Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/A4F8YAHhzmBmN8MsIuhysBHZS1w.roa
File: A4F8YAHhzmBmN8MsIuhysBHZS1w.roa (raw, json)
Hash identifier: 12gdhXPFTWakw1hWJqC/qyXWdB6Elm16rTk8gSvZTsw=
Subject key identifier: 03:81:7C:60:01:E1:CE:60:66:37:C3:2C:22:E8:72:B0:11:D9:4B:5C
Certificate issuer: /CN=4afecf6642a450b53b076d446482d9c1a89ded74
Certificate serial: 018CC2DAE9940DE9960848E6256A2781E3F8
Authority key identifier: 4A:FE:CF:66:42:A4:50:B5:3B:07:6D:44:64:82:D9:C1:A8:9D:ED:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sv7PZkKkULU7B21EZILZwaid7XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/A4F8YAHhzmBmN8MsIuhysBHZS1w.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35625
IP address blocks: 194.5.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e9:94:0d:e9:96:08:48:e6:25:6a:27:81:e3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afecf6642a450b53b076d446482d9c1a89ded74
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03817c6001e1ce606637c32c22e872b011d94b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d3:1d:7a:b9:38:f6:20:f8:04:fc:56:9b:c8:
0d:9c:9b:af:83:85:c5:07:33:6a:af:40:da:37:53:
e7:f2:2f:81:38:a6:77:1c:d8:ae:ea:a4:f0:f6:81:
ad:af:95:03:6b:a7:3c:f5:c5:bf:53:57:88:ee:3d:
30:0b:e8:f2:f9:ed:05:b6:7d:e6:e3:50:43:e6:3b:
5a:e1:28:9d:8d:4b:60:6b:dd:4b:59:a2:1e:4a:b6:
1a:ba:c7:7f:a3:c8:a1:e6:61:ac:68:1f:09:06:6d:
33:df:d8:36:d7:be:ce:5d:29:76:1f:22:5a:a7:29:
ae:a0:78:72:c6:eb:a0:a1:c6:d3:1b:36:50:19:6d:
8e:db:b7:4d:01:4f:a2:97:88:ca:24:94:48:5b:40:
f4:58:48:9e:22:f6:a3:5d:6a:2b:4d:6f:e8:1c:71:
c8:7a:f3:75:76:a6:4c:98:c3:4d:b9:59:a3:f5:7b:
ea:63:66:06:08:02:d4:f7:0b:54:8c:30:5b:ce:bf:
c6:7b:f5:1f:6b:41:b5:79:23:df:10:93:47:a0:73:
5e:30:6a:e4:61:92:0c:90:94:cb:60:73:4f:db:fc:
5f:6b:27:16:f0:34:ec:fb:3c:5e:8b:16:ea:86:e4:
3a:3e:84:aa:02:15:72:6d:51:c6:ec:5d:e5:7d:dc:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:81:7C:60:01:E1:CE:60:66:37:C3:2C:22:E8:72:B0:11:D9:4B:5C
X509v3 Authority Key Identifier:
keyid:4A:FE:CF:66:42:A4:50:B5:3B:07:6D:44:64:82:D9:C1:A8:9D:ED:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sv7PZkKkULU7B21EZILZwaid7XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/A4F8YAHhzmBmN8MsIuhysBHZS1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5d6f6c-b006-4563-91ad-428a111ac5e0/1/Sv7PZkKkULU7B21EZILZwaid7XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.72.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:58:b7:11:a1:ab:92:ee:e5:f9:9e:d2:71:f8:7b:fa:06:cb:
a0:a9:26:d5:2d:b1:7b:a2:a7:69:b9:bb:dd:09:d6:8e:e6:b0:
6c:4d:43:84:a9:af:32:e4:ac:8c:17:3f:a2:e3:31:f8:fd:b1:
c4:9a:10:8d:39:39:80:df:3c:e1:73:31:11:cc:dc:e7:84:ee:
a9:2a:1c:ab:b0:a2:4f:7a:0f:16:4c:c7:cc:21:e8:40:3e:af:
4e:29:0b:90:62:95:4c:7a:c2:27:f1:17:a3:63:cf:27:de:26:
e5:99:81:ed:d4:89:a7:b4:58:ea:f0:ef:04:43:87:89:90:2a:
dc:5c:fe:bb:91:ef:0b:0c:32:d3:95:3a:ec:be:cb:74:5a:cc:
5d:6e:cf:cc:c7:ae:1b:fa:f1:f0:14:0a:06:bb:e4:52:aa:9a:
a0:48:49:dc:9c:0f:80:3b:2d:59:64:ad:e8:58:dc:3f:ed:a9:
23:a6:9c:c8:a1:b6:ec:84:a0:54:45:38:d0:11:a2:99:4e:e4:
11:2d:fb:8d:88:75:4d:24:e2:9a:89:74:62:15:26:b5:9e:f2:
b2:97:69:6b:5c:97:7d:00:59:60:c3:62:00:82:61:a7:10:94:
27:95:fd:88:f5:5d:fe:89:99:b9:1f:a8:5a:cc:01:92:11:e0:
ea:30:95:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2umUDemWCEjmJWongeP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmVjZjY2NDJhNDUwYjUzYjA3NmQ0NDY0ODJkOWMxYTg5
ZGVkNzQwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzgxN2M2MDAxZTFjZTYwNjYzN2MzMmMyMmU4NzJiMDExZDk0YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNMderk49iD4BPxWm8gNnJuvg4XF
BzNqr0DaN1Pn8i+BOKZ3HNiu6qTw9oGtr5UDa6c89cW/U1eI7j0wC+jy+e0Ftn3m
41BD5jta4SidjUtga91LWaIeSrYausd/o8ih5mGsaB8JBm0z39g2177OXSl2HyJa
pymuoHhyxuugocbTGzZQGW2O27dNAU+il4jKJJRIW0D0WEieIvajXWorTW/oHHHI
evN1dqZMmMNNuVmj9XvqY2YGCALU9wtUjDBbzr/Ge/Ufa0G1eSPfEJNHoHNeMGrk
YZIMkJTLYHNP2/xfaycW8DTs+zxeixbqhuQ6PoSqAhVybVHG7F3lfdyk/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOBfGAB4c5gZjfDLCLocrAR2UtcMB8GA1UdIwQY
MBaAFEr+z2ZCpFC1OwdtRGSC2cGone10MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Y3UFprS2tVTFU3QjIxRVpJTFp3YWlkN1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81ZDZmNmMtYjAwNi00NTYzLTkxYWQt
NDI4YTExMWFjNWUwLzEvQTRGOFlBSGh6bUJtTjhNc0l1aHlzQkhaUzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81ZDZmNmMtYjAwNi00NTYzLTkxYWQtNDI4YTExMWFjNWUw
LzEvU3Y3UFprS2tVTFU3QjIxRVpJTFp3YWlkN1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgVIMA0G
CSqGSIb3DQEBCwUAA4IBAQCfWLcRoauS7uX5ntJx+Hv6BsugqSbVLbF7oqdpubvd
CdaO5rBsTUOEqa8y5KyMFz+i4zH4/bHEmhCNOTmA3zzhczERzNznhO6pKhyrsKJP
eg8WTMfMIehAPq9OKQuQYpVMesIn8RejY88n3iblmYHt1ImntFjq8O8EQ4eJkCrc
XP67ke8LDDLTlTrsvst0Wsxdbs/Mx64b+vHwFAoGu+RSqpqgSEncnA+AOy1ZZK3o
WNw/7akjppzIobbshKBURTjQEaKZTuQRLfuNiHVNJOKaiXRiFSa1nvKyl2lrXJd9
AFlgw2IAgmGnEJQnlf2I9V3+iZm5H6hazAGSEeDqMJW9
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:48:58 2025 by rpki-client