Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/qM7EOp5FI6UvefxbBlVc8OXGczs.roa
File: qM7EOp5FI6UvefxbBlVc8OXGczs.roa (raw, json)
Hash identifier: bkRBKcxbgkxD3QabHYMhgvqMCmNekISXYLlw3e8Ht7s=
Subject key identifier: A8:CE:C4:3A:9E:45:23:A5:2F:79:FC:5B:06:55:5C:F0:E5:C6:73:3B
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019710F3AF945C33F78B8862FEEDABF9ED50
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/qM7EOp5FI6UvefxbBlVc8OXGczs.roa
Signing time: Tue 27 May 2025 08:54:55 +0000
ROA not before: Tue 27 May 2025 08:54:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2834
IP address blocks: 193.168.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 May 2025 16:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:10:f3:af:94:5c:33:f7:8b:88:62:fe:ed:ab:f9:ed:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: May 27 08:54:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8cec43a9e4523a52f79fc5b06555cf0e5c6733b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2e:64:a4:e2:54:10:d5:36:f1:9f:18:9b:a4:
81:ea:a5:f6:14:e5:43:ec:45:51:c7:15:72:37:03:
b0:07:e5:fe:ff:27:b6:77:ee:eb:d9:0b:80:53:dc:
02:3d:1f:27:4e:6d:5c:14:c9:30:66:90:d0:bf:9d:
f7:27:8b:86:e7:32:cc:97:cf:69:1b:c3:62:e5:0b:
82:a1:1e:27:a5:b2:cb:36:88:48:47:34:51:7a:34:
74:9a:c5:d2:17:46:06:a5:83:ff:74:a4:da:9a:81:
ae:bc:45:b1:11:3c:d3:6e:a6:c7:a7:82:3e:12:71:
a3:9e:1e:dd:8a:aa:ec:a0:dc:4e:6e:d1:1a:9f:73:
4b:44:b4:ed:2e:d8:64:e9:79:1e:63:b3:2d:ab:82:
cf:9a:a0:68:0b:57:40:68:29:19:48:b3:ff:1b:66:
70:ca:90:36:1a:27:fa:88:c7:7a:22:e3:2d:8a:c4:
46:fc:b6:c9:09:62:5b:bd:04:ed:8c:4e:a2:c8:d3:
a0:e4:1a:c2:71:d2:ed:4b:97:41:25:1a:9b:a5:ac:
90:51:37:14:91:bb:17:0e:3e:ca:e6:1c:52:90:77:
2f:15:6d:02:03:c5:e7:7c:30:a6:62:35:47:49:78:
48:c4:1d:be:02:2e:1d:28:5e:46:18:d4:d2:70:fa:
03:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CE:C4:3A:9E:45:23:A5:2F:79:FC:5B:06:55:5C:F0:E5:C6:73:3B
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/qM7EOp5FI6UvefxbBlVc8OXGczs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.202.0/24
Signature Algorithm: sha256WithRSAEncryption
80:02:cf:f7:0c:3b:bc:47:02:5d:fb:54:36:0f:13:89:16:f0:
2b:3e:45:bc:41:d8:b5:98:97:58:b5:e2:ea:62:6a:ee:41:28:
c2:50:80:45:85:37:fa:2d:a6:13:e5:bd:30:74:1e:ef:ea:0e:
95:06:78:bc:36:8c:8b:a3:ee:49:7a:8a:70:54:24:c7:5c:24:
75:87:14:2d:6d:7d:1d:72:3e:a7:97:6f:49:a0:8e:3a:93:e0:
27:35:23:8d:dd:1f:e5:7d:a9:6c:c5:54:d0:5f:d8:50:84:8d:
a0:35:5a:3b:b2:42:28:04:34:8b:a6:a0:40:b1:52:21:bd:c8:
a0:78:86:75:86:05:30:49:f9:ea:d1:d3:23:b6:8c:3d:58:cd:
05:05:71:33:72:6b:4b:df:05:ce:b0:bc:10:5e:b6:ca:ea:dc:
e7:53:c7:0e:d1:91:59:56:c3:05:40:5f:8c:f2:20:4e:ad:7b:
5c:9b:5b:ef:e8:0c:f7:e7:10:d5:b1:cf:a8:e9:24:4f:38:47:
d2:37:2c:7c:81:a5:eb:a1:16:b7:0d:7e:fb:4f:3b:c5:3a:ab:
d1:8e:d8:1a:f9:ba:80:e0:08:98:e5:22:25:73:7e:34:ed:93:
b2:83:a5:bb:68:0a:53:22:59:88:f3:0d:67:cd:ba:58:94:88:
ed:49:e3:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcQ86+UXDP3i4hi/u2r+e1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwNTI3MDg1NDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNlYzQzYTllNDUyM2E1MmY3OWZjNWIwNjU1NWNmMGU1YzY3MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy5kpOJUENU28Z8Ym6SB6qX2FOVD
7EVRxxVyNwOwB+X+/ye2d+7r2QuAU9wCPR8nTm1cFMkwZpDQv533J4uG5zLMl89p
G8Ni5QuCoR4npbLLNohIRzRRejR0msXSF0YGpYP/dKTamoGuvEWxETzTbqbHp4I+
EnGjnh7diqrsoNxObtEan3NLRLTtLthk6XkeY7Mtq4LPmqBoC1dAaCkZSLP/G2Zw
ypA2Gif6iMd6IuMtisRG/LbJCWJbvQTtjE6iyNOg5BrCcdLtS5dBJRqbpayQUTcU
kbsXDj7K5hxSkHcvFW0CA8XnfDCmYjVHSXhIxB2+Ai4dKF5GGNTScPoDuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjOxDqeRSOlL3n8WwZVXPDlxnM7MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvcU03RU9wNUZJNlV2ZWZ4YkJsVmM4T1hHY3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwajKMA0G
CSqGSIb3DQEBCwUAA4IBAQCAAs/3DDu8RwJd+1Q2DxOJFvArPkW8Qdi1mJdYteLq
YmruQSjCUIBFhTf6LaYT5b0wdB7v6g6VBni8NoyLo+5JeopwVCTHXCR1hxQtbX0d
cj6nl29JoI46k+AnNSON3R/lfalsxVTQX9hQhI2gNVo7skIoBDSLpqBAsVIhvcig
eIZ1hgUwSfnq0dMjtow9WM0FBXEzcmtL3wXOsLwQXrbK6tznU8cO0ZFZVsMFQF+M
8iBOrXtcm1vv6Az35xDVsc+o6SRPOEfSNyx8gaXroRa3DX77TzvFOqvRjtga+bqA
4AiY5SIlc3407ZOyg6W7aApTIlmI8w1nzbpYlIjtSeMe
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:48:33 2025 by rpki-client