Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2rpPbOhNiJB1aSekQ7Iuq7IlbW0.roa
File: 2rpPbOhNiJB1aSekQ7Iuq7IlbW0.roa (raw, json)
Hash identifier: JgtCBeqI7MXk8uOHGGEfnKvBq2AMYVqOYO6Pp52dAow=
Subject key identifier: DA:BA:4F:6C:E8:4D:88:90:75:69:27:A4:43:B2:2E:AB:B2:25:6D:6D
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01942445323A657120EED3CC21A8F0AA2755
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2rpPbOhNiJB1aSekQ7Iuq7IlbW0.roa
Signing time: Wed 01 Jan 2025 23:48:21 +0000
ROA not before: Wed 01 Jan 2025 23:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212147
IP address blocks: 194.26.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 18:04:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:32:3a:65:71:20:ee:d3:cc:21:a8:f0:aa:27:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=daba4f6ce84d8890756927a443b22eabb2256d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:29:1a:50:de:90:c1:20:ab:0e:86:b4:21:1b:
da:d0:07:7a:42:f7:12:ba:b6:b3:07:18:09:40:2a:
0a:2a:78:fb:b2:fe:fd:d1:67:76:d4:20:9e:a4:81:
de:97:db:02:ae:c6:53:f6:9b:bc:61:6b:fa:78:8c:
27:ba:76:73:d1:ff:e1:af:6d:20:71:3d:7a:65:de:
20:4e:ff:bd:db:c1:8b:28:71:d0:fd:98:48:85:70:
c4:cd:a1:77:6c:f3:de:15:65:ba:e1:a1:70:c8:b3:
58:1c:f3:f8:ea:d7:a5:07:83:db:d8:3f:ad:a2:31:
87:a1:66:9f:06:b4:a3:ea:32:2c:8b:90:a3:55:93:
4d:da:83:b7:c6:68:bd:3a:e4:50:00:f6:42:57:1a:
df:25:47:64:4b:5f:e0:24:3c:df:3a:c9:97:ba:b0:
69:33:36:14:31:fa:0c:74:21:f4:4d:28:e7:20:a1:
05:4c:1f:a9:84:57:9a:d8:6b:46:7f:f4:ad:84:c1:
9b:30:17:00:e9:47:44:fb:88:b5:43:17:81:69:f3:
50:cc:3e:60:96:e8:b0:fb:60:92:c6:ff:f6:55:1b:
65:f7:46:5b:c4:3e:f6:67:9b:32:f7:d8:56:dd:9d:
8e:f7:e5:b9:71:89:76:fa:13:19:97:28:6a:fd:55:
71:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BA:4F:6C:E8:4D:88:90:75:69:27:A4:43:B2:2E:AB:B2:25:6D:6D
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/2rpPbOhNiJB1aSekQ7Iuq7IlbW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.137.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:0d:1b:b3:b7:a7:c5:a5:b9:36:fe:9c:98:d2:35:52:98:e9:
95:f7:35:2e:ff:10:cc:ee:af:4b:0a:b7:27:fd:47:ca:79:e3:
42:49:57:81:dd:08:25:35:00:48:62:1b:29:1d:e4:7a:b2:d8:
20:62:d3:be:18:da:23:09:fe:0d:3f:cc:82:d7:fa:42:61:42:
da:7b:ff:3d:99:3a:a6:7b:62:3f:9a:ae:46:84:a2:6e:72:ab:
fd:46:bb:c1:bb:64:94:ca:dd:11:7d:1c:01:a6:6b:4f:44:67:
99:2c:98:86:90:6c:ee:5e:6b:a8:9a:80:94:74:00:f0:f9:7f:
73:ed:e6:ec:20:99:65:76:a7:37:d3:16:0b:b8:be:87:9d:02:
c6:6b:4d:73:ae:b7:e8:d4:6d:19:cb:c4:19:d1:b9:0d:db:e3:
fc:a9:2b:2e:ce:71:f0:1e:e3:54:5a:e9:44:54:42:17:df:19:
46:df:87:35:ca:8f:9b:d7:1a:5e:73:19:0d:f2:3c:01:d7:fd:
42:d2:c4:b4:b9:aa:57:79:af:ba:c9:37:2c:b5:ae:d4:bd:0d:
7a:f8:29:f1:62:c1:eb:d2:ff:92:c7:e9:66:83:01:86:2b:b3:
e7:ed:59:92:6c:5d:43:1b:22:06:60:d8:32:1d:5d:0d:c7:1c:
8e:5f:2f:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRTI6ZXEg7tPMIajwqidVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJhNGY2Y2U4NGQ4ODkwNzU2OTI3YTQ0M2IyMmVhYmIyMjU2ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCkaUN6QwSCrDoa0IRva0Ad6QvcS
urazBxgJQCoKKnj7sv790Wd21CCepIHel9sCrsZT9pu8YWv6eIwnunZz0f/hr20g
cT16Zd4gTv+928GLKHHQ/ZhIhXDEzaF3bPPeFWW64aFwyLNYHPP46telB4Pb2D+t
ojGHoWafBrSj6jIsi5CjVZNN2oO3xmi9OuRQAPZCVxrfJUdkS1/gJDzfOsmXurBp
MzYUMfoMdCH0TSjnIKEFTB+phFea2GtGf/SthMGbMBcA6UdE+4i1QxeBafNQzD5g
luiw+2CSxv/2VRtl90ZbxD72Z5sy99hW3Z2O9+W5cYl2+hMZlyhq/VVxyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNq6T2zoTYiQdWknpEOyLquyJW1tMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMnJwUGJPaE5pSkIxYVNla1E3SXVxN0lsYlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhqJMA0G
CSqGSIb3DQEBCwUAA4IBAQAcDRuzt6fFpbk2/pyY0jVSmOmV9zUu/xDM7q9LCrcn
/UfKeeNCSVeB3QglNQBIYhspHeR6stggYtO+GNojCf4NP8yC1/pCYULae/89mTqm
e2I/mq5GhKJucqv9RrvBu2SUyt0RfRwBpmtPRGeZLJiGkGzuXmuomoCUdADw+X9z
7ebsIJlldqc30xYLuL6HnQLGa01zrrfo1G0Zy8QZ0bkN2+P8qSsuznHwHuNUWulE
VEIX3xlG34c1yo+b1xpecxkN8jwB1/1C0sS0uapXea+6yTcsta7UvQ16+CnxYsHr
0v+Sx+lmgwGGK7Pn7VmSbF1DGyIGYNgyHV0NxxyOXy8J
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:04:45 2025 by rpki-client