Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/10P_4O058z-wsGlbIoyc-1X7KZo.roa
File: 10P_4O058z-wsGlbIoyc-1X7KZo.roa (raw, json)
Hash identifier: 6usDKx0hvYLY0qRPZNcVlGNdbEq5S+kihIwks5AYZ50=
Subject key identifier: D7:43:FF:E0:ED:39:F3:3F:B0:B0:69:5B:22:8C:9C:FB:55:FB:29:9A
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 019440E41D40A5DAEA62C50D4B9419FE838F
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/10P_4O058z-wsGlbIoyc-1X7KZo.roa
Signing time: Tue 07 Jan 2025 13:11:18 +0000
ROA not before: Tue 07 Jan 2025 13:11:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215003
IP address blocks: 194.40.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Jan 2025 12:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:e4:1d:40:a5:da:ea:62:c5:0d:4b:94:19:fe:83:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 7 13:11:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d743ffe0ed39f33fb0b0695b228c9cfb55fb299a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:0c:7e:c5:2d:58:bb:ca:70:e2:b5:5f:4f:73:
80:2f:5c:f3:b5:d2:a5:30:f7:c5:25:9b:01:33:10:
51:c5:91:15:52:41:f6:ba:2f:b5:fc:e8:9f:4e:4c:
5d:bd:f4:9f:20:66:f1:13:c5:58:dd:0a:4c:95:8f:
3e:ab:67:36:95:29:28:e7:8f:7c:7b:7d:6f:f3:4c:
7e:39:7e:46:9d:a8:65:4e:0d:96:37:88:7f:f8:19:
93:c1:98:0d:f4:1f:dc:dd:0c:b4:10:59:c4:f1:c2:
70:d2:d2:41:3a:55:85:f2:77:f7:a7:29:8d:14:dc:
aa:a2:fe:27:2a:c0:3c:06:c6:da:a8:59:fc:84:c0:
3d:c7:78:8a:41:77:03:fe:f0:ca:51:9c:1f:f9:69:
a0:7b:53:8c:ed:3f:ce:d1:69:65:44:5d:dc:30:46:
4b:7e:44:f6:c0:9b:47:d4:11:6f:2c:96:0f:0b:db:
c5:df:a0:aa:b5:b9:56:25:59:20:57:6a:df:c7:e5:
35:10:6e:6f:21:c3:18:25:e0:49:f9:45:75:89:3e:
cf:5a:20:c1:46:89:8d:30:96:e0:cf:80:54:17:90:
3c:f4:e8:39:b1:71:1a:b5:fd:7e:5d:78:a1:3a:67:
91:d8:69:ca:c7:7c:fd:d3:fd:4c:d0:0c:ab:7c:b3:
07:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:43:FF:E0:ED:39:F3:3F:B0:B0:69:5B:22:8C:9C:FB:55:FB:29:9A
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/10P_4O058z-wsGlbIoyc-1X7KZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.40.240.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b0:fa:6b:a6:7f:18:0d:1f:1c:4f:54:08:21:cd:7b:65:08:
39:a8:28:e2:d6:3d:60:4f:c1:da:15:94:49:8b:4e:00:5e:fc:
f3:d4:dc:37:bd:34:63:43:a0:9e:85:01:57:e1:d1:53:f0:0c:
b8:82:ed:bb:3d:eb:2c:fd:7c:ab:95:c4:26:9a:66:9f:f1:ae:
c5:32:f3:72:24:b2:ec:36:87:66:be:d0:d2:e1:5a:61:fd:14:
42:c7:d0:d7:7a:98:57:09:50:8e:c2:54:d2:63:ed:c3:e2:3a:
65:2a:aa:dd:68:4e:59:c4:8e:68:55:fd:a0:d7:22:9e:06:cb:
4c:9d:a2:27:c6:64:6d:51:e1:c4:a4:16:47:11:fd:4a:82:41:
ff:96:f9:ab:61:c9:26:0a:62:f5:46:01:ae:27:bd:78:16:97:
4f:0e:f5:d0:61:1f:f6:f4:7c:80:11:79:8b:bd:ae:8e:cd:03:
8a:f2:d3:80:15:47:b7:33:28:93:df:6d:1e:9f:db:07:f3:fe:
e8:d1:20:48:b6:dd:f6:7d:48:20:38:68:48:47:90:3e:27:2b:
fa:b8:41:95:fb:40:cd:c1:db:7b:70:b0:86:13:25:16:6d:dc:
88:55:43:15:c8:ba:5c:b5:08:20:9a:e4:cb:dd:32:36:73:4e:
49:0e:22:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRA5B1ApdrqYsUNS5QZ/oOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMTA3MTMxMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQzZmZlMGVkMzlmMzNmYjBiMDY5NWIyMjhjOWNmYjU1ZmIyOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Qx+xS1Yu8pw4rVfT3OAL1zztdKl
MPfFJZsBMxBRxZEVUkH2ui+1/OifTkxdvfSfIGbxE8VY3QpMlY8+q2c2lSko5498
e31v80x+OX5GnahlTg2WN4h/+BmTwZgN9B/c3Qy0EFnE8cJw0tJBOlWF8nf3pymN
FNyqov4nKsA8BsbaqFn8hMA9x3iKQXcD/vDKUZwf+Wmge1OM7T/O0WllRF3cMEZL
fkT2wJtH1BFvLJYPC9vF36CqtblWJVkgV2rfx+U1EG5vIcMYJeBJ+UV1iT7PWiDB
RomNMJbgz4BUF5A89Og5sXEatf1+XXihOmeR2GnKx3z90/1M0AyrfLMHDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdD/+DtOfM/sLBpWyKMnPtV+ymaMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvMTBQXzRPMDU4ei13c0dsYklveWMtMVg3S1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwijwMA0G
CSqGSIb3DQEBCwUAA4IBAQAmsPprpn8YDR8cT1QIIc17ZQg5qCji1j1gT8HaFZRJ
i04AXvzz1Nw3vTRjQ6CehQFX4dFT8Ay4gu27Pess/XyrlcQmmmaf8a7FMvNyJLLs
NodmvtDS4Vph/RRCx9DXephXCVCOwlTSY+3D4jplKqrdaE5ZxI5oVf2g1yKeBstM
naInxmRtUeHEpBZHEf1KgkH/lvmrYckmCmL1RgGuJ714FpdPDvXQYR/29HyAEXmL
va6OzQOK8tOAFUe3MyiT320en9sH8/7o0SBItt32fUggOGhIR5A+Jyv6uEGV+0DN
wdt7cLCGEyUWbdyIVUMVyLpctQggmuTL3TI2c05JDiIJ
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:45:29 2025 by rpki-client