Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/D0NeCitwNnOvzP7iUpG8oJGRGC4.roa
File: D0NeCitwNnOvzP7iUpG8oJGRGC4.roa (raw, json)
Hash identifier: Jj78Uh5gdo2MnRfpk776yBHMiL4JfZPjHOsrY4oIKjc=
Subject key identifier: 0F:43:5E:0A:2B:70:36:73:AF:CC:FE:E2:52:91:BC:A0:91:91:18:2E
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0196D9836AEF5520CFF8CBA66B3F290D0FE3
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/D0NeCitwNnOvzP7iUpG8oJGRGC4.roa
Signing time: Fri 16 May 2025 14:33:10 +0000
ROA not before: Fri 16 May 2025 14:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211659
IP address blocks: 193.3.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d9:83:6a:ef:55:20:cf:f8:cb:a6:6b:3f:29:0d:0f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 16 14:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f435e0a2b703673afccfee25291bca09191182e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1d:b1:d7:27:2b:7b:fe:07:97:89:d2:1a:32:
6b:f5:06:8f:12:df:6a:d0:f7:b8:b9:82:ef:10:d9:
39:24:3d:5d:29:aa:13:d9:f8:a0:36:9d:f5:2d:83:
9f:db:f7:a1:39:13:61:83:06:6e:ad:ac:fb:3b:da:
4f:60:ee:bb:34:f5:f8:37:3f:5a:6f:06:fc:c3:7d:
01:1b:fe:d7:7f:b8:38:bd:b1:93:7d:7f:7e:f8:02:
b3:6a:b0:0a:74:21:5a:a5:bb:fa:71:f0:31:f8:ac:
82:8d:13:cb:a3:29:d2:93:3d:d0:1c:20:18:e2:ee:
bc:2c:af:16:d4:a8:c6:61:b1:e6:cc:84:8f:a7:06:
b6:0f:81:96:79:6d:07:5b:28:37:ea:70:62:d8:12:
03:3a:f7:89:b3:4e:a4:9f:74:86:b8:28:0e:c6:52:
92:b0:9c:98:58:82:4e:12:b5:5b:12:a7:66:bd:20:
76:5d:60:30:88:f2:14:1d:ba:aa:75:bd:f1:8b:61:
45:87:52:14:13:d3:88:4b:a3:c2:54:6d:59:26:9f:
62:86:d0:cc:df:19:a5:3c:5c:4e:a7:39:ee:56:b7:
80:98:7a:52:60:b6:f9:31:d6:9a:e5:15:4b:f3:9b:
76:78:db:db:41:e4:e1:8c:32:8b:ce:2b:c1:d6:f8:
d1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:43:5E:0A:2B:70:36:73:AF:CC:FE:E2:52:91:BC:A0:91:91:18:2E
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/D0NeCitwNnOvzP7iUpG8oJGRGC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.19.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b8:b5:74:cd:a8:e4:c0:d8:bb:06:64:52:13:59:1d:a7:5d:
e2:d7:63:ec:53:61:9b:30:f7:bd:86:5a:6f:6f:26:94:8e:3a:
10:11:15:07:5b:ce:df:95:4c:aa:13:b0:c0:08:3f:36:0f:37:
dc:2f:5c:c3:98:b4:6e:33:fc:55:53:a2:d1:35:65:2c:de:88:
ce:60:ab:dd:02:f8:53:98:26:c2:88:78:2e:18:13:0d:fb:03:
b4:31:98:39:2e:9b:13:0f:db:95:ef:cb:3f:c0:5e:1b:71:bc:
6a:31:7a:19:f3:5e:b7:b4:57:b6:00:90:d0:6f:85:f1:ba:5f:
4b:3b:05:ad:f6:a0:20:89:03:05:68:a0:c9:11:44:59:a7:4b:
2c:0b:e9:65:c3:b3:14:f7:e1:aa:99:0d:0c:b4:3d:53:7c:61:
28:0d:64:7b:6d:7e:bd:24:2d:91:6c:b7:ba:3a:59:6a:ec:b8:
67:25:57:08:b0:dc:60:e8:07:bb:c1:5b:89:66:b0:a0:76:9f:
74:ec:a3:6e:31:62:0d:a4:f3:fa:53:2e:64:ad:eb:46:40:18:
ce:da:32:11:cb:3f:ee:15:12:d2:12:99:89:b5:6f:65:bb:2f:
40:b2:c6:eb:f9:22:88:59:77:2a:87:77:73:43:63:6a:44:ed:
23:43:8e:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbZg2rvVSDP+Mumaz8pDQ/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwNTE2MTQzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQzNWUwYTJiNzAzNjczYWZjY2ZlZTI1MjkxYmNhMDkxOTExODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh2x1ycre/4Hl4nSGjJr9QaPEt9q
0Pe4uYLvENk5JD1dKaoT2figNp31LYOf2/ehORNhgwZuraz7O9pPYO67NPX4Nz9a
bwb8w30BG/7Xf7g4vbGTfX9++AKzarAKdCFapbv6cfAx+KyCjRPLoynSkz3QHCAY
4u68LK8W1KjGYbHmzISPpwa2D4GWeW0HWyg36nBi2BIDOveJs06kn3SGuCgOxlKS
sJyYWIJOErVbEqdmvSB2XWAwiPIUHbqqdb3xi2FFh1IUE9OIS6PCVG1ZJp9ihtDM
3xmlPFxOpznuVreAmHpSYLb5Mdaa5RVL85t2eNvbQeThjDKLzivB1vjRwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9DXgorcDZzr8z+4lKRvKCRkRguMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRDBOZUNpdHdObk92elA3aVVwRzhvSkdSR0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMTMA0G
CSqGSIb3DQEBCwUAA4IBAQARuLV0zajkwNi7BmRSE1kdp13i12PsU2GbMPe9hlpv
byaUjjoQERUHW87flUyqE7DACD82DzfcL1zDmLRuM/xVU6LRNWUs3ojOYKvdAvhT
mCbCiHguGBMN+wO0MZg5LpsTD9uV78s/wF4bcbxqMXoZ8163tFe2AJDQb4Xxul9L
OwWt9qAgiQMFaKDJEURZp0ssC+llw7MU9+GqmQ0MtD1TfGEoDWR7bX69JC2RbLe6
Ollq7LhnJVcIsNxg6Ae7wVuJZrCgdp907KNuMWINpPP6Uy5kretGQBjO2jIRyz/u
FRLSEpmJtW9luy9Assbr+SKIWXcqh3dzQ2NqRO0jQ45L
-----END CERTIFICATE-----
Generated at Sat Jun 7 15:35:30 2025 by rpki-client