Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pRgyPFtiPN5OspGXG37d45Rfhbo.roa
File: pRgyPFtiPN5OspGXG37d45Rfhbo.roa (raw, json)
Hash identifier: t0iGU1ernW+cmUSv3i3k2yjmHRpSWG50DO2Y4DwKnhE=
Subject key identifier: A5:18:32:3C:5B:62:3C:DE:4E:B2:91:97:1B:7E:DD:E3:94:5F:85:BA
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195684D6F23064247041B4D1C9DD4D2B7F7
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pRgyPFtiPN5OspGXG37d45Rfhbo.roa
Signing time: Wed 05 Mar 2025 21:54:19 +0000
ROA not before: Wed 05 Mar 2025 21:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133944
IP address blocks: 160.19.92.0/23 maxlen: 23
2a10:b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:4d:6f:23:06:42:47:04:1b:4d:1c:9d:d4:d2:b7:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 5 21:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a518323c5b623cde4eb291971b7edde3945f85ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a3:ae:7f:3c:7e:3a:aa:35:96:3c:f5:e7:62:
a4:b3:0d:85:78:4c:84:59:4d:11:64:15:e4:82:4f:
2e:a2:11:69:71:f4:f3:2c:cb:58:70:b3:99:c7:e0:
34:98:15:96:9d:50:fc:73:7e:6a:f8:00:2f:47:62:
24:af:9c:a2:4a:22:7c:9e:18:32:61:21:70:28:56:
0f:a6:f8:ef:5c:70:c0:bd:cc:87:32:2e:0e:2a:ec:
6a:21:b0:1b:d4:53:49:5f:37:47:01:da:27:05:52:
4d:81:e2:77:c5:e5:e6:54:e7:51:0d:ce:2e:db:ab:
58:60:c8:4a:72:8c:e7:3f:1f:24:65:bb:ac:08:0a:
cf:22:b9:e2:50:64:1e:0d:12:ef:45:c7:f6:6e:16:
d9:1d:46:16:53:33:c5:18:03:c2:70:57:59:7b:df:
cd:e9:d8:c4:35:5a:f8:db:c2:86:97:74:e2:52:b0:
60:58:ec:c1:ee:83:23:75:dc:50:05:c9:59:4b:60:
8e:99:1e:56:6b:07:95:bc:22:f4:bc:ea:7d:e7:a4:
8f:e0:79:bd:96:94:2d:a3:e4:45:a7:be:69:90:28:
f2:6e:c6:d6:cf:b5:c8:69:92:a2:fa:0a:c9:7c:d7:
de:f8:f9:fb:29:ae:44:58:f8:29:d4:97:35:f3:44:
eb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:18:32:3C:5B:62:3C:DE:4E:B2:91:97:1B:7E:DD:E3:94:5F:85:BA
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/pRgyPFtiPN5OspGXG37d45Rfhbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.19.92.0/23
IPv6:
2a10:b40::/29
Signature Algorithm: sha256WithRSAEncryption
34:23:f0:d0:f5:ec:e1:14:13:4c:06:c8:0f:63:ee:61:be:79:
32:64:28:bb:30:62:af:b3:26:dd:86:2a:fc:dd:ae:9e:83:20:
e2:34:c7:0a:f0:4f:1b:c6:98:16:e9:1e:4f:6f:a3:ce:6c:b4:
cc:11:88:46:8f:d0:50:2e:fe:ac:36:a9:90:dd:69:b8:53:83:
b0:f3:38:00:a8:55:e3:5e:dc:7e:84:73:0e:94:a9:7f:4d:c0:
81:56:2b:8b:d9:b8:74:0f:0d:3a:9e:5e:ad:d5:98:0b:96:20:
8a:d6:91:c0:94:ed:57:df:14:d1:bc:61:ec:70:b0:81:be:4c:
97:92:2c:79:64:fa:00:7c:c2:85:fa:cb:bc:b9:e2:d1:5a:5a:
37:7e:dd:43:86:d5:9f:c8:c9:65:d9:70:e1:03:a9:51:b9:f3:
c8:13:eb:76:dd:d0:85:28:58:2a:93:a7:10:16:ed:86:98:66:
d2:83:53:5d:55:d7:a1:c9:e4:37:73:a1:04:c2:a7:eb:8a:11:
da:ca:ba:ef:2a:90:a8:16:20:36:11:ed:85:99:18:60:0f:c1:
da:74:19:54:06:f5:be:ad:a4:e6:35:c3:61:ef:a4:15:bb:63:
dc:49:d1:c1:34:93:df:c1:9c:a3:c7:78:74:da:9d:b6:0a:d0:
91:b8:70:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZVoTW8jBkJHBBtNHJ3U0rf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzA1MjE1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTE4MzIzYzViNjIzY2RlNGViMjkxOTcxYjdlZGRlMzk0NWY4NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6Oufzx+Oqo1ljz152Kksw2FeEyE
WU0RZBXkgk8uohFpcfTzLMtYcLOZx+A0mBWWnVD8c35q+AAvR2Ikr5yiSiJ8nhgy
YSFwKFYPpvjvXHDAvcyHMi4OKuxqIbAb1FNJXzdHAdonBVJNgeJ3xeXmVOdRDc4u
26tYYMhKcoznPx8kZbusCArPIrniUGQeDRLvRcf2bhbZHUYWUzPFGAPCcFdZe9/N
6djENVr428KGl3TiUrBgWOzB7oMjddxQBclZS2COmR5WaweVvCL0vOp956SP4Hm9
lpQto+RFp75pkCjybsbWz7XIaZKi+grJfNfe+Pn7Ka5EWPgp1Jc180TrjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKUYMjxbYjzeTrKRlxt+3eOUX4W6MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvcFJneVBGdGlQTjVPc3BHWEczN2Q0NVJmaGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBoBNcMA0E
AgACMAcDBQMqEAtAMA0GCSqGSIb3DQEBCwUAA4IBAQA0I/DQ9ezhFBNMBsgPY+5h
vnkyZCi7MGKvsybdhir83a6egyDiNMcK8E8bxpgW6R5Pb6PObLTMEYhGj9BQLv6s
NqmQ3Wm4U4Ow8zgAqFXjXtx+hHMOlKl/TcCBViuL2bh0Dw06nl6t1ZgLliCK1pHA
lO1X3xTRvGHscLCBvkyXkix5ZPoAfMKF+su8ueLRWlo3ft1DhtWfyMll2XDhA6lR
ufPIE+t23dCFKFgqk6cQFu2GmGbSg1NdVdehyeQ3c6EEwqfrihHayrrvKpCoFiA2
Ee2FmRhgD8HadBlUBvW+raTmNcNh76QVu2PcSdHBNJPfwZyjx3h02p22CtCRuHC5
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:41:08 2025 by rpki-client