Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/PpjcnFQy6piNoWSJ0OkqiA2uPgw.roa
File: PpjcnFQy6piNoWSJ0OkqiA2uPgw.roa (raw, json)
Hash identifier: RfF9a48FcJQBSgIvlcV+aRVmPCgtITd/gnq4rVEV5p0=
Subject key identifier: 3E:98:DC:9C:54:32:EA:98:8D:A1:64:89:D0:E9:2A:88:0D:AE:3E:0C
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01942444DA10CFECBD616BC7F1AA6A1A8056
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/PpjcnFQy6piNoWSJ0OkqiA2uPgw.roa
Signing time: Wed 01 Jan 2025 23:47:59 +0000
ROA not before: Wed 01 Jan 2025 23:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203728
IP address blocks: 88.80.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 13:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:da:10:cf:ec:bd:61:6b:c7:f1:aa:6a:1a:80:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 1 23:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e98dc9c5432ea988da16489d0e92a880dae3e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:a0:03:ef:f4:fc:6b:73:3a:98:a6:a2:23:
77:1f:9a:4f:3a:0e:ad:59:ad:ee:2c:63:90:a0:c6:
5f:6d:85:1c:2e:50:88:a5:c0:0a:cd:ff:5c:d2:44:
9e:aa:a2:2e:d1:89:84:27:e0:76:33:d6:69:df:83:
b0:3f:63:32:d5:03:2b:0f:2a:f3:54:d3:d2:ff:22:
8f:5f:b0:de:c6:0e:f7:34:b3:e6:fa:28:db:1f:6f:
a8:da:cb:09:c7:cc:72:f3:99:65:e8:76:09:73:c8:
37:62:2f:1b:c0:19:b2:65:bd:ce:d3:56:c1:08:ed:
06:6d:9c:e0:72:56:fa:2c:ad:7a:71:b7:fe:86:85:
cb:ad:9a:8c:55:3e:a0:06:0c:f9:9d:c7:a2:fd:36:
53:90:5d:e7:76:35:07:b3:30:12:29:49:36:07:5d:
20:5e:61:4e:6b:ce:df:4d:39:18:f8:af:5e:51:3f:
0a:aa:b6:b3:63:b3:c7:48:95:e4:d9:68:97:8b:a8:
59:76:80:53:ff:aa:92:73:4b:10:65:d8:9d:5d:d9:
7c:3f:7e:7c:0b:eb:a7:f3:d6:70:0d:0f:b6:80:1b:
e7:39:82:ea:ce:6a:99:86:b8:69:cc:83:25:a0:85:
6b:74:5c:24:5d:a1:cd:90:e9:ad:c6:09:e4:a7:c2:
4e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:98:DC:9C:54:32:EA:98:8D:A1:64:89:D0:E9:2A:88:0D:AE:3E:0C
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/PpjcnFQy6piNoWSJ0OkqiA2uPgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.141.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:7a:98:e6:08:30:ee:30:fe:22:a2:48:48:ae:35:10:3c:6d:
29:f5:b3:74:e4:61:e3:0a:63:e9:3c:30:81:4d:18:d5:d1:18:
56:40:96:34:87:34:b5:91:77:8c:cb:2f:68:0d:13:d9:8c:2a:
06:e3:1a:01:92:d8:2e:5c:e0:cc:cf:36:b8:81:a3:98:27:4d:
c7:62:07:a5:68:3a:a7:95:4f:93:95:99:a9:a4:4d:83:04:fa:
f1:64:95:24:43:8e:ac:80:35:6e:41:ce:07:a3:ce:b8:dc:0a:
34:c6:58:77:5b:43:bd:43:5b:71:27:38:70:89:79:85:c7:6f:
8e:87:5e:96:07:6d:04:d9:8e:28:ca:00:42:44:1b:67:06:2c:
92:84:a8:0c:ab:a3:cf:9e:39:89:1a:3b:2b:46:3b:76:a9:9e:
c9:0d:b0:0e:2d:60:b9:83:13:6c:21:17:8a:3a:90:a4:94:69:
28:5f:1d:ad:26:47:c9:51:a7:5a:bf:c1:7b:a9:28:57:d9:30:
51:40:8a:5c:5b:d8:5d:96:05:19:50:5e:e7:02:f7:77:cc:79:
d1:c4:5c:f6:0b:0c:af:eb:3f:71:94:a6:79:fb:ba:48:22:88:
4b:c0:00:1b:af:b4:37:fd:94:1d:f5:a3:b3:ff:3c:ca:03:21:
93:f9:c7:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNoQz+y9YWvH8apqGoBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTAxMjM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTk4ZGM5YzU0MzJlYTk4OGRhMTY0ODlkMGU5MmE4ODBkYWUzZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv++gA+/0/GtzOpimoiN3H5pPOg6t
Wa3uLGOQoMZfbYUcLlCIpcAKzf9c0kSeqqIu0YmEJ+B2M9Zp34OwP2My1QMrDyrz
VNPS/yKPX7Dexg73NLPm+ijbH2+o2ssJx8xy85ll6HYJc8g3Yi8bwBmyZb3O01bB
CO0GbZzgclb6LK16cbf+hoXLrZqMVT6gBgz5ncei/TZTkF3ndjUHszASKUk2B10g
XmFOa87fTTkY+K9eUT8KqrazY7PHSJXk2WiXi6hZdoBT/6qSc0sQZdidXdl8P358
C+un89ZwDQ+2gBvnOYLqzmqZhrhpzIMloIVrdFwkXaHNkOmtxgnkp8JOFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6Y3JxUMuqYjaFkidDpKogNrj4MMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvUHBqY25GUXk2cGlOb1dTSjBPa3FpQTJ1UGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWFCNMA0G
CSqGSIb3DQEBCwUAA4IBAQAsepjmCDDuMP4iokhIrjUQPG0p9bN05GHjCmPpPDCB
TRjV0RhWQJY0hzS1kXeMyy9oDRPZjCoG4xoBktguXODMzza4gaOYJ03HYgelaDqn
lU+TlZmppE2DBPrxZJUkQ46sgDVuQc4Ho8643Ao0xlh3W0O9Q1txJzhwiXmFx2+O
h16WB20E2Y4oygBCRBtnBiyShKgMq6PPnjmJGjsrRjt2qZ7JDbAOLWC5gxNsIReK
OpCklGkoXx2tJkfJUadav8F7qShX2TBRQIpcW9hdlgUZUF7nAvd3zHnRxFz2Cwyv
6z9xlKZ5+7pIIohLwAAbr7Q3/ZQd9aOz/zzKAyGT+cdY
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:31:45 2025 by rpki-client