Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/4PohR7OwGuwHEVM5gPaRHxeE1eA.roa
File: 4PohR7OwGuwHEVM5gPaRHxeE1eA.roa (raw, json)
Hash identifier: hkN/U9LH+iYS90fV6H0A+LxNtvOY89TqBF9CtdT1eIw=
Subject key identifier: E0:FA:21:47:B3:B0:1A:EC:07:11:53:39:80:F6:91:1F:17:84:D5:E0
Certificate issuer: /CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Certificate serial: 0194266BE44BD968C67DEF9A0C37D24894F0
Authority key identifier: 75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/4PohR7OwGuwHEVM5gPaRHxeE1eA.roa
Signing time: Thu 02 Jan 2025 09:49:52 +0000
ROA not before: Thu 02 Jan 2025 09:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208949
IP address blocks: 194.147.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 07:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e4:4b:d9:68:c6:7d:ef:9a:0c:37:d2:48:94:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75386a6fae1e55f576a405bd74b7f08e7a6c4653
Validity
Not Before: Jan 2 09:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0fa2147b3b01aec0711533980f6911f1784d5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:a2:75:ca:c5:da:19:98:30:92:d9:e5:2f:
62:b2:44:b3:d7:ed:34:e8:08:53:09:68:53:25:5f:
69:36:aa:e8:94:2c:58:48:5d:76:a1:d3:8f:a3:31:
80:d7:c8:9f:37:ba:eb:82:9f:aa:da:73:22:2a:8c:
19:a6:65:e1:d4:6a:ce:4b:0d:e0:44:7d:15:7c:ea:
79:5b:b5:df:f5:ef:ff:b3:f2:92:29:89:7e:0b:0d:
57:03:f2:71:6c:df:79:ae:7d:36:69:e4:99:a0:d1:
36:c4:be:b6:b3:4e:58:f4:1c:2b:26:14:23:13:19:
de:3d:f6:a1:3f:cc:c3:e0:b5:1a:ba:92:49:7e:ca:
4a:49:ba:d3:02:76:e4:71:11:da:2c:07:d9:27:ce:
48:c6:31:e2:fd:d1:75:fe:49:40:29:71:17:dd:75:
2b:e5:2f:29:97:18:a0:d5:4b:a8:29:bb:90:8f:06:
f2:0a:f9:89:4d:b4:69:2f:19:47:2a:a1:a4:d1:86:
57:1a:97:29:ef:01:8b:27:4f:57:fb:8b:e1:d9:94:
50:11:1e:46:59:39:15:24:b4:92:79:37:ad:e1:75:
1c:39:e1:43:25:9c:1e:c1:38:0c:c8:36:30:2b:90:
cc:b9:b6:1e:7b:d3:18:09:be:ac:73:cb:e0:8f:e9:
15:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FA:21:47:B3:B0:1A:EC:07:11:53:39:80:F6:91:1F:17:84:D5:E0
X509v3 Authority Key Identifier:
keyid:75:38:6A:6F:AE:1E:55:F5:76:A4:05:BD:74:B7:F0:8E:7A:6C:46:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dThqb64eVfV2pAW9dLfwjnpsRlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/4PohR7OwGuwHEVM5gPaRHxeE1eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/d9a01c-5c91-4d00-a09a-f8792f577b9a/1/dThqb64eVfV2pAW9dLfwjnpsRlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.44.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:0e:67:56:7a:1d:91:31:d0:63:72:54:bb:ad:1d:b5:8b:8b:
e1:77:cd:65:e9:56:86:92:a4:ba:1e:ec:65:45:6b:4c:6c:6f:
b1:b8:17:b9:8f:b1:ca:d0:ca:f8:d3:7f:17:31:8d:74:35:b4:
67:4c:b8:21:4d:77:1f:92:4c:63:35:86:06:63:9f:9f:b1:41:
23:d9:3b:37:71:63:99:fc:ed:20:52:d7:31:b8:2d:ea:c7:7a:
c0:d0:f8:03:16:54:f3:e1:ff:ec:45:15:26:ff:e0:47:7a:9f:
85:e9:9d:08:23:44:95:82:5d:31:8e:b0:06:ea:e4:c9:6a:9b:
6c:fa:4c:7e:b3:5c:82:39:13:b0:a0:22:ca:81:18:06:39:d6:
3a:c8:2f:f4:99:dc:50:69:9c:03:dc:77:af:7b:51:90:c2:b4:
f2:31:1d:f3:ea:e8:a9:9e:1b:b5:ed:17:a9:be:22:15:19:1c:
16:a6:75:81:84:0a:53:67:35:6d:b6:46:58:97:ea:d9:ba:bd:
6b:c0:6e:62:bd:24:b9:d3:e4:f8:b9:5e:34:1e:41:b9:7c:fa:
dd:38:72:3c:5d:5a:8e:1a:75:f8:a8:da:cd:e3:dc:c8:9d:cf:
70:97:bb:29:6e:2c:04:71:41:de:73:b9:e2:d9:08:41:c7:b2:
6d:e9:05:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma+RL2WjGfe+aDDfSSJTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1Mzg2YTZmYWUxZTU1ZjU3NmE0MDViZDc0YjdmMDhlN2E2
YzQ2NTMwHhcNMjUwMTAyMDk0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZhMjE0N2IzYjAxYWVjMDcxMTUzMzk4MGY2OTExZjE3ODRkNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn02idcrF2hmYMJLZ5S9iskSz1+00
6AhTCWhTJV9pNqrolCxYSF12odOPozGA18ifN7rrgp+q2nMiKowZpmXh1GrOSw3g
RH0VfOp5W7Xf9e//s/KSKYl+Cw1XA/JxbN95rn02aeSZoNE2xL62s05Y9BwrJhQj
ExnePfahP8zD4LUaupJJfspKSbrTAnbkcRHaLAfZJ85IxjHi/dF1/klAKXEX3XUr
5S8plxig1UuoKbuQjwbyCvmJTbRpLxlHKqGk0YZXGpcp7wGLJ09X+4vh2ZRQER5G
WTkVJLSSeTet4XUcOeFDJZwewTgMyDYwK5DMubYee9MYCb6sc8vgj+kVYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOD6IUezsBrsBxFTOYD2kR8XhNXgMB8GA1UdIwQY
MBaAFHU4am+uHlX1dqQFvXS38I56bEZTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEt
Zjg3OTJmNTc3YjlhLzEvNFBvaFI3T3dHdXdIRVZNNWdQYVJIeGVFMWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9kOWEwMWMtNWM5MS00ZDAwLWEwOWEtZjg3OTJmNTc3Yjlh
LzEvZFRocWI2NGVWZlYycEFXOWRMZndqbnBzUmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpMsMA0G
CSqGSIb3DQEBCwUAA4IBAQBvDmdWeh2RMdBjclS7rR21i4vhd81l6VaGkqS6Huxl
RWtMbG+xuBe5j7HK0Mr4038XMY10NbRnTLghTXcfkkxjNYYGY5+fsUEj2Ts3cWOZ
/O0gUtcxuC3qx3rA0PgDFlTz4f/sRRUm/+BHep+F6Z0II0SVgl0xjrAG6uTJapts
+kx+s1yCOROwoCLKgRgGOdY6yC/0mdxQaZwD3Heve1GQwrTyMR3z6uipnhu17Rep
viIVGRwWpnWBhApTZzVttkZYl+rZur1rwG5ivSS50+T4uV40HkG5fPrdOHI8XVqO
GnX4qNrN49zInc9wl7spbiwEcUHec7ni2QhBx7Jt6QVh
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:42:59 2025 by rpki-client