Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/qFEtUkLr4nQi6DUVrTeoicfy2VY.roa
File: qFEtUkLr4nQi6DUVrTeoicfy2VY.roa (raw, json)
Hash identifier: bZ6DQ9OOSlz8gvEKlxbaAnXIhdCNGiaES5Fx5X3Jz4g=
Subject key identifier: A8:51:2D:52:42:EB:E2:74:22:E8:35:15:AD:37:A8:89:C7:F2:D9:56
Certificate issuer: /CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Certificate serial: 019425FC5E19E3E47CDA16B5299849A71C16
Authority key identifier: 1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/qFEtUkLr4nQi6DUVrTeoicfy2VY.roa
Signing time: Thu 02 Jan 2025 07:48:03 +0000
ROA not before: Thu 02 Jan 2025 07:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7155
IP address blocks: 130.255.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 15:51:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:5e:19:e3:e4:7c:da:16:b5:29:98:49:a7:1c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd21dfb24f7d8ce2311ba4076775474bd50be64
Validity
Not Before: Jan 2 07:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8512d5242ebe27422e83515ad37a889c7f2d956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5a:75:e5:be:da:cd:4f:84:5d:db:30:c3:dd:
ee:bd:1e:b8:ac:dc:61:13:da:fc:17:65:ae:d1:6f:
a5:0b:df:d8:22:77:f7:2a:26:12:d2:0d:a8:51:01:
0b:1e:7a:cd:98:33:10:4d:5e:9e:07:97:bd:e9:8f:
61:6f:02:5b:d6:e8:4e:0c:74:8d:a3:af:c7:9d:97:
c8:72:97:8c:f2:79:b9:ef:28:a2:48:62:6a:5b:9a:
f9:1f:a5:0d:93:80:00:c8:1c:e6:31:46:d0:9a:53:
90:f6:ca:85:e0:db:94:0b:2c:28:77:2c:dd:f9:80:
62:d4:b1:d2:46:a6:03:4b:e9:42:70:6c:9a:0b:e6:
6c:36:12:c8:2d:bf:47:38:37:53:13:43:ae:94:cf:
37:14:00:80:7a:7d:d7:ca:48:8a:08:00:e8:aa:ac:
e8:c9:a0:01:15:93:07:2f:1a:d3:a9:6d:11:a0:ed:
8e:9c:90:b1:de:61:f6:e9:82:a1:00:b4:46:64:d2:
f0:4a:17:95:d4:2f:ad:30:ec:f0:a6:eb:66:90:89:
7e:6f:52:3d:ed:82:f8:b7:87:18:58:86:5b:bd:90:
57:12:2a:6b:30:13:e3:ba:c4:8e:5d:3e:63:c4:a7:
86:81:96:f2:5d:27:74:79:57:42:9b:49:77:f7:19:
4e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:51:2D:52:42:EB:E2:74:22:E8:35:15:AD:37:A8:89:C7:F2:D9:56
X509v3 Authority Key Identifier:
keyid:1B:D2:1D:FB:24:F7:D8:CE:23:11:BA:40:76:77:54:74:BD:50:BE:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9Id-yT32M4jEbpAdndUdL1QvmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/qFEtUkLr4nQi6DUVrTeoicfy2VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/08e15b-4a24-4ce0-9454-f87a322a7776/1/G9Id-yT32M4jEbpAdndUdL1QvmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.27.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ea:59:c4:ee:b1:6d:58:cb:fe:15:a1:55:05:dd:1b:1b:b4:
69:15:7f:86:73:c9:4e:0f:25:b1:66:af:ee:67:0a:4b:5d:95:
82:31:b5:b3:0f:a3:47:0a:e2:70:72:99:13:90:55:ac:9d:e7:
e2:cb:f3:a0:62:e0:e3:dd:54:c3:2a:18:eb:3f:96:55:24:24:
24:30:1c:2a:b8:f1:fe:22:ee:94:bc:92:b4:6b:8e:69:e1:02:
9b:f2:f9:2f:49:84:f3:7a:a3:e8:c1:90:4f:e7:8a:7b:b7:bd:
d8:5c:5d:c1:e1:c6:9a:6c:79:91:ea:5b:af:93:fc:5a:9a:6e:
6a:bc:92:ea:d3:60:14:f3:51:c0:2f:04:21:87:36:aa:b5:8f:
7f:22:30:fb:fe:98:5d:99:d1:e8:23:49:8a:1f:4e:8f:7a:a3:
d2:4a:5e:91:26:35:ac:6f:88:0a:5b:d7:aa:98:dc:32:d1:66:
b0:7d:03:bd:87:b3:29:b1:b9:19:1f:07:74:db:34:e4:ac:e3:
88:32:23:07:56:3b:54:d6:69:e9:4a:0b:18:88:8c:16:16:08:
86:6f:df:7a:3c:e5:5c:ef:a0:52:91:91:a0:a4:4a:c9:9c:fc:
3e:6e:4f:48:9c:21:18:1d:ef:41:1a:8e:9b:cb:6f:51:26:e9:
c7:2c:e6:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/F4Z4+R82ha1KZhJpxwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZDIxZGZiMjRmN2Q4Y2UyMzExYmE0MDc2Nzc1NDc0YmQ1
MGJlNjQwHhcNMjUwMTAyMDc0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODUxMmQ1MjQyZWJlMjc0MjJlODM1MTVhZDM3YTg4OWM3ZjJkOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVp15b7azU+EXdsww93uvR64rNxh
E9r8F2Wu0W+lC9/YInf3KiYS0g2oUQELHnrNmDMQTV6eB5e96Y9hbwJb1uhODHSN
o6/HnZfIcpeM8nm57yiiSGJqW5r5H6UNk4AAyBzmMUbQmlOQ9sqF4NuUCywodyzd
+YBi1LHSRqYDS+lCcGyaC+ZsNhLILb9HODdTE0OulM83FACAen3XykiKCADoqqzo
yaABFZMHLxrTqW0RoO2OnJCx3mH26YKhALRGZNLwSheV1C+tMOzwputmkIl+b1I9
7YL4t4cYWIZbvZBXEiprMBPjusSOXT5jxKeGgZbyXSd0eVdCm0l39xlORQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhRLVJC6+J0Iug1Fa03qInH8tlWMB8GA1UdIwQY
MBaAFBvSHfsk99jOIxG6QHZ3VHS9UL5kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQt
Zjg3YTMyMmE3Nzc2LzEvcUZFdFVrTHI0blFpNkRVVnJUZW9pY2Z5MlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wOGUxNWItNGEyNC00Y2UwLTk0NTQtZjg3YTMyMmE3Nzc2
LzEvRzlJZC15VDMyTTRqRWJwQWRuZFVkTDFRdm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgv8bMA0G
CSqGSIb3DQEBCwUAA4IBAQA36lnE7rFtWMv+FaFVBd0bG7RpFX+Gc8lODyWxZq/u
ZwpLXZWCMbWzD6NHCuJwcpkTkFWsnefiy/OgYuDj3VTDKhjrP5ZVJCQkMBwquPH+
Iu6UvJK0a45p4QKb8vkvSYTzeqPowZBP54p7t73YXF3B4caabHmR6luvk/xamm5q
vJLq02AU81HALwQhhzaqtY9/IjD7/phdmdHoI0mKH06PeqPSSl6RJjWsb4gKW9eq
mNwy0WawfQO9h7MpsbkZHwd02zTkrOOIMiMHVjtU1mnpSgsYiIwWFgiGb996POVc
76BSkZGgpErJnPw+bk9InCEYHe9BGo6by29RJunHLOZ4
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:34:44 2025 by rpki-client