Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/1-Ui8CPLR7Ny8xoVdijmwewpdMIk.roa
File: 1-Ui8CPLR7Ny8xoVdijmwewpdMIk.roa (raw, json)
Hash identifier: hhGO4aWfoS4mWlosv4rVfL48B/TqVe5nLge05IYFO9s=
Subject key identifier: F9:48:BC:08:F2:D1:EC:DC:BC:C6:85:5D:8A:39:B0:7B:0A:5D:30:89
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019599AF7D94C150BCE175DA96FBF3457C4E
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/1-Ui8CPLR7Ny8xoVdijmwewpdMIk.roa
Signing time: Sat 15 Mar 2025 12:02:49 +0000
ROA not before: Sat 15 Mar 2025 12:02:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.168.202.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 11:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:af:7d:94:c1:50:bc:e1:75:da:96:fb:f3:45:7c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Mar 15 12:02:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f948bc08f2d1ecdcbcc6855d8a39b07b0a5d3089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:11:d4:3b:12:c3:1d:54:6b:41:57:2d:fe:
d6:ca:6d:24:ac:e1:20:91:72:51:04:24:d7:ed:c2:
50:f8:2d:db:a2:95:ca:17:1e:57:a8:c9:84:c7:99:
81:32:3b:98:43:f7:33:ab:03:84:ae:b5:d2:76:c1:
66:5d:ae:4c:47:0d:3c:47:a8:75:66:3b:d5:2f:8b:
09:b3:f9:29:15:44:29:ab:ae:e7:42:0b:c0:1e:da:
77:d6:b4:f4:99:eb:25:62:7f:a7:8c:68:da:a8:0e:
4e:d9:de:48:6c:7a:37:31:66:59:1e:38:98:c9:e2:
9d:03:8a:1d:b7:d6:5d:fe:1c:1d:6e:b5:98:a4:88:
b4:3f:2f:6c:02:ea:d7:0f:80:4b:29:08:28:5b:fd:
d2:8a:f3:a9:1e:02:82:f5:83:43:7f:bb:82:83:d7:
ec:73:83:0b:9a:59:c0:36:b1:e5:fe:81:1f:1b:65:
36:34:7f:1f:bd:d9:e4:e1:04:1f:85:39:ac:e8:41:
24:e2:37:09:bb:a3:39:95:b1:ba:ce:bb:d5:6c:76:
c3:9f:2a:ce:10:0c:42:04:f4:9a:a1:11:8f:bb:04:
f9:f1:b3:93:3e:f7:0d:ae:7c:b1:61:fc:d1:d0:5e:
81:89:d6:3a:3d:7e:56:ab:6c:8e:76:80:b0:43:d3:
40:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:48:BC:08:F2:D1:EC:DC:BC:C6:85:5D:8A:39:B0:7B:0A:5D:30:89
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/1-Ui8CPLR7Ny8xoVdijmwewpdMIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.202.0/23
207.244.209.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:a7:96:d1:c6:23:df:85:d3:67:d0:17:fd:14:2b:7a:57:0d:
2e:f5:79:c4:60:9b:69:56:61:e7:c5:cc:d5:e8:4b:e4:06:10:
ff:dc:0e:5e:31:ab:99:6c:16:86:4c:58:74:0d:00:6c:74:e5:
ca:f9:27:dd:e6:b5:dc:f1:90:63:a6:00:53:0f:78:3b:a2:f9:
f9:41:11:8b:4d:54:0f:56:bc:a6:28:88:4e:79:0e:38:da:da:
26:f9:ee:7a:94:83:98:45:51:47:04:d5:d4:d0:2b:c1:46:7b:
38:c2:9d:30:15:e4:a9:35:f9:b2:31:0c:da:b7:9d:1e:a3:32:
d4:f1:c7:48:79:89:8b:76:6e:31:03:2e:82:bb:46:75:b4:2c:
dc:70:9a:04:81:8b:f7:59:5c:ad:74:cf:10:d0:3a:21:10:18:
ba:35:96:15:30:48:a6:cc:3f:a8:30:45:cf:ed:3b:b3:38:2d:
8b:21:c5:85:32:e2:bc:72:d3:c3:3c:d2:54:48:4f:06:9f:21:
b7:9a:08:e5:2f:ec:03:13:a2:73:61:75:78:75:3c:1f:3f:ff:
1a:56:29:1e:2e:d1:fc:d4:f7:fb:0e:7a:dc:45:72:62:14:97:
9e:0d:6d:09:9a:77:d8:08:30:a5:4c:9d:bb:9a:01:0f:30:96:
6e:3b:55:a5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZWZr32UwVC84XXalvvzRXxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMzE1MTIwMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ4YmMwOGYyZDFlY2RjYmNjNjg1NWQ4YTM5YjA3YjBhNWQzMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpgR1DsSwx1Ua0FXLf7Wym0krOEg
kXJRBCTX7cJQ+C3bopXKFx5XqMmEx5mBMjuYQ/czqwOErrXSdsFmXa5MRw08R6h1
ZjvVL4sJs/kpFUQpq67nQgvAHtp31rT0meslYn+njGjaqA5O2d5IbHo3MWZZHjiY
yeKdA4odt9Zd/hwdbrWYpIi0Py9sAurXD4BLKQgoW/3SivOpHgKC9YNDf7uCg9fs
c4MLmlnANrHl/oEfG2U2NH8fvdnk4QQfhTms6EEk4jcJu6M5lbG6zrvVbHbDnyrO
EAxCBPSaoRGPuwT58bOTPvcNrnyxYfzR0F6BidY6PX5Wq2yOdoCwQ9NAtwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlIvAjy0ezcvMaFXYo5sHsKXTCJMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvMS1VaThDUExSN055OHhvVmRpam13ZXdwZE1Jay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTkvZmViZWY4LWEwZWEtNGM3ZS04ODA2LTIwZTE5NzgwY2Iy
ZS8xLzBJMnB6d0RVMVl1RlRfeGlBUThqV3diZk5Vby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcGoygME
AM/00TANBgkqhkiG9w0BAQsFAAOCAQEAfqeW0cYj34XTZ9AX/RQrelcNLvV5xGCb
aVZh58XM1ehL5AYQ/9wOXjGrmWwWhkxYdA0AbHTlyvkn3ea13PGQY6YAUw94O6L5
+UERi01UD1a8piiITnkOONraJvnuepSDmEVRRwTV1NArwUZ7OMKdMBXkqTX5sjEM
2redHqMy1PHHSHmJi3ZuMQMugrtGdbQs3HCaBIGL91lcrXTPENA6IRAYujWWFTBI
psw/qDBFz+07szgtiyHFhTLivHLTwzzSVEhPBp8ht5oI5S/sAxOic2F1eHU8Hz//
GlYpHi7R/NT3+w563EVyYhSXng1tCZp32AgwpUydu5oBDzCWbjtVpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:10:33 2025 by rpki-client