Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/cm7Z_xfBu_5U6SOeVKlqxWf_EqY.roa
File: cm7Z_xfBu_5U6SOeVKlqxWf_EqY.roa (raw, json)
Hash identifier: P6nUyCusCzcf5WXo9agD36FaH/IlcK7NCZSYnNJrmUk=
Subject key identifier: 72:6E:D9:FF:17:C1:BB:FE:54:E9:23:9E:54:A9:6A:C5:67:FF:12:A6
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 0194D69F3898F4C7E8934271F5D384632BED
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/cm7Z_xfBu_5U6SOeVKlqxWf_EqY.roa
Signing time: Wed 05 Feb 2025 14:59:06 +0000
ROA not before: Wed 05 Feb 2025 14:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9583
IP address blocks: 192.109.146.0/24 maxlen: 24
2a07:8145::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 18 Feb 2025 15:13:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:9f:38:98:f4:c7:e8:93:42:71:f5:d3:84:63:2b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Feb 5 14:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=726ed9ff17c1bbfe54e9239e54a96ac567ff12a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:14:a9:1d:0f:1d:66:8a:93:2a:76:fa:a5:
09:02:79:25:15:92:6d:ed:dc:ac:c2:4b:e9:c1:9f:
df:33:09:cd:ec:d9:ff:db:ca:e8:a2:0f:5a:7b:54:
5d:b7:c5:58:a1:5a:ae:97:c7:1d:54:1a:3a:60:e4:
38:54:11:b0:5c:e9:88:34:ff:08:5b:04:37:c0:af:
33:cf:77:03:f3:29:be:64:04:25:98:36:d3:20:28:
5f:3d:af:50:2a:7c:8c:7e:41:b1:ba:fb:46:34:6a:
d2:a6:76:8f:41:c3:0a:3e:98:0b:bc:f2:b5:dd:e7:
cd:cc:21:bd:bf:c7:e3:75:39:2a:e6:2d:cb:11:d4:
91:51:7b:fb:e7:47:ea:63:f9:d8:f6:92:d4:85:0b:
39:8d:5b:76:d5:69:e3:57:ac:cb:a2:f1:1c:6e:de:
2f:38:02:22:81:16:70:6d:84:cb:b0:33:91:16:01:
80:06:39:b9:b9:ba:6a:8c:8e:51:37:fa:76:bc:c6:
b6:76:1b:2e:a0:06:a4:57:b5:36:33:7f:7b:85:20:
b1:59:71:e7:df:f0:07:c0:f4:f3:fb:44:76:b8:49:
0d:f9:3d:31:20:02:df:ff:30:2d:80:7b:9c:96:01:
e3:ac:a0:3c:ef:60:5b:91:c5:07:f0:53:0f:14:21:
84:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6E:D9:FF:17:C1:BB:FE:54:E9:23:9E:54:A9:6A:C5:67:FF:12:A6
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/cm7Z_xfBu_5U6SOeVKlqxWf_EqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.146.0/24
IPv6:
2a07:8145::/36
Signature Algorithm: sha256WithRSAEncryption
a3:f6:c5:94:b9:53:49:5e:b5:22:60:5d:09:11:ed:bd:81:a2:
c3:0a:fe:f1:2e:30:2d:d1:c1:57:10:b1:9a:0b:32:66:4b:1d:
36:d1:98:3b:40:3b:ea:7e:63:44:14:77:ef:51:4e:2e:cd:7f:
71:43:86:d3:a8:cf:77:49:81:d3:2d:ca:da:1f:19:a9:65:a3:
5a:31:1e:7a:ab:bd:b3:a4:09:ef:e7:8c:15:4b:cd:c3:6e:a6:
96:43:58:72:98:07:55:19:85:5c:50:3d:61:8b:f0:c5:11:fa:
fd:e3:a9:01:9d:d3:83:d7:94:6c:5e:74:0e:66:1e:fe:57:48:
53:7f:6a:f2:4d:81:ab:40:a6:31:f6:77:d3:58:a7:bb:d0:53:
a7:0e:30:e1:27:ad:a8:a1:33:78:f7:48:5b:d8:00:e8:ab:cd:
16:73:a9:41:93:76:1a:e8:67:23:8f:d9:0b:8b:5b:1e:1c:59:
60:ac:7a:ba:df:30:1d:ba:8e:20:0a:9d:73:7d:30:9b:90:54:
cf:f1:0f:81:8c:27:30:3f:81:a0:26:dd:82:84:e5:db:9b:74:
b7:d0:e3:a3:49:63:ba:52:af:54:a5:49:23:e9:bc:0b:14:eb:
bc:ae:68:7c:4c:16:3d:b4:62:35:75:9d:d9:1a:17:aa:67:1e:
74:85:f2:96
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZTWnziY9Mfok0Jx9dOEYyvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjUwMjA1MTQ1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZlZDlmZjE3YzFiYmZlNTRlOTIzOWU1NGE5NmFjNTY3ZmYxMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlAUqR0PHWaKkyp2+qUJAnklFZJt
7dyswkvpwZ/fMwnN7Nn/28roog9ae1Rdt8VYoVqul8cdVBo6YOQ4VBGwXOmINP8I
WwQ3wK8zz3cD8ym+ZAQlmDbTIChfPa9QKnyMfkGxuvtGNGrSpnaPQcMKPpgLvPK1
3efNzCG9v8fjdTkq5i3LEdSRUXv750fqY/nY9pLUhQs5jVt21WnjV6zLovEcbt4v
OAIigRZwbYTLsDORFgGABjm5ubpqjI5RN/p2vMa2dhsuoAakV7U2M397hSCxWXHn
3/AHwPTz+0R2uEkN+T0xIALf/zAtgHuclgHjrKA872BbkcUH8FMPFCGEaQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHJu2f8Xwbv+VOkjnlSpasVn/xKmMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvY203Wl94ZkJ1XzVVNlNPZVZLbHF4V2ZfRXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwG2SMA4E
AgACMAgDBgQqB4FFADANBgkqhkiG9w0BAQsFAAOCAQEAo/bFlLlTSV61ImBdCRHt
vYGiwwr+8S4wLdHBVxCxmgsyZksdNtGYO0A76n5jRBR371FOLs1/cUOG06jPd0mB
0y3K2h8ZqWWjWjEeequ9s6QJ7+eMFUvNw26mlkNYcpgHVRmFXFA9YYvwxRH6/eOp
AZ3Tg9eUbF50DmYe/ldIU39q8k2Bq0CmMfZ301inu9BTpw4w4SetqKEzePdIW9gA
6KvNFnOpQZN2GuhnI4/ZC4tbHhxZYKx6ut8wHbqOIAqdc30wm5BUz/EPgYwnMD+B
oCbdgoTl25t0t9Djo0ljulKvVKVJI+m8CxTrvK5ofEwWPbRiNXWd2RoXqmcedIXy
lg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:41:04 2025 by rpki-client