Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/rd5aAxcDcozq1HQ44YjD5y_3SRU.roa
File: rd5aAxcDcozq1HQ44YjD5y_3SRU.roa (raw, json)
Hash identifier: JeMJ90ykmrxhBAtP2zV3UsdueB08IiR31IlT3g1BJDQ=
Subject key identifier: AD:DE:5A:03:17:03:72:8C:EA:D4:74:38:E1:88:C3:E7:2F:F7:49:15
Certificate issuer: /CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Certificate serial: 019079D630010FA9F344E883092201AD6209
Authority key identifier: FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/rd5aAxcDcozq1HQ44YjD5y_3SRU.roa
Signing time: Wed 03 Jul 2024 18:23:18 +0000
ROA not before: Wed 03 Jul 2024 18:23:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8245
IP address blocks: 195.26.192.0/19 maxlen: 19
195.26.216.0/22 maxlen: 24
195.26.220.0/22 maxlen: 22
212.236.0.0/16 maxlen: 24
212.236.0.0/18 maxlen: 18
212.236.160.0/19 maxlen: 19
212.236.192.0/18 maxlen: 18
2a02:2750::/32 maxlen: 32
2a02:2750:cafe::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Jul 2024 18:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:79:d6:30:01:0f:a9:f3:44:e8:83:09:22:01:ad:62:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Validity
Not Before: Jul 3 18:23:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adde5a031703728cead47438e188c3e72ff74915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:78:c1:7c:55:ea:01:60:86:44:a3:6b:0d:1c:
ab:1e:f2:45:fc:1c:a8:cc:c1:bd:86:a1:e5:0f:15:
80:44:75:df:8d:5e:1b:01:e0:43:4f:db:4a:e3:a5:
b2:82:79:e8:ef:57:69:4a:a1:c4:ee:14:de:ee:07:
0e:f9:52:d9:40:7b:8d:d2:b8:98:e5:74:ac:aa:8e:
04:95:35:07:b1:1b:8f:09:47:1b:7a:2b:e7:2e:a5:
60:8e:9b:21:9c:c4:5e:0c:1f:0f:aa:43:ac:3f:92:
5e:3c:79:83:c7:be:04:d9:fd:15:76:38:57:20:d7:
7e:91:d4:ed:33:5a:ca:f5:dd:23:fe:8b:ae:38:ae:
94:a1:87:17:b1:ea:b2:67:b9:9c:35:2d:10:05:11:
42:69:bc:bf:e8:dc:04:dc:ac:b6:77:17:ff:0c:cd:
61:fb:60:ce:8c:ce:4f:c5:0f:10:82:59:34:3e:7f:
9b:c1:d1:d1:23:44:03:8c:21:0b:26:11:c3:99:8d:
7b:7c:bc:9d:ac:34:95:a5:87:5d:de:55:8a:56:9a:
28:3b:49:ee:40:46:42:64:a1:b9:4c:bd:16:90:21:
1a:5b:1a:e2:e4:28:b6:b1:3c:0e:fe:86:aa:7a:e2:
6f:76:5d:b4:24:83:96:43:3f:19:0e:37:a3:4e:3a:
e4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DE:5A:03:17:03:72:8C:EA:D4:74:38:E1:88:C3:E7:2F:F7:49:15
X509v3 Authority Key Identifier:
keyid:FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/rd5aAxcDcozq1HQ44YjD5y_3SRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/_JgxNwQvyMSSFwfU622l9sSnmls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.192.0/19
212.236.0.0/16
IPv6:
2a02:2750::/32
Signature Algorithm: sha256WithRSAEncryption
5d:d4:82:5a:84:2a:d2:9a:66:c6:0a:6a:8f:8f:0d:b9:7e:eb:
d0:f1:31:8d:d2:e8:f3:6d:b0:55:a7:18:64:7f:99:e8:c6:17:
8e:fd:be:35:39:7d:9c:0e:97:d3:1a:b6:96:d5:2f:c4:6e:18:
e7:ac:32:19:83:85:5e:62:98:e3:ae:6c:08:1d:61:48:b9:85:
65:b8:77:97:b4:8b:55:6e:32:3d:bf:20:ec:34:e3:55:b5:7f:
f8:c4:cd:50:78:6a:a7:cb:55:8a:f7:e5:3e:d6:16:10:39:f4:
27:b8:da:3f:11:de:4d:03:fb:f9:1a:e4:02:89:6f:07:ef:e3:
e0:c5:49:5c:7f:d6:53:52:76:7b:5b:1e:a5:f7:f2:64:01:8f:
d2:db:65:ff:29:ee:ee:33:91:59:6d:f7:f9:5b:0d:75:74:d5:
7d:b7:0a:99:46:38:b6:02:c3:8b:ef:c6:1a:e7:d8:a7:eb:4b:
ae:0b:6a:18:fc:95:ba:36:8b:b3:cf:a2:62:26:81:cd:b5:8b:
06:cb:28:93:fb:43:9a:11:6d:3b:e0:84:4d:61:cb:df:04:39:
2a:50:04:c5:e1:46:b9:e5:33:3e:5a:26:29:d5:20:a9:39:03:
59:c1:9b:d5:7a:ef:16:fa:bf:ad:ad:40:d0:01:0c:12:1c:f6:
a0:bc:09:7e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZB51jABD6nzROiDCSIBrWIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTgzMTM3MDQyZmM4YzQ5MjE3MDdkNGViNmRhNWY2YzRh
NzlhNWIwHhcNMjQwNzAzMTgyMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGRlNWEwMzE3MDM3MjhjZWFkNDc0MzhlMTg4YzNlNzJmZjc0OTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XjBfFXqAWCGRKNrDRyrHvJF/Byo
zMG9hqHlDxWARHXfjV4bAeBDT9tK46Wygnno71dpSqHE7hTe7gcO+VLZQHuN0riY
5XSsqo4ElTUHsRuPCUcbeivnLqVgjpshnMReDB8PqkOsP5JePHmDx74E2f0VdjhX
INd+kdTtM1rK9d0j/ouuOK6UoYcXseqyZ7mcNS0QBRFCaby/6NwE3Ky2dxf/DM1h
+2DOjM5PxQ8Qglk0Pn+bwdHRI0QDjCELJhHDmY17fLydrDSVpYdd3lWKVpooO0nu
QEZCZKG5TL0WkCEaWxri5Ci2sTwO/oaqeuJvdl20JIOWQz8ZDjejTjrk1wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK3eWgMXA3KM6tR0OOGIw+cv90kVMB8GA1UdIwQY
MBaAFPyYMTcEL8jEkhcH1OttpfbEp5pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMt
MjI0ZjEwYTk4MWZlLzEvcmQ1YUF4Y0Rjb3pxMUhRNDRZakQ1eV8zU1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMtMjI0ZjEwYTk4MWZl
LzEvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQFwxrAAwMA
1OwwDQQCAAIwBwMFACoCJ1AwDQYJKoZIhvcNAQELBQADggEBAF3UglqEKtKaZsYK
ao+PDbl+69DxMY3S6PNtsFWnGGR/mejGF479vjU5fZwOl9MatpbVL8RuGOesMhmD
hV5imOOubAgdYUi5hWW4d5e0i1VuMj2/IOw041W1f/jEzVB4aqfLVYr35T7WFhA5
9Ce42j8R3k0D+/ka5AKJbwfv4+DFSVx/1lNSdntbHqX38mQBj9LbZf8p7u4zkVlt
9/lbDXV01X23CplGOLYCw4vvxhrn2KfrS64Lahj8lbo2i7PPomImgc21iwbLKJP7
Q5oRbTvghE1hy98EOSpQBMXhRrnlMz5aJinVIKk5A1nBm9V67xb6v62tQNABDBIc
9qC8CX4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:25:41 2025 by rpki-client