Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1PmG1Xpj2rDtfCb6GM6xg8f1B1c.roa
File: 1PmG1Xpj2rDtfCb6GM6xg8f1B1c.roa (raw, json)
Hash identifier: JkKgqG1xG4zrVYTKEGhuObvVfqYO2qRA01eLJ1YJiUU=
Subject key identifier: D4:F9:86:D5:7A:63:DA:B0:ED:7C:26:FA:18:CE:B1:83:C7:F5:07:57
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0196E5553B160F6CBFD8B675B37962E80D86
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1PmG1Xpj2rDtfCb6GM6xg8f1B1c.roa
Signing time: Sun 18 May 2025 21:38:10 +0000
ROA not before: Sun 18 May 2025 21:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.209.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 18:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e5:55:3b:16:0f:6c:bf:d8:b6:75:b3:79:62:e8:0d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: May 18 21:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4f986d57a63dab0ed7c26fa18ceb183c7f50757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cf:17:bb:96:f4:54:54:8b:67:d4:ec:8c:ce:
99:af:ed:67:e2:23:5e:87:0d:df:4c:9b:6c:49:94:
7f:a9:3a:b8:96:45:e7:a7:3d:8f:c2:88:ac:57:e7:
83:5c:8f:f4:ec:53:14:59:92:fc:c0:0b:e0:72:05:
84:03:ce:a7:ab:64:b0:fe:c4:66:29:28:9c:00:79:
12:7c:21:70:29:5f:b9:c0:5b:fd:5e:5d:54:b8:82:
35:c0:67:3e:ea:53:3f:9a:6f:db:40:01:30:15:d1:
22:63:62:ef:81:d5:dd:25:8f:b8:2c:01:4b:9f:f5:
00:e3:ef:7d:42:e3:c8:d0:99:75:d7:dc:f9:1c:d6:
de:d3:9c:d7:85:67:b3:0d:1c:0b:a8:c4:77:0a:f0:
21:e1:46:73:16:9f:fc:e8:7c:af:eb:34:4d:ab:b5:
d9:63:20:78:af:7c:e2:56:4e:a2:89:89:5f:be:93:
93:0b:9a:19:53:e3:e7:28:00:05:35:b7:93:f2:d5:
70:b0:77:72:94:43:18:70:86:a3:37:3c:b4:0d:1a:
21:d3:bd:8d:75:44:56:f4:44:dc:04:35:a7:b8:cd:
d2:e5:df:61:37:8d:32:c8:d7:1a:10:bc:b6:69:63:
3a:02:08:81:a4:a5:a5:77:7a:c2:fa:c3:c8:ef:96:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F9:86:D5:7A:63:DA:B0:ED:7C:26:FA:18:CE:B1:83:C7:F5:07:57
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1PmG1Xpj2rDtfCb6GM6xg8f1B1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.140.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:60:f5:d8:ed:7b:06:64:2b:ed:88:01:99:1c:34:67:f1:ca:
56:6b:70:16:9a:8e:89:61:8b:83:6d:fc:68:d6:d5:97:53:f3:
70:92:e0:bc:bd:db:12:17:98:da:ac:d4:15:13:f6:ee:ef:5f:
37:93:eb:c9:78:10:cf:15:c2:c5:71:a0:c3:9e:ae:5a:33:2c:
56:dd:38:ed:3f:fb:b8:0a:73:85:bf:de:72:88:85:cf:47:00:
22:6a:07:80:1c:d3:6a:81:49:2b:3d:b4:e7:7d:a5:d6:9a:88:
fe:22:e0:a0:69:ab:66:06:cd:53:53:2d:18:8c:00:14:78:1a:
60:06:bd:f9:ae:c6:8f:f8:01:9d:30:a1:48:81:80:e7:47:9f:
db:20:da:2a:60:ba:66:a1:66:57:1b:5a:8a:31:df:d2:7b:86:
3d:83:d4:95:85:d8:43:69:44:be:c0:cf:20:12:b1:3a:9e:73:
1a:0b:a2:78:3d:75:76:15:18:96:c3:67:3d:99:70:31:91:df:
31:a8:80:3a:3f:b6:2f:b1:3c:a9:44:cc:4e:f8:21:0b:fc:af:
3e:bb:b0:3f:0c:da:b1:10:56:36:00:e6:39:c7:00:f6:a5:8f:
f8:30:92:53:a1:ca:54:31:90:a7:cf:70:5b:75:94:f5:ee:8c:
0f:32:26:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZblVTsWD2y/2LZ1s3li6A2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNTE4MjEzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY5ODZkNTdhNjNkYWIwZWQ3YzI2ZmExOGNlYjE4M2M3ZjUwNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis8Xu5b0VFSLZ9TsjM6Zr+1n4iNe
hw3fTJtsSZR/qTq4lkXnpz2PwoisV+eDXI/07FMUWZL8wAvgcgWEA86nq2Sw/sRm
KSicAHkSfCFwKV+5wFv9Xl1UuII1wGc+6lM/mm/bQAEwFdEiY2LvgdXdJY+4LAFL
n/UA4+99QuPI0Jl119z5HNbe05zXhWezDRwLqMR3CvAh4UZzFp/86Hyv6zRNq7XZ
YyB4r3ziVk6iiYlfvpOTC5oZU+PnKAAFNbeT8tVwsHdylEMYcIajNzy0DRoh072N
dURW9ETcBDWnuM3S5d9hN40yyNcaELy2aWM6AgiBpKWld3rC+sPI75YwAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNT5htV6Y9qw7Xwm+hjOsYPH9QdXMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvMVBtRzFYcGoyckR0ZkNiNkdNNnhnOGYxQjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQCrYPXY7XsGZCvtiAGZHDRn8cpWa3AWmo6JYYuDbfxo
1tWXU/NwkuC8vdsSF5jarNQVE/bu7183k+vJeBDPFcLFcaDDnq5aMyxW3TjtP/u4
CnOFv95yiIXPRwAiageAHNNqgUkrPbTnfaXWmoj+IuCgaatmBs1TUy0YjAAUeBpg
Br35rsaP+AGdMKFIgYDnR5/bINoqYLpmoWZXG1qKMd/Se4Y9g9SVhdhDaUS+wM8g
ErE6nnMaC6J4PXV2FRiWw2c9mXAxkd8xqIA6P7YvsTypRMxO+CEL/K8+u7A/DNqx
EFY2AOY5xwD2pY/4MJJTocpUMZCnz3BbdZT17owPMia2
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:38:53 2025 by rpki-client