Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/OgqV3K9kCSqiIeZrVFL3cqlGwzs.roa
File: OgqV3K9kCSqiIeZrVFL3cqlGwzs.roa (raw, json)
Hash identifier: bIUylMSKQ5ZoW2Pp24mJHfGBGlU7c/qX9MC7wrpEUho=
Subject key identifier: 3A:0A:95:DC:AF:64:09:2A:A2:21:E6:6B:54:52:F7:72:A9:46:C3:3B
Certificate issuer: /CN=1efcab4deded66abef7cd7ed72657bc03a8229d6
Certificate serial: 019422FB76BD744FF28F3A9457080A3176D2
Authority key identifier: 1E:FC:AB:4D:ED:ED:66:AB:EF:7C:D7:ED:72:65:7B:C0:3A:82:29:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvyrTe3tZqvvfNftcmV7wDqCKdY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/OgqV3K9kCSqiIeZrVFL3cqlGwzs.roa
Signing time: Wed 01 Jan 2025 17:48:12 +0000
ROA not before: Wed 01 Jan 2025 17:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47180
IP address blocks: 194.179.140.0/22 maxlen: 22
2a13:f8c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Mar 2025 08:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:76:bd:74:4f:f2:8f:3a:94:57:08:0a:31:76:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efcab4deded66abef7cd7ed72657bc03a8229d6
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a0a95dcaf64092aa221e66b5452f772a946c33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:54:77:8b:81:54:3e:85:ec:cc:1f:75:11:ee:
3b:e6:01:17:ce:2c:6b:f5:ea:ee:e3:e9:05:e7:70:
c2:52:74:4a:c1:3b:1d:69:cf:2e:f3:c0:97:d6:0d:
a3:03:ba:bd:d0:a2:b3:b8:28:93:9f:74:96:6c:27:
5f:1b:ba:a4:0e:3c:82:a1:67:f7:19:46:0e:db:d3:
cc:ce:19:bb:5a:70:04:6c:8f:52:17:0d:53:00:50:
79:48:cf:58:16:e9:85:9b:27:89:1d:a6:f8:27:33:
d6:27:01:4d:6e:fb:cc:26:06:2d:82:65:6d:81:fc:
71:af:e8:c8:60:e1:8c:6d:7f:c6:b9:74:39:7c:2d:
f6:7e:02:53:f3:ad:17:22:54:75:d4:06:ca:4c:53:
78:4e:47:73:66:c6:ea:01:40:02:b9:8f:e1:ea:39:
27:90:9e:e8:aa:7c:da:ad:a3:aa:23:bc:78:5b:27:
d3:ba:aa:38:9a:05:85:03:75:39:14:aa:c4:7f:26:
32:e1:7a:a5:dd:4b:18:8c:34:ca:54:71:34:96:cf:
2e:99:45:03:a8:01:3e:df:ac:15:d2:61:b1:61:3b:
c4:3a:5c:06:aa:89:b4:60:c6:35:b7:22:2a:8b:f3:
d5:d3:0f:6a:27:5c:75:f8:0b:72:6a:fb:98:cf:23:
fc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0A:95:DC:AF:64:09:2A:A2:21:E6:6B:54:52:F7:72:A9:46:C3:3B
X509v3 Authority Key Identifier:
keyid:1E:FC:AB:4D:ED:ED:66:AB:EF:7C:D7:ED:72:65:7B:C0:3A:82:29:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvyrTe3tZqvvfNftcmV7wDqCKdY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/OgqV3K9kCSqiIeZrVFL3cqlGwzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c7c83f-fac2-4551-8f78-91a77ea05df1/1/HvyrTe3tZqvvfNftcmV7wDqCKdY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.179.140.0/22
IPv6:
2a13:f8c0::/29
Signature Algorithm: sha256WithRSAEncryption
b9:70:0f:59:27:a9:4c:27:0e:94:3e:e3:8f:6b:66:0d:e8:dd:
14:75:af:73:e2:e3:e0:d6:dc:20:b4:e8:42:5a:fc:4c:52:c1:
99:79:8e:37:70:87:8e:42:7a:ec:a2:3a:61:b4:89:2b:19:b1:
35:d5:24:f9:13:53:01:1a:00:7a:44:65:b4:c7:25:bc:4b:45:
1e:be:d3:a6:a3:98:14:c2:53:ea:ce:80:95:6b:7b:76:b5:08:
9c:95:21:30:40:bc:49:97:bd:3f:46:bc:60:73:eb:d0:e9:13:
ea:7c:18:2c:12:89:f9:cc:d5:0c:ec:0a:02:09:16:b1:82:03:
47:bf:f1:df:ee:51:9b:dc:33:70:84:e9:9f:61:ab:66:ff:ef:
15:1c:19:8d:7e:26:2b:47:16:ac:53:8f:2a:5c:a7:f9:4c:f1:
4d:7e:c9:28:96:fb:fc:1a:6b:a2:49:d5:9a:49:fb:84:52:9b:
37:c7:1c:68:8a:33:c1:5b:f8:51:7a:f4:c0:fd:56:32:b4:1f:
ac:6e:df:5f:ac:00:5d:c9:9e:39:21:6a:c1:53:30:33:51:9a:
d2:fb:47:9c:88:d4:2e:6e:72:1e:14:e1:d8:3a:ad:41:10:49:
a2:56:3a:f1:b7:e2:c4:8e:7a:68:0d:2a:97:fd:32:18:0d:c2:
5e:05:fa:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+3a9dE/yjzqUVwgKMXbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmNhYjRkZWRlZDY2YWJlZjdjZDdlZDcyNjU3YmMwM2E4
MjI5ZDYwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTBhOTVkY2FmNjQwOTJhYTIyMWU2NmI1NDUyZjc3MmE5NDZjMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFR3i4FUPoXszB91Ee475gEXzixr
9eru4+kF53DCUnRKwTsdac8u88CX1g2jA7q90KKzuCiTn3SWbCdfG7qkDjyCoWf3
GUYO29PMzhm7WnAEbI9SFw1TAFB5SM9YFumFmyeJHab4JzPWJwFNbvvMJgYtgmVt
gfxxr+jIYOGMbX/GuXQ5fC32fgJT860XIlR11AbKTFN4TkdzZsbqAUACuY/h6jkn
kJ7oqnzaraOqI7x4WyfTuqo4mgWFA3U5FKrEfyYy4Xql3UsYjDTKVHE0ls8umUUD
qAE+36wV0mGxYTvEOlwGqom0YMY1tyIqi/PV0w9qJ1x1+AtyavuYzyP89QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDoKldyvZAkqoiHma1RS93KpRsM7MB8GA1UdIwQY
MBaAFB78q03t7War73zX7XJle8A6ginWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZ5clRlM3RacXZ2Zk5mdGNtVjd3RHFDS2RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jN2M4M2YtZmFjMi00NTUxLThmNzgt
OTFhNzdlYTA1ZGYxLzEvT2dxVjNLOWtDU3FpSWVaclZGTDNjcWxHd3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jN2M4M2YtZmFjMi00NTUxLThmNzgtOTFhNzdlYTA1ZGYx
LzEvSHZ5clRlM3RacXZ2Zk5mdGNtVjd3RHFDS2RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwrOMMA0E
AgACMAcDBQMqE/jAMA0GCSqGSIb3DQEBCwUAA4IBAQC5cA9ZJ6lMJw6UPuOPa2YN
6N0Uda9z4uPg1twgtOhCWvxMUsGZeY43cIeOQnrsojphtIkrGbE11ST5E1MBGgB6
RGW0xyW8S0UevtOmo5gUwlPqzoCVa3t2tQiclSEwQLxJl70/Rrxgc+vQ6RPqfBgs
Eon5zNUM7AoCCRaxggNHv/Hf7lGb3DNwhOmfYatm/+8VHBmNfiYrRxasU48qXKf5
TPFNfskolvv8GmuiSdWaSfuEUps3xxxoijPBW/hRevTA/VYytB+sbt9frABdyZ45
IWrBUzAzUZrS+0eciNQubnIeFOHYOq1BEEmiVjrxt+LEjnpoDSqX/TIYDcJeBfrq
-----END CERTIFICATE-----
Generated at Wed Apr 16 17:37:01 2025 by rpki-client