Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/1gFrgcQ8cZ-vRJ7dlLECM1-ZvVo.roa
File: 1gFrgcQ8cZ-vRJ7dlLECM1-ZvVo.roa (raw, json)
Hash identifier: ebaePfPoXiskff0irNX2e3RQUjAoCdIS1QdrT0XwiQE=
Subject key identifier: D6:01:6B:81:C4:3C:71:9F:AF:44:9E:DD:94:B1:02:33:5F:99:BD:5A
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 019423698226CF2246A3D1B22B32969D3D45
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/1gFrgcQ8cZ-vRJ7dlLECM1-ZvVo.roa
Signing time: Wed 01 Jan 2025 19:48:24 +0000
ROA not before: Wed 01 Jan 2025 19:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.1.203.0/24 maxlen: 24
2001:7f8:10f::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Mar 2025 16:46:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:82:26:cf:22:46:a3:d1:b2:2b:32:96:9d:3d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Jan 1 19:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6016b81c43c719faf449edd94b102335f99bd5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:66:1d:3a:4d:bf:e5:77:1d:56:e6:ce:0d:d5:
e0:5d:83:b6:f4:44:6b:b2:2b:f5:35:12:29:93:c0:
86:18:30:5f:6b:b7:25:cf:86:e7:c9:be:d8:80:1b:
53:f6:9e:aa:bc:bc:ea:76:71:24:ab:99:f6:34:16:
3e:c1:52:77:e9:1a:b7:8c:a2:7e:45:07:e5:1e:90:
83:f0:e9:84:50:ad:76:9a:b7:da:96:d4:2f:9a:2c:
0c:93:8f:a4:bb:9c:db:f4:48:79:ee:9e:77:e7:44:
59:3b:3e:94:b1:d7:48:f4:b7:92:29:24:ad:8d:e4:
c1:1c:ff:c3:d9:c1:25:c7:58:ef:c2:9b:38:c1:4d:
11:40:fb:55:c3:4e:d1:b7:89:70:7e:45:ae:e0:8a:
1a:c6:5e:d0:ad:75:32:f9:99:f2:4b:e8:c3:10:57:
76:51:49:d1:8a:63:aa:0c:de:a9:ab:41:b2:43:f0:
2b:80:1d:b7:de:e5:14:23:c8:94:fc:f1:01:0c:82:
d5:a5:46:3b:53:2e:ed:5b:82:48:1b:cc:9f:d5:44:
2a:dd:81:e1:83:c3:50:d8:06:d5:fc:c3:e2:7c:a2:
b7:d7:56:92:12:a3:8f:07:7d:0a:15:7d:8d:8a:93:
4d:e4:1b:50:50:f0:27:ce:1c:48:08:4b:92:5f:7a:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:01:6B:81:C4:3C:71:9F:AF:44:9E:DD:94:B1:02:33:5F:99:BD:5A
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/1gFrgcQ8cZ-vRJ7dlLECM1-ZvVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.203.0/24
IPv6:
2001:7f8:10f::/48
Signature Algorithm: sha256WithRSAEncryption
8b:af:44:fc:41:90:69:17:26:7c:f9:a4:a3:03:95:37:75:80:
9e:a7:71:80:34:8e:fe:d6:42:2f:a0:66:c2:d7:06:46:98:a9:
6d:a4:d4:7d:8c:ec:28:7e:f2:a7:5c:06:9a:9e:9e:53:6d:96:
8f:25:18:d9:a6:d1:e6:e3:17:bf:94:ec:45:bb:39:52:17:d7:
04:08:e0:8f:f8:c8:3b:49:02:ff:93:b1:bf:53:0a:2e:04:d0:
8c:f2:94:37:ea:fe:72:67:7a:dd:a1:4d:de:03:a6:f4:a0:6d:
d0:54:1e:14:c0:7d:d6:37:c9:8a:4e:51:63:3e:bd:16:33:3a:
6d:28:bd:7d:5a:68:bd:05:33:5d:c8:26:c0:d5:d5:4e:0e:58:
91:4f:c8:13:4a:98:37:41:05:7c:d7:35:f8:53:49:87:49:7f:
72:40:68:19:16:a3:82:f4:88:d6:83:40:6b:46:81:e0:2f:ec:
f3:a5:c1:f3:98:19:bd:8d:fc:e0:7b:e7:6e:ab:e0:fb:85:80:
67:56:70:2f:cb:fa:c1:b7:0f:c7:50:9b:5b:07:ce:05:47:f0:
5e:05:70:dd:47:8f:30:cd:c9:f2:cd:24:f9:0e:f4:5b:8f:09:
19:2d:3f:05:19:cb:92:c0:b8:14:be:8d:5f:87:b8:81:a3:f4:
06:ae:6d:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjaYImzyJGo9GyKzKWnT1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjUwMTAxMTk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjAxNmI4MWM0M2M3MTlmYWY0NDllZGQ5NGIxMDIzMzVmOTliZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2YdOk2/5XcdVubODdXgXYO29ERr
siv1NRIpk8CGGDBfa7clz4bnyb7YgBtT9p6qvLzqdnEkq5n2NBY+wVJ36Rq3jKJ+
RQflHpCD8OmEUK12mrfaltQvmiwMk4+ku5zb9Eh57p5350RZOz6UsddI9LeSKSSt
jeTBHP/D2cElx1jvwps4wU0RQPtVw07Rt4lwfkWu4Ioaxl7QrXUy+ZnyS+jDEFd2
UUnRimOqDN6pq0GyQ/ArgB233uUUI8iU/PEBDILVpUY7Uy7tW4JIG8yf1UQq3YHh
g8NQ2AbV/MPifKK311aSEqOPB30KFX2NipNN5BtQUPAnzhxICEuSX3oRYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYBa4HEPHGfr0Se3ZSxAjNfmb1aMB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvMWdGcmdjUThjWi12Uko3ZGxMRUNNMS1adlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQHLMA8E
AgACMAkDBwAgAQf4AQ8wDQYJKoZIhvcNAQELBQADggEBAIuvRPxBkGkXJnz5pKMD
lTd1gJ6ncYA0jv7WQi+gZsLXBkaYqW2k1H2M7Ch+8qdcBpqenlNtlo8lGNmm0ebj
F7+U7EW7OVIX1wQI4I/4yDtJAv+Tsb9TCi4E0IzylDfq/nJnet2hTd4DpvSgbdBU
HhTAfdY3yYpOUWM+vRYzOm0ovX1aaL0FM13IJsDV1U4OWJFPyBNKmDdBBXzXNfhT
SYdJf3JAaBkWo4L0iNaDQGtGgeAv7POlwfOYGb2N/OB7526r4PuFgGdWcC/L+sG3
D8dQm1sHzgVH8F4FcN1HjzDNyfLNJPkO9FuPCRktPwUZy5LAuBS+jV+HuIGj9Aau
bXQ=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:28:12 2025 by rpki-client