Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/_0Vh_XJ1z2RkabTSmqhnTiv_kDk.roa
File: _0Vh_XJ1z2RkabTSmqhnTiv_kDk.roa (raw, json)
Hash identifier: XKqykNxE/uWPvEIjTbhVXKth65uq7RC9PUqd6Ln2pnE=
Subject key identifier: FF:45:61:FD:72:75:CF:64:64:69:B4:D2:9A:A8:67:4E:2B:FF:90:39
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01958C2BB684FCB4BEF9FADA6FBEF7D6F190
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/_0Vh_XJ1z2RkabTSmqhnTiv_kDk.roa
Signing time: Wed 12 Mar 2025 21:03:49 +0000
ROA not before: Wed 12 Mar 2025 21:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 155.2.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 05:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8c:2b:b6:84:fc:b4:be:f9:fa:da:6f:be:f7:d6:f1:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 12 21:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff4561fd7275cf646469b4d29aa8674e2bff9039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:d5:1e:f9:32:69:9b:f6:7e:0f:ec:b1:ee:
cc:7d:85:67:6e:4d:6d:bb:d5:e2:fa:5d:db:e1:48:
91:e7:47:fd:1e:89:93:8b:df:67:59:0d:1a:11:ab:
33:76:d0:4e:63:0d:18:2b:09:e6:36:82:fa:54:08:
24:01:ee:5e:2b:0a:5b:d9:4f:0f:18:41:7f:b7:7e:
a8:5b:3d:d0:e4:49:a1:7c:98:1f:1e:5b:da:4f:71:
d3:eb:3d:1c:d0:99:76:26:7d:95:63:b4:54:e8:78:
f2:82:47:68:77:34:87:76:a2:39:e4:cd:41:9a:a4:
e0:04:b7:79:d6:9d:6d:a4:c3:b7:fa:94:f2:ac:a8:
23:88:f7:43:74:48:03:cb:d2:db:28:af:0a:3d:56:
ad:e0:10:5f:89:ce:69:09:87:72:9d:d7:6e:28:5a:
f1:06:9f:ab:ce:99:6e:78:10:41:f6:06:95:e1:76:
68:ff:a1:a5:96:6b:73:d3:d7:bd:24:d3:10:1c:91:
b8:87:48:b0:f8:e8:3c:17:e0:07:75:a0:1c:e8:14:
a9:75:f1:1b:dc:34:66:d4:17:14:9d:e2:3f:6f:98:
13:51:b4:72:e0:2b:c1:75:4b:73:e9:24:2e:ed:1f:
c4:ad:13:f4:22:6a:63:e4:f6:a4:cd:7c:bc:8e:3f:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:45:61:FD:72:75:CF:64:64:69:B4:D2:9A:A8:67:4E:2B:FF:90:39
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/_0Vh_XJ1z2RkabTSmqhnTiv_kDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:bf:44:7a:e7:36:19:f4:e9:b5:4a:73:b4:7b:cc:6e:9b:94:
3d:7b:a3:bb:c6:c3:9b:69:21:c0:ab:f0:ab:e9:88:a0:b6:50:
cf:c9:8b:0b:d7:4f:be:97:13:41:a6:b6:94:12:26:6f:e9:60:
9b:60:0d:22:85:29:1b:2b:1b:4e:2a:65:98:63:a2:ae:2d:86:
ec:1b:4d:7a:6a:1a:36:83:91:51:3a:70:6b:f9:d2:17:0b:1a:
ec:73:46:59:4f:8b:94:cb:f3:ca:5b:38:04:dc:4d:ca:c0:55:
ae:a2:47:fb:70:5e:b4:65:b5:e9:a5:38:51:bd:d6:1d:bb:9c:
da:b8:eb:79:c0:90:1f:52:6c:d6:30:92:59:6f:38:5c:3f:74:
10:ca:bb:1d:4f:d5:61:39:c7:99:39:3a:08:17:10:24:6c:42:
db:6d:78:18:88:f3:56:df:77:de:c7:da:e9:e2:d4:3c:31:9f:
75:39:79:2e:95:bf:18:4b:34:be:03:ee:62:54:ae:63:4b:29:
64:a8:77:2d:79:b6:b9:5e:72:44:49:e0:4a:02:e1:01:cf:74:
c1:62:79:62:ef:ff:46:ae:e1:d5:09:18:d6:de:89:63:1d:d0:
2a:8d:e8:59:81:b9:15:ae:71:f1:83:0c:18:55:8b:d7:65:3f:
72:a1:05:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWMK7aE/LS++frab7731vGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMzEyMjEwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ1NjFmZDcyNzVjZjY0NjQ2OWI0ZDI5YWE4Njc0ZTJiZmY5MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApULVHvkyaZv2fg/sse7MfYVnbk1t
u9Xi+l3b4UiR50f9HomTi99nWQ0aEaszdtBOYw0YKwnmNoL6VAgkAe5eKwpb2U8P
GEF/t36oWz3Q5EmhfJgfHlvaT3HT6z0c0Jl2Jn2VY7RU6HjygkdodzSHdqI55M1B
mqTgBLd51p1tpMO3+pTyrKgjiPdDdEgDy9LbKK8KPVat4BBfic5pCYdyndduKFrx
Bp+rzplueBBB9gaV4XZo/6Gllmtz09e9JNMQHJG4h0iw+Og8F+AHdaAc6BSpdfEb
3DRm1BcUneI/b5gTUbRy4CvBdUtz6SQu7R/ErRP0Impj5PakzXy8jj8K2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9FYf1ydc9kZGm00pqoZ04r/5A5MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvXzBWaF9YSjF6MlJrYWJUU21xaG5UaXZfa0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmwLcMA0G
CSqGSIb3DQEBCwUAA4IBAQDnv0R65zYZ9Om1SnO0e8xum5Q9e6O7xsObaSHAq/Cr
6YigtlDPyYsL10++lxNBpraUEiZv6WCbYA0ihSkbKxtOKmWYY6KuLYbsG016aho2
g5FROnBr+dIXCxrsc0ZZT4uUy/PKWzgE3E3KwFWuokf7cF60ZbXppThRvdYdu5za
uOt5wJAfUmzWMJJZbzhcP3QQyrsdT9VhOceZOToIFxAkbELbbXgYiPNW33fex9rp
4tQ8MZ91OXkulb8YSzS+A+5iVK5jSylkqHcteba5XnJESeBKAuEBz3TBYnli7/9G
ruHVCRjW3oljHdAqjehZgbkVrnHxgwwYVYvXZT9yoQXw
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:25:41 2025 by rpki-client