Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Ge6CQZnmyhKYSchL6hlVgxsNBeQ.roa
File: Ge6CQZnmyhKYSchL6hlVgxsNBeQ.roa (raw, json)
Hash identifier: Vs/FKjH3urhLMklrS4cz/L3mnN6UGIZm2Ktgt6TjnIk=
Subject key identifier: 19:EE:82:41:99:E6:CA:12:98:49:C8:4B:EA:19:55:83:1B:0D:05:E4
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 019653A3900DBB14289128D050F2564B1D44
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Ge6CQZnmyhKYSchL6hlVgxsNBeQ.roa
Signing time: Sun 20 Apr 2025 14:39:10 +0000
ROA not before: Sun 20 Apr 2025 14:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.191.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 08:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:53:a3:90:0d:bb:14:28:91:28:d0:50:f2:56:4b:1d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Apr 20 14:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19ee824199e6ca129849c84bea1955831b0d05e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:96:4d:39:f6:12:ac:84:c0:01:0f:8c:09:
8c:ba:a2:2e:dc:e6:ab:71:0b:50:22:84:e6:22:5c:
86:7b:17:ab:e4:e1:ce:92:6c:3f:cc:2c:64:b1:af:
0c:d6:e2:80:81:bc:f9:dd:0e:93:01:6d:86:37:23:
ba:6f:58:99:81:94:03:5a:9e:dd:cc:86:43:3d:bc:
2a:c0:9c:0d:05:68:c9:3e:84:61:ca:56:7b:aa:4d:
5f:6d:44:4b:e2:c3:75:c9:ad:fd:5f:e2:96:1e:58:
a1:4a:59:9c:8a:6b:a0:4f:b5:ef:73:d2:54:58:2f:
04:d9:bc:ca:37:f8:5a:ff:9e:b6:79:b4:ba:df:24:
ab:35:4b:f6:71:75:67:41:61:70:44:55:75:f8:ef:
77:f6:16:09:f1:80:28:9b:79:92:09:4a:dd:fc:17:
5f:cf:0a:0a:8a:a7:5b:ef:5f:30:0b:33:98:0f:17:
ff:84:57:64:2a:2d:08:71:6d:37:5d:ae:7f:b3:a0:
3c:8c:42:0e:99:bc:24:d9:51:b2:97:b6:1f:56:82:
ed:20:c4:1f:b6:86:e8:4c:8a:87:63:b4:be:66:1b:
74:a9:b3:09:0e:0f:29:e5:c9:fe:43:e9:cd:52:09:
58:11:51:b9:d1:a9:9d:6a:23:2f:78:96:3a:92:79:
df:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EE:82:41:99:E6:CA:12:98:49:C8:4B:EA:19:55:83:1B:0D:05:E4
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Ge6CQZnmyhKYSchL6hlVgxsNBeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.111.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f6:d8:b8:10:65:2e:eb:f5:65:4f:50:7b:5d:b0:62:e6:58:
f3:73:61:f8:6c:ba:b2:33:fa:17:85:c2:0d:6d:a1:41:3f:b4:
89:51:c8:72:a3:ff:ff:06:65:d9:4d:72:f9:64:e2:29:9a:8e:
0c:ba:8b:62:9c:c3:a7:6c:53:00:64:60:89:d6:89:03:4a:d7:
dc:46:98:6e:49:3a:fe:67:e7:f5:7e:ff:40:bc:e7:c8:14:be:
b2:cd:06:fe:f8:b7:3b:5a:df:6e:2e:1e:ff:e8:06:04:c4:f9:
8a:e4:6a:de:87:48:df:df:97:ed:ca:21:d9:ae:17:08:31:1e:
e4:50:5a:6b:ff:0b:5c:9d:d5:40:37:7f:49:72:53:71:71:07:
0e:16:5f:05:62:b5:2b:7e:e8:4a:18:72:54:a9:2e:8e:26:a3:
47:8e:fe:a0:b6:94:2d:42:56:b0:dc:0f:4e:69:1f:54:15:cb:
dd:93:f4:fb:1f:5c:2e:05:e2:c8:69:a9:38:e3:25:ac:e9:22:
f4:17:37:a9:08:7f:43:28:76:b8:e9:a3:e5:05:5a:ff:6d:0e:
47:54:2a:35:70:c8:66:96:04:02:be:b2:ab:1c:fb:3b:99:62:
9e:d4:16:b6:93:88:5f:56:bf:05:6f:84:ff:16:ed:50:9f:86:
2d:b9:fd:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZTo5ANuxQokSjQUPJWSx1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwNDIwMTQzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWVlODI0MTk5ZTZjYTEyOTg0OWM4NGJlYTE5NTU4MzFiMGQwNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa+WTTn2EqyEwAEPjAmMuqIu3Oar
cQtQIoTmIlyGexer5OHOkmw/zCxksa8M1uKAgbz53Q6TAW2GNyO6b1iZgZQDWp7d
zIZDPbwqwJwNBWjJPoRhylZ7qk1fbURL4sN1ya39X+KWHlihSlmcimugT7Xvc9JU
WC8E2bzKN/ha/562ebS63ySrNUv2cXVnQWFwRFV1+O939hYJ8YAom3mSCUrd/Bdf
zwoKiqdb718wCzOYDxf/hFdkKi0IcW03Xa5/s6A8jEIOmbwk2VGyl7YfVoLtIMQf
toboTIqHY7S+Zht0qbMJDg8p5cn+Q+nNUglYEVG50amdaiMveJY6knnfdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBnugkGZ5soSmEnIS+oZVYMbDQXkMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvR2U2Q1Fabm15aEtZU2NoTDZobFZneHNOQmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9vMA0G
CSqGSIb3DQEBCwUAA4IBAQA39ti4EGUu6/VlT1B7XbBi5ljzc2H4bLqyM/oXhcIN
baFBP7SJUchyo///BmXZTXL5ZOIpmo4MuotinMOnbFMAZGCJ1okDStfcRphuSTr+
Z+f1fv9AvOfIFL6yzQb++Lc7Wt9uLh7/6AYExPmK5Greh0jf35ftyiHZrhcIMR7k
UFpr/wtcndVAN39JclNxcQcOFl8FYrUrfuhKGHJUqS6OJqNHjv6gtpQtQlaw3A9O
aR9UFcvdk/T7H1wuBeLIaak44yWs6SL0FzepCH9DKHa46aPlBVr/bQ5HVCo1cMhm
lgQCvrKrHPs7mWKe1Ba2k4hfVr8Fb4T/Fu1Qn4Ytuf1p
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:34:59 2025 by rpki-client