Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3S8IsDyNsH7SN9J1a5w8YVDP1I4.roa
File: 3S8IsDyNsH7SN9J1a5w8YVDP1I4.roa (raw, json)
Hash identifier: LxietJ/Z4WfPyUo4MG73iVoMpcpW/yfm7IBSCat8hXI=
Subject key identifier: DD:2F:08:B0:3C:8D:B0:7E:D2:37:D2:75:6B:9C:3C:61:50:CF:D4:8E
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 01958550980B36A9BDD39D852E2BE5C78D0E
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3S8IsDyNsH7SN9J1a5w8YVDP1I4.roa
Signing time: Tue 11 Mar 2025 13:06:46 +0000
ROA not before: Tue 11 Mar 2025 13:06:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 91.200.248.0/22 maxlen: 24
193.43.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 09:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:50:98:0b:36:a9:bd:d3:9d:85:2e:2b:e5:c7:8d:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 11 13:06:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd2f08b03c8db07ed237d2756b9c3c6150cfd48e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:5d:04:e4:4b:2e:63:a5:4d:5c:31:f4:f1:
76:22:22:5a:29:5c:f4:dd:c2:ed:5c:d4:ec:56:f9:
a7:f6:6a:d8:3d:60:10:fa:1b:94:18:8b:f8:5f:fb:
e1:3d:f8:75:a2:c4:78:00:6d:c5:f1:36:85:04:f2:
19:bc:42:60:3c:04:58:3b:29:b8:27:da:57:e4:92:
f2:fe:c7:84:1a:19:a9:e6:e9:1f:dc:3d:ab:64:76:
7c:fb:a0:f5:24:1e:36:5e:08:57:8d:32:1b:87:6c:
7d:62:4f:81:d3:ae:66:10:d0:af:ae:ed:fc:5e:b7:
3a:a6:15:81:fe:aa:66:e4:5f:07:1b:ac:44:cd:3d:
6f:00:82:46:c3:c7:89:b1:48:e5:da:65:7e:c9:b2:
8b:61:67:df:16:3c:0d:df:8b:89:bc:8b:49:0a:a2:
53:1a:44:79:82:0c:dd:24:88:0a:a4:86:51:d2:1f:
b9:7b:12:22:9f:53:be:e0:d4:bc:92:8e:64:47:08:
5c:df:38:b8:5c:a7:b2:37:01:17:db:f2:50:23:6a:
5a:d7:47:41:d9:dd:27:b4:59:d4:b4:d0:f3:a9:7f:
a4:35:9f:6b:e0:75:f2:84:b8:a3:c3:31:84:e2:9f:
11:fb:ad:ba:f5:d1:7b:f0:d6:ab:b0:bc:c3:f0:f7:
e4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2F:08:B0:3C:8D:B0:7E:D2:37:D2:75:6B:9C:3C:61:50:CF:D4:8E
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3S8IsDyNsH7SN9J1a5w8YVDP1I4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.248.0/22
193.43.224.0/22
Signature Algorithm: sha256WithRSAEncryption
95:c4:ac:ab:3d:90:ca:84:09:ed:96:63:9f:f3:d0:25:74:ea:
2a:e6:bb:72:47:d3:df:61:54:f7:d0:68:bc:1b:63:3d:6b:59:
fc:5a:1b:ec:45:b0:8a:9e:ff:2a:db:80:62:50:39:8b:d0:04:
1f:92:99:d7:81:74:95:51:6d:09:8b:08:4a:da:66:8a:98:d9:
f7:3d:ce:bb:2a:3c:1a:51:0c:40:a3:9f:65:c3:54:fb:30:68:
c9:f2:aa:fc:42:d3:d0:01:da:2c:0b:c4:4a:26:f4:dd:ed:4f:
fe:42:37:0e:1c:91:87:60:75:4f:67:24:fb:74:e5:78:80:25:
c1:81:ea:ef:e9:6e:18:99:48:21:62:f6:58:fe:c8:02:e9:58:
63:a6:65:2e:af:05:fe:57:0d:62:d4:06:63:21:94:2d:8c:16:
b9:a6:0d:b4:2f:7d:06:53:d9:76:e7:c8:29:52:97:9f:d0:07:
e6:39:c2:a2:6f:10:a1:d0:e5:11:17:2c:6b:c9:1e:23:11:4e:
1f:8e:1b:30:b9:04:b9:50:dc:2a:f1:ea:6b:e0:00:bf:cc:54:
bc:05:2f:72:b9:f2:0f:9a:fd:54:8f:71:a5:a1:a6:32:72:d5:
30:fb:cd:ec:dc:cc:56:db:9f:72:ac:e7:33:31:69:20:13:e3:
6f:3c:0d:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWFUJgLNqm9052FLivlx40OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMzExMTMwNjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDJmMDhiMDNjOGRiMDdlZDIzN2QyNzU2YjljM2M2MTUwY2ZkNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDBdBORLLmOlTVwx9PF2IiJaKVz0
3cLtXNTsVvmn9mrYPWAQ+huUGIv4X/vhPfh1osR4AG3F8TaFBPIZvEJgPARYOym4
J9pX5JLy/seEGhmp5ukf3D2rZHZ8+6D1JB42XghXjTIbh2x9Yk+B065mENCvru38
Xrc6phWB/qpm5F8HG6xEzT1vAIJGw8eJsUjl2mV+ybKLYWffFjwN34uJvItJCqJT
GkR5ggzdJIgKpIZR0h+5exIin1O+4NS8ko5kRwhc3zi4XKeyNwEX2/JQI2pa10dB
2d0ntFnUtNDzqX+kNZ9r4HXyhLijwzGE4p8R+6269dF78NarsLzD8PfkaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN0vCLA8jbB+0jfSdWucPGFQz9SOMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvM1M4SXNEeU5zSDdTTjlKMWE1dzhZVkRQMUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8j4AwQC
wSvgMA0GCSqGSIb3DQEBCwUAA4IBAQCVxKyrPZDKhAntlmOf89AldOoq5rtyR9Pf
YVT30Gi8G2M9a1n8WhvsRbCKnv8q24BiUDmL0AQfkpnXgXSVUW0JiwhK2maKmNn3
Pc67KjwaUQxAo59lw1T7MGjJ8qr8QtPQAdosC8RKJvTd7U/+QjcOHJGHYHVPZyT7
dOV4gCXBgerv6W4YmUghYvZY/sgC6VhjpmUurwX+Vw1i1AZjIZQtjBa5pg20L30G
U9l258gpUpef0AfmOcKibxCh0OURFyxryR4jEU4fjhswuQS5UNwq8epr4AC/zFS8
BS9yufIPmv1Uj3GloaYyctUw+83s3MxW259yrOczMWkgE+NvPA2r
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:56:07 2025 by rpki-client