Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/vD0IngVcThMVfyc8iz6UvYT6hpM.roa
File: vD0IngVcThMVfyc8iz6UvYT6hpM.roa (raw, json)
Hash identifier: fvUKSLYfc4uAWpzFKV8tZrf7Mz+5sZv6uK9B+oWTTtI=
Subject key identifier: BC:3D:08:9E:05:5C:4E:13:15:7F:27:3C:8B:3E:94:BD:84:FA:86:93
Certificate issuer: /CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Certificate serial: 019421B21746B3E7AFABAC1CEAA3B877AE55
Authority key identifier: 92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/vD0IngVcThMVfyc8iz6UvYT6hpM.roa
Signing time: Wed 01 Jan 2025 11:48:26 +0000
ROA not before: Wed 01 Jan 2025 11:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210107
IP address blocks: 194.1.184.0/24 maxlen: 24
194.1.192.0/24 maxlen: 24
2a0f:c940::/32 maxlen: 32
2a0f:c941::/32 maxlen: 32
2a0f:c942::/32 maxlen: 32
2a0f:c943::/32 maxlen: 32
2a0f:c944::/32 maxlen: 32
2a0f:c945::/32 maxlen: 32
2a0f:c946::/32 maxlen: 32
2a0f:c947::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 07:53:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:17:46:b3:e7:af:ab:ac:1c:ea:a3:b8:77:ae:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9213f2c2d06c64b895457ab50fc4920283a49cc7
Validity
Not Before: Jan 1 11:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc3d089e055c4e13157f273c8b3e94bd84fa8693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e6:dd:db:bf:dd:d5:aa:00:5d:ac:70:73:c5:
08:c2:e5:79:7c:0a:72:95:0d:3a:60:10:bb:68:03:
65:c5:61:5c:f5:d2:32:5c:20:3b:0e:dc:59:16:eb:
63:a9:fa:38:59:cf:ef:32:a1:b7:39:25:95:bc:65:
1c:4c:c7:a8:76:85:55:4c:f6:07:24:ee:fc:1a:7e:
5b:94:9e:e2:3c:cd:4f:5e:48:08:04:cd:da:4e:5b:
0c:71:ed:0f:31:b5:e9:65:51:53:6c:dd:7c:51:e5:
9b:ef:e7:8d:1e:6a:6d:5a:7a:0c:db:af:8d:b3:22:
20:0b:ed:9d:91:7d:14:9b:07:11:01:64:fa:61:02:
dc:e5:a9:5f:55:f2:11:24:07:25:85:94:23:8e:0a:
91:94:0f:c0:d3:2d:4a:d4:66:b7:09:25:4f:8f:a1:
c3:cd:2f:d0:98:69:e7:99:15:ba:cb:a6:f5:61:1d:
70:d2:fa:ad:cb:00:55:ac:ab:75:55:5f:50:06:db:
e7:61:f1:83:83:f5:33:2a:a6:9e:4b:86:58:0e:b1:
26:17:3d:c7:88:a2:2d:c6:76:fa:80:9c:22:b6:a2:
7d:70:fd:78:85:a8:b1:24:44:1d:70:f3:f8:15:f6:
82:66:37:41:23:fc:bf:e4:52:5c:4b:a1:ba:5b:98:
a9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3D:08:9E:05:5C:4E:13:15:7F:27:3C:8B:3E:94:BD:84:FA:86:93
X509v3 Authority Key Identifier:
keyid:92:13:F2:C2:D0:6C:64:B8:95:45:7A:B5:0F:C4:92:02:83:A4:9C:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khPywtBsZLiVRXq1D8SSAoOknMc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/vD0IngVcThMVfyc8iz6UvYT6hpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/31a6a4-8a9d-47a2-8fbb-b9dff3e7a32e/1/khPywtBsZLiVRXq1D8SSAoOknMc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.184.0/24
194.1.192.0/24
IPv6:
2a0f:c940::/29
Signature Algorithm: sha256WithRSAEncryption
88:b7:69:09:b3:c2:39:ac:b6:8a:e7:1f:5a:0c:8c:a3:ee:02:
73:6e:65:80:30:c0:b5:43:50:1f:bd:54:d2:38:a6:06:e5:ba:
31:17:39:fc:e3:d3:16:12:d0:91:56:b6:fd:2c:c2:bf:3a:92:
04:8c:c8:8e:fe:9c:36:1c:d7:be:4b:62:d4:d8:f4:38:97:66:
f2:a7:33:3a:60:ba:e3:b9:52:26:64:5e:e8:68:b7:71:8d:b6:
20:b4:fd:84:15:37:b0:dd:ea:b8:94:87:ae:41:39:d5:ef:dc:
4a:6f:69:14:4f:86:77:94:f8:0c:d3:23:e2:aa:fd:1d:4f:15:
79:87:20:a7:7f:be:35:fa:0d:c3:0c:90:af:2a:4c:e4:26:82:
40:41:d6:b3:dc:c6:71:65:e4:f0:22:10:86:ad:5b:9a:43:5f:
59:d0:4e:e5:4a:33:cf:98:11:25:a5:81:c1:16:17:3d:70:cc:
1b:59:3e:0a:4d:54:85:ab:52:8e:70:1d:5b:74:f5:9a:fa:73:
a5:12:73:53:f7:6e:f5:6e:4c:a7:a6:aa:87:c4:c5:e4:61:6f:
c0:b5:11:ed:fe:21:6f:db:ec:0e:44:cd:62:81:cb:9f:62:a0:
8e:4f:9e:29:8a:23:49:51:cf:09:c0:b9:2c:de:f1:45:8b:20:
f7:d4:c3:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhshdGs+evq6wc6qO4d65VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTNmMmMyZDA2YzY0Yjg5NTQ1N2FiNTBmYzQ5MjAyODNh
NDljYzcwHhcNMjUwMTAxMTE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNkMDg5ZTA1NWM0ZTEzMTU3ZjI3M2M4YjNlOTRiZDg0ZmE4NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqebd27/d1aoAXaxwc8UIwuV5fApy
lQ06YBC7aANlxWFc9dIyXCA7DtxZFutjqfo4Wc/vMqG3OSWVvGUcTMeodoVVTPYH
JO78Gn5blJ7iPM1PXkgIBM3aTlsMce0PMbXpZVFTbN18UeWb7+eNHmptWnoM26+N
syIgC+2dkX0UmwcRAWT6YQLc5alfVfIRJAclhZQjjgqRlA/A0y1K1Ga3CSVPj6HD
zS/QmGnnmRW6y6b1YR1w0vqtywBVrKt1VV9QBtvnYfGDg/UzKqaeS4ZYDrEmFz3H
iKItxnb6gJwitqJ9cP14haixJEQdcPP4FfaCZjdBI/y/5FJcS6G6W5ipfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLw9CJ4FXE4TFX8nPIs+lL2E+oaTMB8GA1UdIwQY
MBaAFJIT8sLQbGS4lUV6tQ/EkgKDpJzHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hQeXd0QnNaTGlWUlhxMUQ4U1NBb09rbk1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zMWE2YTQtOGE5ZC00N2EyLThmYmIt
YjlkZmYzZTdhMzJlLzEvdkQwSW5nVmNUaE1WZnljOGl6NlV2WVQ2aHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zMWE2YTQtOGE5ZC00N2EyLThmYmItYjlkZmYzZTdhMzJl
LzEva2hQeXd0QnNaTGlWUlhxMUQ4U1NBb09rbk1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwgG4AwQA
wgHAMA0EAgACMAcDBQMqD8lAMA0GCSqGSIb3DQEBCwUAA4IBAQCIt2kJs8I5rLaK
5x9aDIyj7gJzbmWAMMC1Q1AfvVTSOKYG5boxFzn849MWEtCRVrb9LMK/OpIEjMiO
/pw2HNe+S2LU2PQ4l2bypzM6YLrjuVImZF7oaLdxjbYgtP2EFTew3eq4lIeuQTnV
79xKb2kUT4Z3lPgM0yPiqv0dTxV5hyCnf741+g3DDJCvKkzkJoJAQdaz3MZxZeTw
IhCGrVuaQ19Z0E7lSjPPmBElpYHBFhc9cMwbWT4KTVSFq1KOcB1bdPWa+nOlEnNT
9271bkynpqqHxMXkYW/AtRHt/iFv2+wORM1igcufYqCOT54piiNJUc8JwLks3vFF
iyD31MNI
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:30:00 2025 by rpki-client