Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DR2SBXpdfw3fZCLJ-dr7KAYdrTg.roa
File: DR2SBXpdfw3fZCLJ-dr7KAYdrTg.roa (raw, json)
Hash identifier: aJMewoT+A01DaQ9CMN/83CeEhb/JX4DqNKlNKwcQhCo=
Subject key identifier: 0D:1D:92:05:7A:5D:7F:0D:DF:64:22:C9:F9:DA:FB:28:06:1D:AD:38
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019742BFD8400FAA9247DD97B587108C7DC7
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DR2SBXpdfw3fZCLJ-dr7KAYdrTg.roa
Signing time: Fri 06 Jun 2025 00:59:18 +0000
ROA not before: Fri 06 Jun 2025 00:59:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210558
IP address blocks: 124.198.131.0/24 maxlen: 24
124.198.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Jun 2025 05:05:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:42:bf:d8:40:0f:aa:92:47:dd:97:b5:87:10:8c:7d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 6 00:59:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d1d92057a5d7f0ddf6422c9f9dafb28061dad38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:25:0b:d4:08:ec:2a:e4:f0:b4:cc:9d:52:bc:
72:0c:45:8c:3d:9e:39:21:d2:52:76:fd:4b:e0:9f:
c2:8b:0d:ae:e1:b2:56:e1:14:6a:2f:26:6f:5a:40:
29:7f:f5:88:b5:ce:7f:74:6e:e7:63:0b:35:9d:19:
61:c1:be:0b:b4:10:41:2b:79:fa:5a:ea:f4:c6:f6:
99:b7:23:06:a0:4e:93:43:a1:46:d1:b1:a2:20:87:
40:32:7f:bf:7f:09:c2:2b:1d:89:e0:c3:01:57:75:
21:fd:a0:8b:49:22:10:f7:44:b6:39:47:83:58:4a:
ae:6b:e6:cf:c6:a8:0c:e5:82:b3:b0:4f:c8:99:9b:
38:6c:74:ad:2c:0a:67:f9:39:bd:b0:b3:2e:1d:69:
d1:ab:b1:2e:15:f7:d6:7d:93:26:fd:a1:4d:37:c1:
9e:b3:50:5e:5a:2f:fe:ac:de:5f:ea:b1:a9:45:45:
f4:3e:30:a7:8f:3c:02:ff:e4:37:c0:79:2e:7b:c0:
17:40:98:47:b8:5c:37:a9:78:ea:09:58:32:d5:ca:
68:c1:f4:78:af:53:e9:5f:54:0e:a9:08:88:d8:fa:
b4:ba:ef:3f:b8:d0:e7:a9:48:6a:c8:f9:16:6e:85:
40:41:57:0b:46:d2:6f:6a:25:44:b5:ce:2b:a8:8f:
95:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1D:92:05:7A:5D:7F:0D:DF:64:22:C9:F9:DA:FB:28:06:1D:AD:38
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DR2SBXpdfw3fZCLJ-dr7KAYdrTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.131.0-124.198.132.255
Signature Algorithm: sha256WithRSAEncryption
5f:8e:6a:cc:c2:e9:24:af:a5:44:b3:7e:7d:b1:7c:d9:eb:1a:
4c:f9:23:63:34:10:33:86:9b:3b:c4:db:c6:f0:5e:58:35:e7:
54:2f:78:bb:b4:fd:29:d5:88:83:d5:d2:81:63:ee:20:10:73:
c5:85:1c:87:bb:f4:2c:74:f1:37:75:85:64:df:41:cb:70:57:
1f:fb:86:ce:05:ad:4d:9e:ee:6d:1b:74:09:92:2b:7e:2a:80:
8a:79:e6:82:ff:b9:ea:c7:d7:93:27:a3:88:79:1e:e6:95:02:
5a:c0:4a:39:55:e9:9a:f7:b2:60:ee:04:33:b5:d1:45:e3:3e:
37:95:bb:63:ba:f4:c9:c9:fb:3c:be:fc:ea:38:6b:fb:5c:6d:
c5:75:65:55:32:6e:98:98:c0:90:1d:f7:74:4c:38:8d:54:ea:
bd:eb:bc:12:56:17:43:14:45:22:9d:ae:0e:90:5b:76:79:80:
ce:e3:01:b6:aa:45:5f:54:8f:8d:cb:6b:c4:c1:57:91:d8:dd:
db:04:03:2e:9c:0e:d8:04:99:eb:de:df:82:5c:80:35:5e:f8:
b3:b4:2b:6f:6e:4e:66:20:25:a1:1e:e2:55:4a:95:36:86:06:
3f:16:a1:e0:d9:28:9d:78:4d:1a:3d:cd:64:e6:09:0c:d2:ff:
42:4f:dc:7d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZdCv9hAD6qSR92XtYcQjH3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA2MDA1OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDFkOTIwNTdhNWQ3ZjBkZGY2NDIyYzlmOWRhZmIyODA2MWRhZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iUL1AjsKuTwtMydUrxyDEWMPZ45
IdJSdv1L4J/Ciw2u4bJW4RRqLyZvWkApf/WItc5/dG7nYws1nRlhwb4LtBBBK3n6
Wur0xvaZtyMGoE6TQ6FG0bGiIIdAMn+/fwnCKx2J4MMBV3Uh/aCLSSIQ90S2OUeD
WEqua+bPxqgM5YKzsE/ImZs4bHStLApn+Tm9sLMuHWnRq7EuFffWfZMm/aFNN8Ge
s1BeWi/+rN5f6rGpRUX0PjCnjzwC/+Q3wHkue8AXQJhHuFw3qXjqCVgy1cpowfR4
r1PpX1QOqQiI2Pq0uu8/uNDnqUhqyPkWboVAQVcLRtJvaiVEtc4rqI+VqQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA0dkgV6XX8N32Qiyfna+ygGHa04MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvRFIyU0JYcGRmdzNmWkNMSi1kcjdLQVlkclRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAB8xoMD
BAB8xoQwDQYJKoZIhvcNAQELBQADggEBAF+OaszC6SSvpUSzfn2xfNnrGkz5I2M0
EDOGmzvE28bwXlg151QveLu0/SnViIPV0oFj7iAQc8WFHIe79Cx08Td1hWTfQctw
Vx/7hs4FrU2e7m0bdAmSK34qgIp55oL/uerH15Mno4h5HuaVAlrASjlV6Zr3smDu
BDO10UXjPjeVu2O69MnJ+zy+/Oo4a/tcbcV1ZVUybpiYwJAd93RMOI1U6r3rvBJW
F0MURSKdrg6QW3Z5gM7jAbaqRV9Uj43La8TBV5HY3dsEAy6cDtgEmeve34JcgDVe
+LO0K29uTmYgJaEe4lVKlTaGBj8WoeDZKJ14TRo9zWTmCQzS/0JP3H0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:58:16 2025 by rpki-client