Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/4VaeQF5dwhohaePLDXmLX3V3NDg.roa
File: 4VaeQF5dwhohaePLDXmLX3V3NDg.roa (raw, json)
Hash identifier: HiF1vZ+NPIRRw+HdPVT21A81d4V8UfwTq6Coe/lYUCY=
Subject key identifier: E1:56:9E:40:5E:5D:C2:1A:21:69:E3:CB:0D:79:8B:5F:75:77:34:38
Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial: 0194CB48FFBFBAB1D111BBB4EF0ED1ADADBB
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/4VaeQF5dwhohaePLDXmLX3V3NDg.roa
Signing time: Mon 03 Feb 2025 10:09:06 +0000
ROA not before: Mon 03 Feb 2025 10:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197477
IP address blocks: 185.97.215.0/24 maxlen: 24
2a13:e3c0::/32 maxlen: 48
2a13:e3c1::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Mar 2025 22:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:48:ff:bf:ba:b1:d1:11:bb:b4:ef:0e:d1:ad:ad:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
Validity
Not Before: Feb 3 10:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1569e405e5dc21a2169e3cb0d798b5f75773438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:13:aa:cb:f2:ed:57:d0:04:58:3b:f9:48:
b4:04:44:24:f9:54:c5:65:b6:75:c2:c4:aa:3c:c2:
6f:88:2d:ce:8f:7b:1d:ef:33:b7:a5:0a:3e:0f:54:
86:d6:90:48:99:b5:49:65:31:d6:ae:2e:d8:b2:1c:
98:f8:64:b5:c8:c2:2b:1e:f7:6e:54:5b:03:05:c9:
66:f7:35:1a:a4:b7:e9:18:ad:30:21:ed:47:38:bc:
57:c3:93:60:6f:28:71:7c:ca:cd:28:b4:6d:e4:46:
ed:76:c4:c2:e8:3e:36:d3:0f:27:d0:21:ed:21:dc:
7b:9d:7c:5e:fe:b7:98:1c:c4:74:ff:ba:c2:17:86:
ef:39:63:6b:d5:23:c4:08:81:3d:c2:7c:24:2b:46:
e5:60:5f:50:2f:f2:2a:84:03:44:74:dc:53:fa:bd:
4e:d8:e4:9f:5e:2e:20:f7:14:6a:ee:56:82:ca:f8:
e6:c7:0c:6c:23:bb:50:3b:27:a3:8b:f4:13:53:71:
be:4a:e0:ec:85:3b:20:82:50:c9:55:37:95:76:29:
87:07:c4:16:4b:a0:5e:53:b5:6e:91:d6:29:af:41:
82:c6:1c:9a:40:0b:bd:78:4a:73:0b:ff:b8:92:a6:
cb:c7:32:63:b8:b5:48:73:3b:ea:f5:f4:36:f1:1b:
c2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:56:9E:40:5E:5D:C2:1A:21:69:E3:CB:0D:79:8B:5F:75:77:34:38
X509v3 Authority Key Identifier:
keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/4VaeQF5dwhohaePLDXmLX3V3NDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.215.0/24
IPv6:
2a13:e3c0::/31
Signature Algorithm: sha256WithRSAEncryption
64:9d:43:12:42:e6:30:83:82:fa:15:c6:34:87:88:1b:93:9d:
6b:27:d9:fb:14:e9:82:d1:da:af:96:e6:b1:0e:f3:82:51:99:
74:ef:7d:61:b7:c8:18:c2:8a:08:1b:9d:d0:24:f1:25:93:75:
dc:3c:84:c3:87:c8:d5:cc:82:90:68:d9:c9:3c:71:d0:b3:fc:
da:4b:aa:69:26:0f:a6:7d:13:68:9d:95:27:51:e7:da:ff:ec:
ca:8e:1a:52:6d:bc:c0:5f:6b:84:60:c7:6d:01:b7:34:fa:d7:
98:10:06:52:ff:00:a6:e0:88:1b:08:cf:34:f9:05:af:e0:2e:
87:10:d8:b1:cf:f5:11:e9:25:a4:7b:c6:8c:af:ed:2d:66:7c:
a2:9e:44:b1:f0:4a:d7:b5:57:8b:73:c7:a4:ba:b8:b0:7b:72:
9e:2e:39:97:f5:3f:90:ae:06:76:30:a6:8e:6e:74:78:5e:a2:
b7:97:cb:b3:e0:dc:d7:8f:d4:9b:e2:e0:75:90:31:36:8c:15:
04:ed:dc:6e:ea:ba:a9:af:80:58:c8:91:b6:61:f3:ad:11:cc:
01:ea:4f:45:5e:9f:5a:55:e0:35:ea:46:32:b1:9d:45:99:93:
ea:88:3a:e9:5d:9a:99:33:b7:6e:42:d8:5d:a6:da:98:8b:b6:
e5:a5:fd:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZTLSP+/urHREbu07w7Rra27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjUwMjAzMTAwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU2OWU0MDVlNWRjMjFhMjE2OWUzY2IwZDc5OGI1Zjc1NzczNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDETqsvy7VfQBFg7+Ui0BEQk+VTF
ZbZ1wsSqPMJviC3Oj3sd7zO3pQo+D1SG1pBImbVJZTHWri7YshyY+GS1yMIrHvdu
VFsDBclm9zUapLfpGK0wIe1HOLxXw5NgbyhxfMrNKLRt5EbtdsTC6D420w8n0CHt
Idx7nXxe/reYHMR0/7rCF4bvOWNr1SPECIE9wnwkK0blYF9QL/IqhANEdNxT+r1O
2OSfXi4g9xRq7laCyvjmxwxsI7tQOyeji/QTU3G+SuDshTsgglDJVTeVdimHB8QW
S6BeU7VukdYpr0GCxhyaQAu9eEpzC/+4kqbLxzJjuLVIczvq9fQ28RvCkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOFWnkBeXcIaIWnjyw15i191dzQ4MB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEvNFZhZVFGNWR3aG9oYWVQTERYbUxYM1YzTkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWHXMA0E
AgACMAcDBQEqE+PAMA0GCSqGSIb3DQEBCwUAA4IBAQBknUMSQuYwg4L6FcY0h4gb
k51rJ9n7FOmC0dqvluaxDvOCUZl0731ht8gYwooIG53QJPElk3XcPITDh8jVzIKQ
aNnJPHHQs/zaS6ppJg+mfRNonZUnUefa/+zKjhpSbbzAX2uEYMdtAbc0+teYEAZS
/wCm4IgbCM80+QWv4C6HENixz/UR6SWke8aMr+0tZnyinkSx8ErXtVeLc8ekuriw
e3KeLjmX9T+QrgZ2MKaObnR4XqK3l8uz4NzXj9Sb4uB1kDE2jBUE7dxu6rqpr4BY
yJG2YfOtEcwB6k9FXp9aVeA16kYysZ1FmZPqiDrpXZqZM7duQthdptqYi7blpf1/
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:11:01 2025 by rpki-client