Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/r-2DrmM2I6hQkAamxGux5Lt2C7I.roa
File: r-2DrmM2I6hQkAamxGux5Lt2C7I.roa (raw, json)
Hash identifier: L7GvymwNwhNIlu4ppW0J27Mv8BqOKnNli0fPR9SUZjY=
Subject key identifier: AF:ED:83:AE:63:36:23:A8:50:90:06:A6:C4:6B:B1:E4:BB:76:0B:B2
Certificate issuer: /CN=55b9cdf8b7e53efcd9799b11e740f555fd53f4c6
Certificate serial: 018CC8DF459C9941741B999FCE92140582D0
Authority key identifier: 55:B9:CD:F8:B7:E5:3E:FC:D9:79:9B:11:E7:40:F5:55:FD:53:F4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbnN-LflPvzZeZsR50D1Vf1T9MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/r-2DrmM2I6hQkAamxGux5Lt2C7I.roa
Signing time: Tue 02 Jan 2024 06:32:04 +0000
ROA not before: Tue 02 Jan 2024 06:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209106
IP address blocks: 194.246.74.0/24 maxlen: 24
5.182.96.0/22 maxlen: 22
2a0e:1400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:45:9c:99:41:74:1b:99:9f:ce:92:14:05:82:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b9cdf8b7e53efcd9799b11e740f555fd53f4c6
Validity
Not Before: Jan 2 06:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afed83ae633623a8509006a6c46bb1e4bb760bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:da:85:f6:66:71:15:ce:2a:14:27:f6:35:83:
59:e0:a3:3f:9b:8f:27:8e:b6:34:c5:13:3f:8b:21:
f7:95:7e:5a:d2:4f:f4:ad:df:e8:d7:1b:5d:5c:80:
58:09:9c:57:67:15:4a:15:33:95:49:4e:1d:f6:2d:
29:46:63:16:ed:9c:2f:49:b8:20:47:86:da:43:2b:
31:a3:b1:bc:ec:dd:09:24:9b:6f:60:2a:a5:2b:32:
bf:e0:46:aa:03:fd:d4:f6:d3:4a:94:49:6e:de:78:
49:f5:9b:e6:44:04:5a:3e:53:74:8c:80:4b:bf:48:
9c:65:03:12:29:9d:71:bc:aa:76:77:ab:2d:ee:1f:
93:d8:7c:e3:9d:9b:c3:ec:95:42:64:28:60:56:cd:
4d:90:58:a1:58:a5:d0:64:99:82:0e:ce:d3:69:78:
b7:82:49:f1:ab:5a:a7:98:32:50:89:d1:41:18:8a:
f4:e1:bd:64:72:de:f4:18:32:57:4e:af:2c:70:5c:
0a:5a:a3:57:87:f1:fd:af:c2:a9:11:e3:f7:d7:8a:
bb:f2:e0:00:cf:7a:d5:bb:0f:be:bb:d5:3f:00:b1:
bb:09:91:2e:7d:65:f7:25:d9:d6:99:0b:08:62:82:
66:6c:6d:dc:5a:22:35:12:23:d7:02:b5:4a:75:64:
de:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:ED:83:AE:63:36:23:A8:50:90:06:A6:C4:6B:B1:E4:BB:76:0B:B2
X509v3 Authority Key Identifier:
keyid:55:B9:CD:F8:B7:E5:3E:FC:D9:79:9B:11:E7:40:F5:55:FD:53:F4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbnN-LflPvzZeZsR50D1Vf1T9MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/r-2DrmM2I6hQkAamxGux5Lt2C7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/77e92a-eae1-48c0-8d9c-6fc4cdcb3f17/1/VbnN-LflPvzZeZsR50D1Vf1T9MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.96.0/22
194.246.74.0/24
IPv6:
2a0e:1400::/29
Signature Algorithm: sha256WithRSAEncryption
49:21:ae:b6:be:ed:a3:c5:9f:79:24:b0:5c:99:e9:13:2d:f6:
ca:bc:e2:8d:4f:51:24:1a:bb:3e:51:0f:4f:0d:22:0c:a9:dd:
d7:f3:9e:0a:82:56:59:36:6e:65:cd:60:4d:cc:be:1a:43:c7:
19:40:a4:97:f6:35:7f:4d:50:fa:de:2f:ee:52:fe:e5:2f:33:
f1:49:08:40:20:49:78:4b:d8:36:43:9b:7c:27:b5:a2:21:91:
97:11:de:06:9d:76:ae:9e:66:09:7b:d7:8f:6e:81:ea:6f:c2:
26:52:b8:f9:67:88:7d:51:49:eb:03:47:68:ce:da:93:23:f3:
60:c6:09:f4:db:9c:f8:a4:7b:02:e3:a8:8c:d6:21:36:24:1c:
41:bf:81:e6:66:d8:9b:da:23:04:bc:1f:fe:30:5b:0d:1f:23:
51:11:7b:4b:54:dc:2b:24:53:cc:80:78:16:e7:51:f3:df:2a:
5a:4a:48:37:61:cb:ec:26:1e:ed:d1:b0:7f:90:8d:b3:8c:af:
87:0c:75:9b:87:e9:dc:8a:07:5c:fa:0c:7a:99:2f:e9:60:3d:
30:e2:7c:6a:8f:09:cf:96:95:ee:3e:63:f0:db:43:4c:ac:09:
30:52:77:15:29:90:ad:aa:0c:5f:0d:bb:1a:92:95:0b:c4:08:
60:a7:69:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI30WcmUF0G5mfzpIUBYLQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjljZGY4YjdlNTNlZmNkOTc5OWIxMWU3NDBmNTU1ZmQ1
M2Y0YzYwHhcNMjQwMTAyMDYzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVkODNhZTYzMzYyM2E4NTA5MDA2YTZjNDZiYjFlNGJiNzYwYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNqF9mZxFc4qFCf2NYNZ4KM/m48n
jrY0xRM/iyH3lX5a0k/0rd/o1xtdXIBYCZxXZxVKFTOVSU4d9i0pRmMW7ZwvSbgg
R4baQysxo7G87N0JJJtvYCqlKzK/4EaqA/3U9tNKlElu3nhJ9ZvmRARaPlN0jIBL
v0icZQMSKZ1xvKp2d6st7h+T2HzjnZvD7JVCZChgVs1NkFihWKXQZJmCDs7TaXi3
gknxq1qnmDJQidFBGIr04b1kct70GDJXTq8scFwKWqNXh/H9r8KpEeP314q78uAA
z3rVuw++u9U/ALG7CZEufWX3JdnWmQsIYoJmbG3cWiI1EiPXArVKdWTeUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK/tg65jNiOoUJAGpsRrseS7dguyMB8GA1UdIwQY
MBaAFFW5zfi35T782XmbEedA9VX9U/TGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJuTi1MZmxQdnpaZVpzUjUwRDFWZjFUOU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS83N2U5MmEtZWFlMS00OGMwLThkOWMt
NmZjNGNkY2IzZjE3LzEvci0yRHJtTTJJNmhRa0FhbXhHdXg1THQyQzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS83N2U5MmEtZWFlMS00OGMwLThkOWMtNmZjNGNkY2IzZjE3
LzEvVmJuTi1MZmxQdnpaZVpzUjUwRDFWZjFUOU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBbZgAwQA
wvZKMA0EAgACMAcDBQMqDhQAMA0GCSqGSIb3DQEBCwUAA4IBAQBJIa62vu2jxZ95
JLBcmekTLfbKvOKNT1EkGrs+UQ9PDSIMqd3X854KglZZNm5lzWBNzL4aQ8cZQKSX
9jV/TVD63i/uUv7lLzPxSQhAIEl4S9g2Q5t8J7WiIZGXEd4GnXaunmYJe9ePboHq
b8ImUrj5Z4h9UUnrA0doztqTI/Ngxgn025z4pHsC46iM1iE2JBxBv4HmZtib2iME
vB/+MFsNHyNREXtLVNwrJFPMgHgW51Hz3ypaSkg3YcvsJh7t0bB/kI2zjK+HDHWb
h+ncigdc+gx6mS/pYD0w4nxqjwnPlpXuPmPw20NMrAkwUncVKZCtqgxfDbsakpUL
xAhgp2kC
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:14:30 2025 by rpki-client