Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Se33C8lXl6CCeQV3bU59qySLppI.roa
File: Se33C8lXl6CCeQV3bU59qySLppI.roa (raw, json)
Hash identifier: s0w1rn4nPHLL6Fy0jZqqjfL2Os9BbGzjmwt5s1yBBC0=
Subject key identifier: 49:ED:F7:0B:C9:57:97:A0:82:79:05:77:6D:4E:7D:AB:24:8B:A6:92
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0196ED5003BC3FCA7267B2025E413314C82B
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Se33C8lXl6CCeQV3bU59qySLppI.roa
Signing time: Tue 20 May 2025 10:49:26 +0000
ROA not before: Tue 20 May 2025 10:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202685
IP address blocks: 176.46.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 09:37:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:50:03:bc:3f:ca:72:67:b2:02:5e:41:33:14:c8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 20 10:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49edf70bc95797a0827905776d4e7dab248ba692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7f:e6:ca:db:42:70:f4:0f:18:ec:ef:87:8a:
05:57:5d:16:a4:a7:2d:92:9f:01:51:a0:5a:bc:7c:
6d:be:f9:9b:04:f3:e0:68:04:90:be:b0:bc:de:44:
a2:08:ed:cf:59:62:24:e8:46:78:30:10:81:c3:49:
74:3d:aa:9a:0f:b2:64:40:1d:19:80:4b:5d:6e:5f:
de:88:19:f7:fb:42:65:6f:a7:c1:c8:d3:4a:78:0e:
2b:af:9f:15:60:7d:26:bb:8a:46:96:d5:96:6b:ab:
dc:1b:7f:bd:37:dd:6f:91:45:4c:49:72:e1:f2:da:
0f:8a:b8:f5:be:5d:b0:37:c9:c5:d6:43:eb:f5:ae:
b2:46:41:4e:ac:3e:09:31:f9:0c:e5:03:bf:b5:bd:
07:96:ee:4e:24:07:3b:d6:56:77:29:f0:26:76:e3:
26:bf:29:99:dd:b8:d1:fb:2f:45:b8:68:ba:93:2f:
aa:0d:ae:c1:79:99:43:64:50:06:b7:6c:12:ff:8c:
a7:75:49:02:8e:4a:00:6b:31:4d:51:c9:ca:93:71:
dd:97:15:64:d9:74:df:90:9f:03:a8:bf:f3:9f:5b:
2c:69:db:35:dd:3f:92:13:23:9a:1f:6c:b1:76:d6:
20:02:93:d7:aa:c5:4a:d6:7a:12:e6:97:a6:38:04:
c9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:ED:F7:0B:C9:57:97:A0:82:79:05:77:6D:4E:7D:AB:24:8B:A6:92
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Se33C8lXl6CCeQV3bU59qySLppI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.158.0/24
Signature Algorithm: sha256WithRSAEncryption
05:fd:45:0c:c2:d2:22:3e:43:32:b0:9b:c0:d0:7b:62:a4:4c:
4d:95:69:76:80:0b:ac:29:d7:b8:21:b8:e0:b4:e6:56:a7:bd:
87:c6:12:4e:b2:dd:bd:58:e7:27:12:5a:b9:e4:d9:3e:d5:70:
be:d0:40:63:2f:d4:b1:43:4e:65:32:56:ae:7b:05:78:03:cd:
e3:e8:dc:5b:e3:35:fe:37:ca:d7:60:d3:a5:f5:76:5a:d4:01:
77:1e:09:9b:d7:f0:20:b7:cc:88:fb:52:5f:e1:49:6e:f1:12:
c4:d0:0d:85:aa:b8:0b:f0:b2:15:14:0b:d8:e7:df:bc:bb:8d:
90:54:62:1d:f3:df:22:39:24:bb:30:01:d7:cb:2e:a1:e5:46:
78:e0:4e:64:84:e5:1d:80:ed:96:02:01:24:ec:f4:b7:3e:ab:
97:fc:ce:8b:ef:5c:27:e4:8b:3b:53:59:51:d4:18:67:3e:af:
0e:f2:15:7e:38:fc:91:49:e9:e4:da:ff:d2:96:b6:4d:4a:49:
dc:8c:69:6d:83:96:2c:a5:99:bc:06:82:2c:2a:95:41:a2:26:
97:2f:da:65:41:3b:02:54:56:dd:a9:c0:d3:5b:03:44:81:2f:
3f:bc:89:7d:b0:95:ed:a1:28:f1:40:90:a9:ad:4f:2f:9a:cf:
ad:40:21:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbtUAO8P8pyZ7ICXkEzFMgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNTIwMTA0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWVkZjcwYmM5NTc5N2EwODI3OTA1Nzc2ZDRlN2RhYjI0OGJhNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH/myttCcPQPGOzvh4oFV10WpKct
kp8BUaBavHxtvvmbBPPgaASQvrC83kSiCO3PWWIk6EZ4MBCBw0l0PaqaD7JkQB0Z
gEtdbl/eiBn3+0Jlb6fByNNKeA4rr58VYH0mu4pGltWWa6vcG3+9N91vkUVMSXLh
8toPirj1vl2wN8nF1kPr9a6yRkFOrD4JMfkM5QO/tb0Hlu5OJAc71lZ3KfAmduMm
vymZ3bjR+y9FuGi6ky+qDa7BeZlDZFAGt2wS/4yndUkCjkoAazFNUcnKk3HdlxVk
2XTfkJ8DqL/zn1ssads13T+SEyOaH2yxdtYgApPXqsVK1noS5pemOATJZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEnt9wvJV5eggnkFd21Ofaski6aSMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvU2UzM0M4bFhsNkNDZVFWM2JVNTlxeVNMcHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsC6eMA0G
CSqGSIb3DQEBCwUAA4IBAQAF/UUMwtIiPkMysJvA0HtipExNlWl2gAusKde4Ibjg
tOZWp72HxhJOst29WOcnElq55Nk+1XC+0EBjL9SxQ05lMlauewV4A83j6Nxb4zX+
N8rXYNOl9XZa1AF3Hgmb1/Agt8yI+1Jf4Ulu8RLE0A2FqrgL8LIVFAvY59+8u42Q
VGId898iOSS7MAHXyy6h5UZ44E5khOUdgO2WAgEk7PS3PquX/M6L71wn5Is7U1lR
1BhnPq8O8hV+OPyRSenk2v/SlrZNSkncjGltg5YspZm8BoIsKpVBoiaXL9plQTsC
VFbdqcDTWwNEgS8/vIl9sJXtoSjxQJCprU8vms+tQCF/
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:18:59 2025 by rpki-client