Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wNiWCUBBcCzHHAUbovNz7bdGC7o.roa
File: wNiWCUBBcCzHHAUbovNz7bdGC7o.roa (raw, json)
Hash identifier: g7fNT2I6QkJvaZk0WfvXcpdfx4FMXsMEHpZ3eIFv4dU=
Subject key identifier: C0:D8:96:09:40:41:70:2C:C7:1C:05:1B:A2:F3:73:ED:B7:46:0B:BA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01954C3769272CEA6734A15A114CACEC90BF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wNiWCUBBcCzHHAUbovNz7bdGC7o.roa
Signing time: Fri 28 Feb 2025 11:00:54 +0000
ROA not before: Fri 28 Feb 2025 11:00:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61138
IP address blocks: 194.87.119.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 12:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:37:69:27:2c:ea:67:34:a1:5a:11:4c:ac:ec:90:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 28 11:00:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0d896094041702cc71c051ba2f373edb7460bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:67:79:36:88:8a:c7:85:ec:9c:2b:59:93:0e:
99:1a:39:9c:ee:ae:57:ec:9e:55:aa:84:36:60:86:
f4:5a:83:c3:aa:56:b3:98:8a:78:28:87:5f:14:0f:
6f:35:6b:d2:50:24:6c:8c:45:e1:9b:ee:e7:cc:6c:
63:9c:48:99:a4:2f:67:8c:59:ff:1a:fd:1d:44:84:
9f:22:a9:32:31:97:0e:a9:db:58:b7:89:cd:e3:66:
37:9d:e6:e2:90:22:73:a3:1a:fa:33:ae:59:54:59:
8f:df:16:5e:32:59:32:0d:9f:77:2b:14:f9:3f:e0:
bf:9b:e6:85:d7:fe:f5:cc:ab:bc:28:d5:1d:28:d0:
b7:99:44:81:7a:be:45:c6:21:74:ab:62:87:d3:ad:
ae:56:60:5f:42:8c:d5:16:67:6c:8c:53:85:2c:f7:
e1:b5:ae:a0:f3:be:3d:2d:75:69:41:d4:09:f7:49:
6c:d9:cf:c7:47:3b:f7:49:ed:e9:d3:1f:db:2d:c4:
ce:eb:54:80:e9:7b:4a:62:6f:5b:aa:9a:e9:67:56:
0f:36:51:46:0f:1e:c1:02:94:bc:16:10:e8:4d:1c:
9d:0c:14:ad:3b:41:0a:1d:c1:f0:1c:eb:7e:51:5d:
fe:be:53:0f:bb:b6:49:a3:2a:c8:ae:ac:71:53:29:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D8:96:09:40:41:70:2C:C7:1C:05:1B:A2:F3:73:ED:B7:46:0B:BA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/wNiWCUBBcCzHHAUbovNz7bdGC7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.119.0/24
194.87.168.0/24
Signature Algorithm: sha256WithRSAEncryption
84:96:4d:3a:b1:c4:98:2c:4e:e9:92:03:0c:89:97:74:de:07:
53:3c:dd:c0:ed:42:42:3b:45:ec:90:4c:b5:d2:42:41:45:75:
7c:90:02:e8:a5:75:23:6d:70:e4:22:60:84:78:37:1b:bb:f2:
58:fd:2d:92:4a:98:a4:b3:2d:30:a7:cb:10:a4:11:ca:bb:e4:
4a:b3:58:60:46:2e:13:bc:79:4f:12:a2:45:b2:cd:95:32:2c:
be:a2:6c:b7:75:fb:f5:34:01:8e:d1:72:f6:62:58:58:3e:02:
2c:b7:0c:d6:09:67:ab:c4:54:b4:e1:d2:a2:04:ff:81:26:30:
ea:9d:a5:3f:a2:5a:d7:00:80:07:fd:a4:6e:13:de:33:f9:9e:
d6:64:42:86:c7:7a:c5:05:f6:0b:e8:80:da:f0:22:62:1d:67:
9e:a6:f1:dd:8f:ed:7f:52:f6:3c:43:93:3d:c1:bb:cf:1d:2a:
23:db:23:f2:c8:74:c1:f6:f1:75:cd:3e:01:a7:3b:65:4b:f0:
7b:31:f7:32:35:53:59:36:a2:b0:3f:ae:62:b1:33:76:d7:72:
cf:5f:2c:86:76:d9:99:4d:fa:70:ab:37:b5:99:cc:68:b1:06:
e4:7a:3a:2b:ae:20:73:d7:eb:e1:79:61:1d:8d:1a:4f:e8:c3:
bd:1e:ce:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVMN2knLOpnNKFaEUys7JC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjI4MTEwMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ4OTYwOTQwNDE3MDJjYzcxYzA1MWJhMmYzNzNlZGI3NDYwYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWd5NoiKx4XsnCtZkw6ZGjmc7q5X
7J5VqoQ2YIb0WoPDqlazmIp4KIdfFA9vNWvSUCRsjEXhm+7nzGxjnEiZpC9njFn/
Gv0dRISfIqkyMZcOqdtYt4nN42Y3nebikCJzoxr6M65ZVFmP3xZeMlkyDZ93KxT5
P+C/m+aF1/71zKu8KNUdKNC3mUSBer5FxiF0q2KH062uVmBfQozVFmdsjFOFLPfh
ta6g8749LXVpQdQJ90ls2c/HRzv3Se3p0x/bLcTO61SA6XtKYm9bqprpZ1YPNlFG
Dx7BApS8FhDoTRydDBStO0EKHcHwHOt+UV3+vlMPu7ZJoyrIrqxxUykAUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMDYlglAQXAsxxwFG6Lzc+23Rgu6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvd05pV0NVQkJjQ3pISEFVYm92Tno3YmRHQzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwld3AwQA
wleoMA0GCSqGSIb3DQEBCwUAA4IBAQCElk06scSYLE7pkgMMiZd03gdTPN3A7UJC
O0XskEy10kJBRXV8kALopXUjbXDkImCEeDcbu/JY/S2SSpiksy0wp8sQpBHKu+RK
s1hgRi4TvHlPEqJFss2VMiy+omy3dfv1NAGO0XL2YlhYPgIstwzWCWerxFS04dKi
BP+BJjDqnaU/olrXAIAH/aRuE94z+Z7WZEKGx3rFBfYL6IDa8CJiHWeepvHdj+1/
UvY8Q5M9wbvPHSoj2yPyyHTB9vF1zT4BpztlS/B7MfcyNVNZNqKwP65isTN213LP
XyyGdtmZTfpwqze1mcxosQbkejorriBz1+vheWEdjRpP6MO9Hs59
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:26:39 2025 by rpki-client