Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1vAl1bhXS0W2UepVYxr_1iD0aa4.roa
File: 1vAl1bhXS0W2UepVYxr_1iD0aa4.roa (raw, json)
Hash identifier: XM13/2OzipOTaeeprj8VoC1rQAGr59cYXBagNS/vjdQ=
Subject key identifier: D6:F0:25:D5:B8:57:4B:45:B6:51:EA:55:63:1A:FF:D6:20:F4:69:AE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01973B0F73E46A450253107B2580ECB1FBA2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1vAl1bhXS0W2UepVYxr_1iD0aa4.roa
Signing time: Wed 04 Jun 2025 13:09:17 +0000
ROA not before: Wed 04 Jun 2025 13:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.15.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 18:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:0f:73:e4:6a:45:02:53:10:7b:25:80:ec:b1:fb:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 4 13:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6f025d5b8574b45b651ea55631affd620f469ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:38:64:fe:53:4e:14:df:68:b2:f7:f2:73:cf:
9f:31:73:e0:f4:94:1f:a2:64:69:41:d8:c3:28:a2:
d0:70:c6:86:4c:13:ed:37:13:97:11:2e:86:f3:e8:
20:a5:10:e9:97:fe:88:af:94:c2:02:f8:e7:62:78:
0c:5a:63:e0:3d:e0:c1:db:5a:a0:0a:98:fa:13:76:
dc:d5:69:d3:29:9e:19:aa:c5:f5:56:3b:66:09:0b:
91:99:e9:e9:c0:09:7d:af:10:c6:0b:c0:7e:08:4e:
a9:10:2f:f9:48:49:a9:b3:1f:76:03:b2:61:02:1c:
f9:fe:1d:09:ca:46:25:5b:fd:d4:52:7c:3b:a1:e2:
dd:e2:af:97:f0:78:37:24:66:e8:ae:84:8f:25:d2:
0f:6b:f4:a0:53:d6:06:f5:a2:8b:c6:1c:d8:ed:68:
7a:6c:f6:81:f1:f6:45:a2:26:92:c7:4d:95:e9:cd:
30:12:3d:01:d6:46:2e:65:be:68:f2:b5:bc:79:fa:
b8:08:e4:eb:bd:a6:00:7d:6f:c8:14:f9:ac:eb:9b:
6a:b7:99:19:f0:05:e0:fc:82:93:e9:e1:5a:99:82:
30:40:f0:1a:b1:96:01:0c:6f:1d:ee:7e:ed:c4:5e:
53:06:7a:62:d8:2f:cd:3a:e8:d7:f0:dc:9e:cc:ce:
50:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F0:25:D5:B8:57:4B:45:B6:51:EA:55:63:1A:FF:D6:20:F4:69:AE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1vAl1bhXS0W2UepVYxr_1iD0aa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.53.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:31:af:eb:9d:40:d8:04:ad:7a:be:4b:d1:79:0d:0c:ce:68:
2b:f5:4c:61:fe:31:3e:cc:49:a7:5d:5b:60:e3:4e:81:0e:8d:
cb:ae:51:39:85:93:10:b5:70:66:2e:c2:49:42:b4:34:b0:f1:
ef:39:1c:7f:1f:d6:c3:7c:03:75:a6:22:76:f8:82:1d:b2:73:
7b:44:e1:49:5a:e7:bc:69:b4:6c:53:f5:d4:c6:92:a4:ad:59:
24:75:2a:8c:05:a5:4e:90:dc:fc:28:dc:c6:51:65:59:2f:ee:
c3:b0:f1:bd:f6:d1:e9:36:e1:ec:ac:c6:8c:31:06:27:2c:24:
5c:61:d9:6b:9b:3b:d6:c2:38:24:32:75:9a:52:08:29:1d:53:
1f:dd:af:63:4e:5c:36:99:80:8b:59:db:e7:ab:28:92:d7:b2:
04:81:ff:83:a7:fb:36:ce:90:fa:de:ff:78:9a:24:36:ea:ac:
e5:4d:b0:64:3f:5c:74:71:60:c5:df:1c:dc:2d:f9:fa:89:b5:
d3:df:f6:00:28:ba:93:8d:e7:90:c3:22:56:08:4f:b1:f1:90:
1c:cf:4a:a6:65:4c:2c:7d:fb:43:56:9e:66:40:2b:f1:69:8b:
e4:45:4e:35:ac:23:e2:e9:25:cf:35:d6:45:e6:7f:6f:18:08:
6c:ff:ab:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc7D3PkakUCUxB7JYDssfuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNjA0MTMwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmYwMjVkNWI4NTc0YjQ1YjY1MWVhNTU2MzFhZmZkNjIwZjQ2OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzhk/lNOFN9osvfyc8+fMXPg9JQf
omRpQdjDKKLQcMaGTBPtNxOXES6G8+ggpRDpl/6Ir5TCAvjnYngMWmPgPeDB21qg
Cpj6E3bc1WnTKZ4ZqsX1VjtmCQuRmenpwAl9rxDGC8B+CE6pEC/5SEmpsx92A7Jh
Ahz5/h0JykYlW/3UUnw7oeLd4q+X8Hg3JGboroSPJdIPa/SgU9YG9aKLxhzY7Wh6
bPaB8fZFoiaSx02V6c0wEj0B1kYuZb5o8rW8efq4COTrvaYAfW/IFPms65tqt5kZ
8AXg/IKT6eFamYIwQPAasZYBDG8d7n7txF5TBnpi2C/NOujX8NyezM5QrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNbwJdW4V0tFtlHqVWMa/9Yg9GmuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMXZBbDFiaFhTMFcyVWVwVll4cl8xaUQwYWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg81MA0G
CSqGSIb3DQEBCwUAA4IBAQCtMa/rnUDYBK16vkvReQ0Mzmgr9Uxh/jE+zEmnXVtg
406BDo3LrlE5hZMQtXBmLsJJQrQ0sPHvORx/H9bDfAN1piJ2+IIdsnN7ROFJWue8
abRsU/XUxpKkrVkkdSqMBaVOkNz8KNzGUWVZL+7DsPG99tHpNuHsrMaMMQYnLCRc
YdlrmzvWwjgkMnWaUggpHVMf3a9jTlw2mYCLWdvnqyiS17IEgf+Dp/s2zpD63v94
miQ26qzlTbBkP1x0cWDF3xzcLfn6ibXT3/YAKLqTjeeQwyJWCE+x8ZAcz0qmZUws
fftDVp5mQCvxaYvkRU41rCPi6SXPNdZF5n9vGAhs/6uO
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:52:59 2025 by rpki-client