Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/2vo0_Hg1e1YurGnTVo5I3zzDcXU.roa
File: 2vo0_Hg1e1YurGnTVo5I3zzDcXU.roa (raw, json)
Hash identifier: bTckhGcPEl4Jr9O4oPZHZ0ssCIXg/aKrH4Gh8x2OR8E=
Subject key identifier: DA:FA:34:FC:78:35:7B:56:2E:AC:69:D3:56:8E:48:DF:3C:C3:71:75
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0195A3DD15572DEA37F0CC1F81236898FAEE
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/2vo0_Hg1e1YurGnTVo5I3zzDcXU.roa
Signing time: Mon 17 Mar 2025 11:28:49 +0000
ROA not before: Mon 17 Mar 2025 11:28:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.168.202.0/24 maxlen: 24
193.168.203.0/24 maxlen: 24
207.244.208.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 07:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:dd:15:57:2d:ea:37:f0:cc:1f:81:23:68:98:fa:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Mar 17 11:28:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dafa34fc78357b562eac69d3568e48df3cc37175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:26:e8:dd:3f:3c:c1:24:d0:a6:98:49:3e:
79:7b:d8:b5:de:86:f3:3a:d7:b6:d7:e3:ad:86:96:
b1:ab:bf:73:99:7e:97:1d:a8:16:ef:1f:92:3e:6c:
01:e5:87:85:4d:e2:c8:22:9e:d6:f6:b3:54:b8:54:
34:b4:8f:2f:cf:63:d7:5c:f1:7c:c1:b3:ba:00:ea:
66:20:f1:86:ce:aa:fc:db:84:ea:c1:7d:5d:c8:4f:
30:a3:96:96:a4:47:bc:64:17:45:3a:8c:73:cc:24:
82:60:02:ed:17:fb:6c:f9:01:4f:5a:03:c0:29:0e:
3a:d0:9f:f3:fa:ab:36:7d:58:f1:d7:23:55:5f:d6:
bd:0b:af:f1:91:cf:4b:1a:a1:0e:01:f9:7f:6c:af:
e8:ce:70:86:61:d0:02:cd:45:51:a6:fc:99:e2:12:
b4:f0:81:c6:f7:69:24:e3:76:a0:2d:4b:b4:24:04:
75:0e:09:88:5e:cd:37:c9:c6:cf:20:36:71:eb:f2:
0c:22:0c:e6:97:88:48:39:f9:bc:28:76:c2:f6:af:
70:de:55:e2:4e:e3:3e:af:d6:2d:d6:7e:72:dd:62:
60:d3:1c:b7:02:f4:8a:48:98:11:ad:22:b1:7a:40:
98:f6:4a:b5:2a:5d:b6:fc:da:40:7a:5b:54:56:f6:
19:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FA:34:FC:78:35:7B:56:2E:AC:69:D3:56:8E:48:DF:3C:C3:71:75
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/2vo0_Hg1e1YurGnTVo5I3zzDcXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.202.0/23
207.244.208.0/23
Signature Algorithm: sha256WithRSAEncryption
33:8a:26:8e:c2:ba:e9:e2:66:9c:a1:c3:73:13:2f:e8:1a:4d:
b3:71:ce:c6:cf:28:fb:d5:d5:e4:96:61:bf:73:95:bb:61:73:
7e:65:14:94:9d:5c:12:72:7d:f3:c7:e1:47:86:ec:18:59:40:
9d:bc:3f:91:2c:16:f1:eb:ca:fb:72:29:c6:e4:e2:5b:a3:9e:
a9:90:f0:c2:4b:2c:88:35:f5:ee:71:23:54:a4:9b:d5:3a:2e:
1e:2f:5d:e5:82:d8:4b:40:6e:85:8b:ae:23:38:61:3c:da:d6:
95:02:d1:58:6c:9d:67:61:ca:bf:a7:b7:09:5d:70:ba:5d:10:
10:28:9d:a5:0d:fe:e3:f7:a7:53:33:9f:69:6e:3c:99:53:73:
d9:46:d2:30:a9:7e:32:80:b8:33:f0:55:24:9e:88:8c:b0:9f:
d4:a1:1c:d8:f9:7a:ba:8c:81:41:69:34:86:98:60:bd:74:9c:
39:ce:90:59:27:bc:d9:cc:28:02:bd:90:f9:3a:c0:94:f3:38:
47:8d:86:eb:56:f3:ab:92:54:5a:33:bc:eb:67:91:dc:ab:52:
90:e7:6c:e0:14:15:b9:13:3f:04:e4:5c:d9:4c:00:9e:a3:be:
df:cc:16:36:3c:a8:5a:e0:43:a6:73:60:ea:9f:c9:4a:e2:fc:
b1:77:ca:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWj3RVXLeo38MwfgSNomPruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMzE3MTEyODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWZhMzRmYzc4MzU3YjU2MmVhYzY5ZDM1NjhlNDhkZjNjYzM3MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu8m6N0/PMEk0KaYST55e9i13obz
Ote21+Othpaxq79zmX6XHagW7x+SPmwB5YeFTeLIIp7W9rNUuFQ0tI8vz2PXXPF8
wbO6AOpmIPGGzqr824TqwX1dyE8wo5aWpEe8ZBdFOoxzzCSCYALtF/ts+QFPWgPA
KQ460J/z+qs2fVjx1yNVX9a9C6/xkc9LGqEOAfl/bK/oznCGYdACzUVRpvyZ4hK0
8IHG92kk43agLUu0JAR1DgmIXs03ycbPIDZx6/IMIgzml4hIOfm8KHbC9q9w3lXi
TuM+r9Yt1n5y3WJg0xy3AvSKSJgRrSKxekCY9kq1Kl22/NpAeltUVvYZvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNr6NPx4NXtWLqxp01aOSN88w3F1MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvMnZvMF9IZzFlMVl1ckduVFZvNUkzenpEY1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwajKAwQB
z/TQMA0GCSqGSIb3DQEBCwUAA4IBAQAziiaOwrrp4macocNzEy/oGk2zcc7Gzyj7
1dXklmG/c5W7YXN+ZRSUnVwScn3zx+FHhuwYWUCdvD+RLBbx68r7cinG5OJbo56p
kPDCSyyINfXucSNUpJvVOi4eL13lgthLQG6Fi64jOGE82taVAtFYbJ1nYcq/p7cJ
XXC6XRAQKJ2lDf7j96dTM59pbjyZU3PZRtIwqX4ygLgz8FUknoiMsJ/UoRzY+Xq6
jIFBaTSGmGC9dJw5zpBZJ7zZzCgCvZD5OsCU8zhHjYbrVvOrklRaM7zrZ5Hcq1KQ
52zgFBW5Ez8E5FzZTACeo77fzBY2PKha4EOmc2Dqn8lK4vyxd8qi
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:09:33 2025 by rpki-client