Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/Rx4lpit-GbhpMZcYPwvGlgOsqrU.roa
File: Rx4lpit-GbhpMZcYPwvGlgOsqrU.roa (raw, json)
Hash identifier: wQgUOZWK/jjJb7l1m7oDFj3IKYVEew9t+82SHtVOcyE=
Subject key identifier: 47:1E:25:A6:2B:7E:19:B8:69:31:97:18:3F:0B:C6:96:03:AC:AA:B5
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 0194921F35F79154D56FFD114AEC42EDCBCC
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/Rx4lpit-GbhpMZcYPwvGlgOsqrU.roa
Signing time: Thu 23 Jan 2025 07:45:06 +0000
ROA not before: Thu 23 Jan 2025 07:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 217.9.1.0/24 maxlen: 24
217.9.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 05:15:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:1f:35:f7:91:54:d5:6f:fd:11:4a:ec:42:ed:cb:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 23 07:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=471e25a62b7e19b8693197183f0bc69603acaab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:25:7a:87:44:0f:28:27:25:0c:08:23:83:fe:
0e:03:15:d0:21:f5:80:20:8f:d3:7b:a8:63:32:14:
37:bf:b1:5a:fe:37:83:05:bb:73:ac:10:f2:3f:4a:
11:6e:e5:7d:2e:ca:60:88:b6:f0:30:1f:78:54:90:
51:4b:b7:d5:42:36:6e:54:c4:2b:22:dd:10:39:ee:
80:19:78:9c:0e:1e:b7:80:34:77:26:ad:a1:e3:49:
35:99:c4:fd:ec:e8:31:aa:37:79:5d:a0:f6:8b:9d:
99:23:d6:75:7a:bd:f6:e6:b6:09:6b:1b:fe:ce:14:
8a:27:db:75:77:23:bd:c3:43:76:ca:80:28:9e:4e:
54:de:45:58:d0:26:d5:29:76:38:24:93:30:e0:03:
03:50:74:39:de:06:b7:3b:a3:29:5e:11:b4:de:09:
b1:6c:91:3a:c1:57:ce:e2:bf:e0:87:3d:5b:80:0c:
83:95:19:85:99:dd:62:db:f4:28:bb:e9:3b:3a:71:
27:89:e4:b4:a6:36:2b:51:f1:5b:47:03:68:3f:98:
f0:a8:3c:5a:0d:7e:7c:d9:64:cb:ef:68:c7:d9:1a:
a1:95:2a:20:f3:5a:4c:5f:8c:04:94:27:88:68:1c:
bc:98:d3:2b:51:d0:37:94:68:2a:f1:4b:5c:7c:43:
76:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:1E:25:A6:2B:7E:19:B8:69:31:97:18:3F:0B:C6:96:03:AC:AA:B5
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/Rx4lpit-GbhpMZcYPwvGlgOsqrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.1.0-217.9.2.255
Signature Algorithm: sha256WithRSAEncryption
ab:c2:8d:fb:6c:3d:81:73:d8:71:f9:a1:c5:21:9c:b5:f1:1e:
2a:b4:4c:45:29:94:2d:1a:42:83:d3:e3:26:76:24:28:f4:b5:
9d:01:2c:e2:d8:c4:3b:8a:97:7f:81:98:1e:9e:ee:6a:a2:a0:
77:2d:24:c0:88:2b:b6:db:a7:4a:06:c1:84:03:17:10:16:43:
b2:b5:d4:f5:82:dc:6e:38:d9:5f:40:fa:01:a8:ef:dc:a9:b5:
22:3f:b1:59:bb:75:c6:2e:a5:1a:72:2e:57:af:44:04:4a:93:
64:9e:bf:95:d9:d4:11:26:f7:f2:48:43:a0:fc:b4:ae:8e:c6:
c6:3f:26:72:34:9c:67:ec:30:07:5b:ea:6b:6d:ea:fc:4b:5e:
9e:bd:11:3c:19:cf:7d:24:ce:99:d7:c4:86:9b:96:06:fb:54:
ac:79:ed:65:48:3f:c4:96:e2:e8:58:ec:75:74:7a:08:22:4c:
9a:c1:e4:08:67:bb:d2:80:73:a8:fd:a0:34:a6:99:ce:f2:56:
3d:04:71:1d:82:16:2e:38:18:9d:09:97:6d:85:7b:77:b3:b3:
2e:a5:9c:76:14:b5:9d:40:76:e5:b5:4f:af:9e:27:c8:77:0d:
63:fd:00:d7:b1:82:74:81:e5:42:51:53:8f:4d:9d:af:b6:89:
c0:3a:96:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSSHzX3kVTVb/0RSuxC7cvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjUwMTIzMDc0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzFlMjVhNjJiN2UxOWI4NjkzMTk3MTgzZjBiYzY5NjAzYWNhYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSV6h0QPKCclDAgjg/4OAxXQIfWA
II/Te6hjMhQ3v7Fa/jeDBbtzrBDyP0oRbuV9LspgiLbwMB94VJBRS7fVQjZuVMQr
It0QOe6AGXicDh63gDR3Jq2h40k1mcT97Ogxqjd5XaD2i52ZI9Z1er325rYJaxv+
zhSKJ9t1dyO9w0N2yoAonk5U3kVY0CbVKXY4JJMw4AMDUHQ53ga3O6MpXhG03gmx
bJE6wVfO4r/ghz1bgAyDlRmFmd1i2/Qou+k7OnEnieS0pjYrUfFbRwNoP5jwqDxa
DX582WTL72jH2RqhlSog81pMX4wElCeIaBy8mNMrUdA3lGgq8UtcfEN2SQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEceJaYrfhm4aTGXGD8LxpYDrKq1MB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvUng0bHBpdC1HYmhwTVpjWVB3dkdsZ09zcXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADZCQED
BADZCQIwDQYJKoZIhvcNAQELBQADggEBAKvCjftsPYFz2HH5ocUhnLXxHiq0TEUp
lC0aQoPT4yZ2JCj0tZ0BLOLYxDuKl3+BmB6e7mqioHctJMCIK7bbp0oGwYQDFxAW
Q7K11PWC3G442V9A+gGo79yptSI/sVm7dcYupRpyLlevRARKk2Sev5XZ1BEm9/JI
Q6D8tK6OxsY/JnI0nGfsMAdb6mtt6vxLXp69ETwZz30kzpnXxIablgb7VKx57WVI
P8SW4uhY7HV0eggiTJrB5Ahnu9KAc6j9oDSmmc7yVj0EcR2CFi44GJ0Jl22Fe3ez
sy6lnHYUtZ1AduW1T6+eJ8h3DWP9ANexgnSB5UJRU49Nna+2icA6ljo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:46:34 2025 by rpki-client