Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/A4umqpfnXuTRZJF55PEUM5AcO4Y.roa
File: A4umqpfnXuTRZJF55PEUM5AcO4Y.roa (raw, json)
Hash identifier: 4WhmELX7Z14+1vYw/eH6HZJrTsnAJOM8jXUK+ucvdbA=
Subject key identifier: 03:8B:A6:AA:97:E7:5E:E4:D1:64:91:79:E4:F1:14:33:90:1C:3B:86
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 018D5AFB62395E1C948838A56DB4413112FA
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/A4umqpfnXuTRZJF55PEUM5AcO4Y.roa
Signing time: Tue 30 Jan 2024 15:27:20 +0000
ROA not before: Tue 30 Jan 2024 15:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201575
IP address blocks: 194.169.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 19:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:fb:62:39:5e:1c:94:88:38:a5:6d:b4:41:31:12:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 30 15:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=038ba6aa97e75ee4d1649179e4f11433901c3b86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e6:f2:46:a1:b0:5b:ac:67:8a:a0:9f:a6:55:
68:54:e8:9c:9e:55:06:3f:5a:4a:b3:8e:90:3b:0a:
53:2e:11:9a:13:55:0a:64:53:50:a0:5e:fb:0c:83:
e6:d2:9d:28:4d:8e:c6:4d:78:2a:5d:ba:19:56:8b:
98:4f:01:50:b7:22:37:54:d2:29:03:d6:d7:1f:16:
fa:42:82:5c:33:1e:fa:46:88:93:8c:db:af:6f:11:
ed:bc:97:1f:9c:97:58:39:94:e7:c1:5b:96:76:4c:
4f:40:92:89:29:d3:f1:ba:4c:66:d7:1e:0c:1c:bb:
da:0f:bd:79:c6:5a:38:80:c1:b9:a1:eb:ad:1a:5a:
0a:9e:24:45:33:35:81:57:16:e6:54:cb:52:01:46:
aa:81:65:ce:4a:aa:f3:cd:0b:76:17:4a:ba:77:18:
a4:75:b7:70:d0:fb:e4:7a:b5:6c:81:90:df:bd:e1:
6e:0b:08:b3:55:f0:5d:7c:17:a3:d6:a5:e3:d6:72:
66:26:d2:79:a0:0d:9f:3d:e5:1d:5f:2d:ca:e4:56:
1d:d8:fa:0a:99:eb:70:3b:de:bc:b3:db:1f:16:e2:
0a:48:c4:41:53:ac:54:25:ad:79:e7:a8:73:10:57:
01:e3:bc:d4:37:60:b9:1a:3b:fc:53:7a:70:40:9d:
81:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:8B:A6:AA:97:E7:5E:E4:D1:64:91:79:E4:F1:14:33:90:1C:3B:86
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/A4umqpfnXuTRZJF55PEUM5AcO4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.48.0/24
Signature Algorithm: sha256WithRSAEncryption
65:31:5b:a0:ae:73:1e:82:90:16:e4:72:6a:66:71:c8:e0:6c:
64:fa:a9:7c:bc:61:fd:cd:60:af:3e:3c:b0:95:45:11:37:dc:
b9:e2:b6:ae:50:70:e4:15:4e:f8:a4:88:eb:fb:f1:41:09:3b:
55:49:e4:fb:b7:9b:b8:f7:be:b5:71:64:ee:fb:f3:f0:a0:9a:
69:f8:85:6a:53:f6:16:1d:b1:b5:6e:89:03:39:c9:f5:49:5b:
fb:66:3c:90:3e:e0:3a:69:bf:d0:e3:14:09:3a:4d:ff:64:83:
27:2b:fe:4b:4b:1b:2d:f0:31:7d:92:7f:54:b9:82:7f:4b:cf:
b0:4a:cd:c8:75:a5:97:30:b0:d7:37:d7:f5:42:69:83:73:0f:
57:ad:0b:dc:a6:dc:31:df:00:18:00:98:f8:17:e3:20:d1:63:
ce:c1:ab:68:b1:8d:d6:c1:d8:fc:83:21:e5:57:59:a8:6a:14:
7e:a0:71:78:99:fe:4a:7b:db:fc:ba:1f:4f:48:44:14:77:d8:
bd:f3:0e:ad:37:82:36:01:6e:f0:6b:e2:c3:d7:c3:dd:5b:d6:
c0:53:72:f9:76:0c:ec:d1:89:00:3f:a6:6e:92:a2:9a:db:4f:
cd:5e:6b:8b:fe:25:83:6a:71:b7:df:64:47:0d:85:a7:e1:aa:
b6:bc:29:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1a+2I5XhyUiDilbbRBMRL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjQwMTMwMTUyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzhiYTZhYTk3ZTc1ZWU0ZDE2NDkxNzllNGYxMTQzMzkwMWMzYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqubyRqGwW6xniqCfplVoVOicnlUG
P1pKs46QOwpTLhGaE1UKZFNQoF77DIPm0p0oTY7GTXgqXboZVouYTwFQtyI3VNIp
A9bXHxb6QoJcMx76RoiTjNuvbxHtvJcfnJdYOZTnwVuWdkxPQJKJKdPxukxm1x4M
HLvaD715xlo4gMG5oeutGloKniRFMzWBVxbmVMtSAUaqgWXOSqrzzQt2F0q6dxik
dbdw0PvkerVsgZDfveFuCwizVfBdfBej1qXj1nJmJtJ5oA2fPeUdXy3K5FYd2PoK
metwO968s9sfFuIKSMRBU6xUJa1556hzEFcB47zUN2C5Gjv8U3pwQJ2B1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOLpqqX517k0WSReeTxFDOQHDuGMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvQTR1bXFwZm5YdVRSWkpGNTVQRVVNNUFjTzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkwMA0G
CSqGSIb3DQEBCwUAA4IBAQBlMVugrnMegpAW5HJqZnHI4Gxk+ql8vGH9zWCvPjyw
lUURN9y54rauUHDkFU74pIjr+/FBCTtVSeT7t5u49761cWTu+/PwoJpp+IVqU/YW
HbG1bokDOcn1SVv7ZjyQPuA6ab/Q4xQJOk3/ZIMnK/5LSxst8DF9kn9UuYJ/S8+w
Ss3IdaWXMLDXN9f1QmmDcw9XrQvcptwx3wAYAJj4F+Mg0WPOwatosY3Wwdj8gyHl
V1moahR+oHF4mf5Ke9v8uh9PSEQUd9i98w6tN4I2AW7wa+LD18PdW9bAU3L5dgzs
0YkAP6ZukqKa20/NXmuL/iWDanG332RHDYWn4aq2vCn+
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:11:54 2025 by rpki-client