Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/foPJH2r8DauS2zq8F7qXn9IkNPE.roa
File: foPJH2r8DauS2zq8F7qXn9IkNPE.roa (raw, json)
Hash identifier: gq/DgdZoq5HvN2TgQShM7pNw2XXkWUayMVXogD7pEw4=
Subject key identifier: 7E:83:C9:1F:6A:FC:0D:AB:92:DB:3A:BC:17:BA:97:9F:D2:24:34:F1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194AC351315AACE888965937F80670E7A2C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/foPJH2r8DauS2zq8F7qXn9IkNPE.roa
Signing time: Tue 28 Jan 2025 09:19:06 +0000
ROA not before: Tue 28 Jan 2025 09:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42624
IP address blocks: 93.88.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 08:39:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:35:13:15:aa:ce:88:89:65:93:7f:80:67:0e:7a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 28 09:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e83c91f6afc0dab92db3abc17ba979fd22434f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:45:fa:01:b7:01:df:30:1e:19:54:33:a5:
bd:08:2e:b9:1c:a3:a6:59:7b:2f:d6:34:93:d8:4c:
83:b4:0a:39:01:15:e9:21:cd:b0:88:c7:66:a0:3b:
80:d1:84:4a:c1:65:2a:62:b4:e0:96:b9:e8:9c:06:
ea:54:63:4f:bf:ca:b8:d3:78:e3:d2:f3:7e:0b:1a:
44:97:bf:88:0c:0b:0c:a9:72:f6:85:5a:8a:5e:20:
a9:1f:18:60:2a:60:a3:72:de:d5:60:84:0f:c0:94:
77:35:d5:8a:40:e1:8f:89:f5:75:05:7a:31:51:fc:
28:6d:3e:d7:ea:5a:da:4c:db:4b:76:24:5d:cd:4e:
e0:f6:f5:4e:c4:a3:3e:b9:3f:08:3f:53:c5:07:db:
63:c5:2f:9d:24:2c:cc:3a:e0:fa:4e:58:90:2b:a6:
91:09:bb:cd:0f:d0:41:15:57:27:05:d2:83:b3:44:
e5:76:36:29:39:ee:11:df:65:93:2a:79:5b:3d:e7:
1c:82:3e:bd:df:7d:08:f1:47:21:af:9c:b5:a3:0e:
3d:8d:27:ba:58:77:20:3d:18:70:19:62:d5:39:29:
ca:04:58:7f:d3:bf:1a:60:b4:1b:78:16:6a:24:cf:
fb:ef:46:46:e0:2f:15:62:71:71:b2:f2:73:de:33:
61:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:83:C9:1F:6A:FC:0D:AB:92:DB:3A:BC:17:BA:97:9F:D2:24:34:F1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/foPJH2r8DauS2zq8F7qXn9IkNPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.203.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:2b:dd:8a:e6:69:df:41:e6:81:f3:15:30:18:8a:70:ef:a8:
2d:42:e7:4d:20:f7:97:29:fb:1d:e2:03:87:28:cd:83:68:c9:
d5:09:c9:fd:03:ff:0e:10:99:a2:5b:64:56:a8:58:34:fe:3a:
db:25:b2:a6:75:4b:c6:e1:86:43:2d:da:fe:6f:21:51:e6:08:
a9:49:52:ef:52:12:a6:f4:f4:86:19:f0:17:62:7c:6d:91:e5:
0d:49:6f:59:38:b5:ab:c2:25:c0:61:3d:2a:73:77:d8:65:a5:
2e:ac:44:48:d8:d3:c5:c2:c5:80:7b:4e:8b:e9:f3:f9:da:b4:
13:10:90:6a:a6:4c:bf:3a:f2:52:3f:7c:04:c1:26:eb:d1:98:
ba:20:e3:67:27:6f:40:c8:8c:b1:49:0f:6a:84:fc:19:bd:18:
c7:ab:90:fe:b1:57:b5:e5:51:54:56:27:7a:c2:c8:66:99:76:
8f:f7:b9:31:dc:e4:73:fd:ab:fd:36:22:bb:73:19:eb:6b:6c:
f8:7a:6c:b5:42:82:89:30:2f:97:11:7c:6c:3f:66:1b:05:bc:
d5:9c:39:17:30:73:70:2f:a3:47:fb:cd:13:9b:f2:c6:12:e2:
d6:8d:c5:5d:b9:33:d9:17:1d:9c:c1:95:20:7b:5f:04:7b:67:
33:f9:bc:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSsNRMVqs6IiWWTf4BnDnosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTI4MDkxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgzYzkxZjZhZmMwZGFiOTJkYjNhYmMxN2JhOTc5ZmQyMjQzNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNdF+gG3Ad8wHhlUM6W9CC65HKOm
WXsv1jST2EyDtAo5ARXpIc2wiMdmoDuA0YRKwWUqYrTglrnonAbqVGNPv8q403jj
0vN+CxpEl7+IDAsMqXL2hVqKXiCpHxhgKmCjct7VYIQPwJR3NdWKQOGPifV1BXox
UfwobT7X6lraTNtLdiRdzU7g9vVOxKM+uT8IP1PFB9tjxS+dJCzMOuD6TliQK6aR
CbvND9BBFVcnBdKDs0TldjYpOe4R32WTKnlbPeccgj69330I8Uchr5y1ow49jSe6
WHcgPRhwGWLVOSnKBFh/078aYLQbeBZqJM/770ZG4C8VYnFxsvJz3jNhywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6DyR9q/A2rkts6vBe6l5/SJDTxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZm9QSkgycjhEYXVTMnpxOEY3cVhuOUlrTlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXVjLMA0G
CSqGSIb3DQEBCwUAA4IBAQC0K92K5mnfQeaB8xUwGIpw76gtQudNIPeXKfsd4gOH
KM2DaMnVCcn9A/8OEJmiW2RWqFg0/jrbJbKmdUvG4YZDLdr+byFR5gipSVLvUhKm
9PSGGfAXYnxtkeUNSW9ZOLWrwiXAYT0qc3fYZaUurERI2NPFwsWAe06L6fP52rQT
EJBqpky/OvJSP3wEwSbr0Zi6IONnJ29AyIyxSQ9qhPwZvRjHq5D+sVe15VFUVid6
wshmmXaP97kx3ORz/av9NiK7cxnra2z4emy1QoKJMC+XEXxsP2YbBbzVnDkXMHNw
L6NH+80Tm/LGEuLWjcVduTPZFx2cwZUge18Ee2cz+byW
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:41 2025 by rpki-client