Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/dENPAOXWSnt6GFEW6-QLyCFtiew.roa
File: dENPAOXWSnt6GFEW6-QLyCFtiew.roa (raw, json)
Hash identifier: 37oh8BKYhcL5lSXElJ9OfTCD2yCuR+xkw9VPV+TIRvo=
Subject key identifier: 74:43:4F:00:E5:D6:4A:7B:7A:18:51:16:EB:E4:0B:C8:21:6D:89:EC
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0194221FEE4C3736434D670526B5CCCC4C93
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/dENPAOXWSnt6GFEW6-QLyCFtiew.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 193.168.202.0/24 maxlen: 24
207.244.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 12:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ee:4c:37:36:43:4d:67:05:26:b5:cc:cc:4c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74434f00e5d64a7b7a185116ebe40bc8216d89ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:25:64:4f:41:62:32:3f:d4:32:f1:cf:12:e9:
1c:5a:88:21:bd:f8:81:8a:a4:7a:13:8d:7f:7b:5c:
1e:13:32:29:7b:6d:f8:ac:5b:b8:70:cd:e9:22:f8:
25:34:25:1f:61:c1:da:78:ec:e4:5c:9e:72:dd:3e:
f8:39:e9:7c:2c:df:ff:5c:ac:7e:18:b3:f3:9d:a3:
12:37:ee:bd:7b:a5:e9:d0:ef:5f:4b:be:04:9b:9e:
cd:21:88:d8:a9:10:dc:c0:7b:d4:bb:97:fc:37:41:
e1:58:0e:5c:44:a7:a1:e9:5c:50:3f:09:6f:ee:40:
db:b0:5d:60:94:47:23:66:6c:23:5b:cc:c4:04:fc:
d1:3e:32:b8:40:ac:2c:ff:7b:31:2f:88:9d:98:7c:
e8:8a:e6:46:69:0d:b3:9c:b4:d5:43:79:b9:e6:dc:
99:47:2e:e4:41:98:dd:c9:bc:b0:ab:4f:b8:a3:a9:
e6:1d:0d:de:73:c5:0f:dd:b7:09:6b:cd:53:d6:64:
b8:de:97:58:ef:7a:ea:ed:a9:8e:54:1f:2c:27:60:
36:20:bd:ed:a1:1e:90:aa:04:e5:78:03:8e:86:f0:
84:9c:2c:07:65:94:aa:02:ea:69:e9:80:ae:03:e7:
97:63:e3:8d:5c:1e:25:63:b5:03:4c:e3:83:03:99:
c5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:43:4F:00:E5:D6:4A:7B:7A:18:51:16:EB:E4:0B:C8:21:6D:89:EC
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/dENPAOXWSnt6GFEW6-QLyCFtiew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.202.0/24
207.244.209.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:c3:49:2e:86:23:d6:0b:69:3a:b5:73:35:73:77:f8:0e:4e:
32:f2:1b:bd:c8:01:cd:22:98:fa:3d:69:c9:ec:0c:54:92:64:
6e:0e:8e:c7:68:ac:f1:3b:ae:8e:cd:18:a7:b2:84:fd:7c:07:
1e:f1:a2:3b:e0:06:a7:4f:85:ec:ec:5f:c2:8a:af:95:3c:28:
5a:ec:4e:bf:1b:8c:ae:b8:a7:89:17:aa:48:72:8e:bb:1d:cb:
45:bd:57:fe:05:51:90:8d:4e:99:76:e6:67:ee:f8:4a:75:b4:
35:53:81:fa:5f:3c:fd:6a:9b:78:91:27:16:78:b3:92:12:14:
40:01:97:90:c4:d2:f4:b6:b7:02:31:ca:a0:53:42:96:ec:96:
cd:22:98:e3:f9:c0:12:15:f0:a0:87:14:6e:3e:b4:37:3c:fd:
4b:de:24:9e:b9:a2:c8:c9:0d:8c:fd:9c:26:52:0b:8a:13:e2:
e3:97:0d:b2:14:5e:75:77:1a:49:3a:5b:04:c2:73:bb:32:4a:
f5:2f:3a:76:0c:19:40:81:45:ed:42:84:8b:a9:9d:a3:a5:af:
8f:02:3f:2c:90:1b:2c:5a:94:98:26:91:ab:37:da:a0:d1:53:
ab:16:27:a9:82:5d:89:af:c4:7d:87:23:0b:ee:ed:81:de:54:
a8:ab:4c:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH+5MNzZDTWcFJrXMzEyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQzNGYwMGU1ZDY0YTdiN2ExODUxMTZlYmU0MGJjODIxNmQ4OWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7CVkT0FiMj/UMvHPEukcWoghvfiB
iqR6E41/e1weEzIpe234rFu4cM3pIvglNCUfYcHaeOzkXJ5y3T74Oel8LN//XKx+
GLPznaMSN+69e6Xp0O9fS74Em57NIYjYqRDcwHvUu5f8N0HhWA5cRKeh6VxQPwlv
7kDbsF1glEcjZmwjW8zEBPzRPjK4QKws/3sxL4idmHzoiuZGaQ2znLTVQ3m55tyZ
Ry7kQZjdybywq0+4o6nmHQ3ec8UP3bcJa81T1mS43pdY73rq7amOVB8sJ2A2IL3t
oR6QqgTleAOOhvCEnCwHZZSqAupp6YCuA+eXY+ONXB4lY7UDTOODA5nF7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHRDTwDl1kp7ehhRFuvkC8ghbYnsMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvZEVOUEFPWFdTbnQ2R0ZFVzYtUUx5Q0Z0aWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwajKAwQA
z/TRMA0GCSqGSIb3DQEBCwUAA4IBAQAbw0kuhiPWC2k6tXM1c3f4Dk4y8hu9yAHN
Ipj6PWnJ7AxUkmRuDo7HaKzxO66OzRinsoT9fAce8aI74AanT4Xs7F/Ciq+VPCha
7E6/G4yuuKeJF6pIco67HctFvVf+BVGQjU6ZduZn7vhKdbQ1U4H6Xzz9apt4kScW
eLOSEhRAAZeQxNL0trcCMcqgU0KW7JbNIpjj+cASFfCghxRuPrQ3PP1L3iSeuaLI
yQ2M/ZwmUguKE+Ljlw2yFF51dxpJOlsEwnO7Mkr1Lzp2DBlAgUXtQoSLqZ2jpa+P
Aj8skBssWpSYJpGrN9qg0VOrFiepgl2Jr8R9hyML7u2B3lSoq0x7
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:56 2025 by rpki-client