOav5dfoxTTHB9I1W10/aD/u76nPgu55FpUnH1lZnu/grEVkuhIYyFSGjgwOFCE
KqbxRmZCgzK42XvFuF8dTcko3W4GybyZVhNjvTkO7+8yoUYP1Rn+98v+IeJDulC3
aXrDGNzwXGh7iFV1RfGL8ASDfW12W83fQEC7386+yibcadxbFpUMalnEAh3mDejT
7eVP+VUYGbn12TsZriah/9g7f39UvzM7hEuJ1NbQr6yfbWa2xwPW
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:10:42 2025 by rpki-client