Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fjiKwNt6WOr0POx3rvb3_GS7FF8.roa
File: fjiKwNt6WOr0POx3rvb3_GS7FF8.roa (raw, json)
Hash identifier: uJj094wrs1wriIH+FUbcXFNtjTqu06RXXAtQK0dRgvg=
Subject key identifier: 7E:38:8A:C0:DB:7A:58:EA:F4:3C:EC:77:AE:F6:F7:FC:64:BB:14:5F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01936F95D42B2EE2154627948EEB74C424BD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fjiKwNt6WOr0POx3rvb3_GS7FF8.roa
Signing time: Wed 27 Nov 2024 21:45:10 +0000
ROA not before: Wed 27 Nov 2024 21:45:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 192.124.170.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Dec 2024 16:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6f:95:d4:2b:2e:e2:15:46:27:94:8e:eb:74:c4:24:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 27 21:45:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e388ac0db7a58eaf43cec77aef6f7fc64bb145f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a8:6c:d3:60:d3:52:59:1e:f8:8e:0f:68:cf:
fe:ae:37:60:ab:a9:5f:de:7a:d0:1d:c6:15:4a:c1:
6b:2b:92:b4:d7:a0:dc:22:16:ba:b5:6f:40:da:0d:
8b:b5:0a:97:f8:53:d9:1e:7e:f5:2c:48:cc:be:01:
4c:1b:04:99:c2:2d:38:08:2a:b9:a9:f8:3b:80:db:
d6:99:57:f6:81:32:10:4d:88:fc:7a:99:a7:14:90:
d6:4a:27:c6:1d:e2:f5:f0:fa:f4:8f:d4:09:78:df:
3c:78:96:e5:d3:64:0b:40:10:bb:f3:c6:e3:ce:44:
d2:15:2e:1b:cf:1e:02:9d:15:26:ae:9c:79:16:4d:
b4:54:87:6f:80:49:e2:77:46:63:e7:25:fc:ea:c2:
51:2b:e7:2e:c8:64:e2:ef:7c:f2:41:36:6b:74:0e:
09:ea:5d:80:6a:b0:45:95:80:95:26:8e:a5:11:20:
bb:ea:0e:46:dd:6f:18:b5:d4:f4:8d:53:53:2c:46:
5c:74:ca:f9:a9:ab:ea:41:56:cf:47:f5:d3:ad:ad:
b2:3e:ab:7f:ce:ef:c6:68:30:08:28:b2:8d:72:7f:
16:f2:f1:58:1e:e6:3b:ca:ce:72:01:72:17:35:9e:
72:ab:53:ab:f0:c7:d2:b8:fc:c9:c5:64:fe:90:12:
f7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:38:8A:C0:DB:7A:58:EA:F4:3C:EC:77:AE:F6:F7:FC:64:BB:14:5F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fjiKwNt6WOr0POx3rvb3_GS7FF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.170.0/24
192.124.180.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:00:3b:2d:a0:dc:41:1b:7c:94:34:20:27:b4:8e:71:05:6b:
22:b2:ac:e1:21:7d:9c:d6:56:c6:fd:f9:01:ee:34:36:c0:cf:
09:a5:2d:02:8b:b7:ed:ab:99:f2:c3:50:a6:73:8c:87:ae:c0:
28:58:1f:73:77:3b:4d:6c:54:55:2d:f6:52:bf:62:88:cf:10:
0c:18:9b:8f:97:a4:80:9c:61:fd:ff:b2:d1:28:1e:37:d9:fc:
5f:ba:96:8d:0c:5b:3e:fb:49:63:2e:fe:86:85:55:5a:c4:58:
87:2a:8b:df:b8:d0:ed:7f:60:d7:66:70:fc:0f:10:34:58:c0:
24:6f:b5:c3:07:48:68:93:ea:f4:59:2a:bb:8f:47:aa:5d:f0:
07:c1:42:0e:dd:0f:21:71:db:60:1d:3e:71:1e:06:98:f2:ea:
12:52:a3:fe:a9:9b:0b:b3:a4:25:ac:0d:00:d7:7e:2b:54:ab:
fd:64:5d:38:a8:bc:a0:a6:f9:76:5f:24:a9:c0:1e:ef:2f:9a:
d5:02:25:f8:55:96:7e:50:13:8a:5f:bd:f7:1b:ee:2d:4c:31:
ad:c1:1a:f6:ff:13:84:71:07:b3:b4:ec:66:02:10:d4:c5:6a:
13:3b:a4:ed:f7:d9:14:d5:05:36:b1:e9:de:68:73:3f:bb:85:
2c:6e:1f:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNvldQrLuIVRieUjut0xCS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTI3MjE0NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTM4OGFjMGRiN2E1OGVhZjQzY2VjNzdhZWY2ZjdmYzY0YmIxNDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKhs02DTUlke+I4PaM/+rjdgq6lf
3nrQHcYVSsFrK5K016DcIha6tW9A2g2LtQqX+FPZHn71LEjMvgFMGwSZwi04CCq5
qfg7gNvWmVf2gTIQTYj8epmnFJDWSifGHeL18Pr0j9QJeN88eJbl02QLQBC788bj
zkTSFS4bzx4CnRUmrpx5Fk20VIdvgEnid0Zj5yX86sJRK+cuyGTi73zyQTZrdA4J
6l2AarBFlYCVJo6lESC76g5G3W8YtdT0jVNTLEZcdMr5qavqQVbPR/XTra2yPqt/
zu/GaDAIKLKNcn8W8vFYHuY7ys5yAXIXNZ5yq1Or8MfSuPzJxWT+kBL3yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH44isDbeljq9Dzsd6729/xkuxRfMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZmppS3dOdDZXT3IwUE94M3J2YjNfR1M3RkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHyqAwQA
wHy0MA0GCSqGSIb3DQEBCwUAA4IBAQBcADstoNxBG3yUNCAntI5xBWsisqzhIX2c
1lbG/fkB7jQ2wM8JpS0Ci7ftq5nyw1Cmc4yHrsAoWB9zdztNbFRVLfZSv2KIzxAM
GJuPl6SAnGH9/7LRKB432fxfupaNDFs++0ljLv6GhVVaxFiHKovfuNDtf2DXZnD8
DxA0WMAkb7XDB0hok+r0WSq7j0eqXfAHwUIO3Q8hcdtgHT5xHgaY8uoSUqP+qZsL
s6QlrA0A134rVKv9ZF04qLygpvl2XySpwB7vL5rVAiX4VZZ+UBOKX733G+4tTDGt
wRr2/xOEcQeztOxmAhDUxWoTO6Tt99kU1QU2seneaHM/u4Usbh/J
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:16:17 2025 by rpki-client