Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/aXus7YjcxGEmMpPsxJ2EUToZt2A.roa
File: aXus7YjcxGEmMpPsxJ2EUToZt2A.roa (raw, json)
Hash identifier: 6kDhtox+OrTuA2wqS8d57Ii2lPK26bhLA1lk7DeV3lM=
Subject key identifier: 69:7B:AC:ED:88:DC:C4:61:26:32:93:EC:C4:9D:84:51:3A:19:B7:60
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 0195935005D35144C17A293F6A750ED08BE8
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/aXus7YjcxGEmMpPsxJ2EUToZt2A.roa
Signing time: Fri 14 Mar 2025 06:20:49 +0000
ROA not before: Fri 14 Mar 2025 06:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.104.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 14:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:50:05:d3:51:44:c1:7a:29:3f:6a:75:0e:d0:8b:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Mar 14 06:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=697baced88dcc461263293ecc49d84513a19b760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ba:21:40:ae:02:3f:2f:e7:78:5d:89:cb:c1:
20:b4:c5:1c:23:25:c1:0d:7d:c9:44:83:37:91:76:
d7:08:63:2e:c6:da:4d:71:d0:8f:0f:6a:a8:85:bf:
58:4b:90:cc:b6:84:ef:b2:68:5b:e5:04:5b:91:13:
40:af:3b:a8:f1:58:79:81:a5:61:15:58:d8:1e:aa:
c0:59:d6:23:29:20:51:4f:35:6d:c9:91:d2:61:e3:
8e:64:07:25:d1:16:bb:e4:a7:40:49:b2:8d:1c:bf:
0e:be:2d:18:94:91:a3:48:66:b0:b4:0c:44:e4:e5:
5e:06:63:ea:5a:00:3f:1b:b9:04:5f:e3:83:37:4a:
2d:70:40:f4:9b:c4:90:04:12:20:ea:25:dc:9e:a4:
39:8e:9f:ef:ff:b8:45:e8:06:d9:36:d0:a2:89:53:
c0:f1:ca:d5:f4:96:fe:27:b3:0b:23:0c:d8:65:55:
27:05:98:7d:c4:3a:c2:3c:fb:c7:1c:20:13:f3:0d:
f8:04:05:c8:af:bd:fc:fd:96:f7:93:23:1b:8f:a0:
58:c1:91:9e:aa:7d:71:bc:1b:eb:87:75:ec:a4:97:
f7:20:f1:d6:2c:08:09:64:04:8b:b0:30:22:10:3e:
26:ee:12:dd:ec:c6:8c:81:be:f4:35:e5:91:2a:4e:
01:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7B:AC:ED:88:DC:C4:61:26:32:93:EC:C4:9D:84:51:3A:19:B7:60
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/aXus7YjcxGEmMpPsxJ2EUToZt2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:81:4e:0f:b6:27:41:6a:2e:28:8f:6b:40:fd:8b:ec:2e:1b:
e9:d1:2c:1d:a8:e5:f2:60:0f:1b:25:24:fc:45:8d:8d:ed:f7:
c7:20:67:cc:44:15:56:7d:1f:0f:c9:cc:34:09:14:96:df:99:
db:aa:25:10:8a:b7:0d:25:da:9c:b4:13:fc:9f:10:83:34:ef:
5b:9c:73:61:69:36:5c:65:e8:60:4c:74:f4:eb:0c:8f:de:73:
90:b9:1a:25:96:66:54:48:3d:5e:f6:77:be:24:65:47:e9:45:
61:38:ba:a7:b1:af:98:e9:d6:b9:bd:32:4a:54:7d:b6:8e:74:
92:48:ed:a4:b4:47:8d:ca:ed:3b:c0:04:58:e6:7b:cd:e9:2f:
ce:92:cc:7b:df:8a:33:0f:f1:06:67:61:36:9b:2e:51:1a:60:
43:5c:63:57:e5:78:f3:64:2d:90:6c:54:21:59:90:e1:ab:79:
29:10:26:37:58:37:9a:f2:4e:11:03:17:f6:e8:ce:42:e7:d8:
7e:7c:da:f2:52:d4:f5:31:cd:b4:6b:ab:ab:9a:f1:7c:2b:f4:
47:cb:5a:22:72:a6:20:6f:0c:32:7d:f3:61:2b:19:62:83:18:
0c:ba:6d:f9:89:a3:bb:58:0b:97:67:2f:cb:5e:d1:9e:55:bc:
35:6c:67:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWTUAXTUUTBeik/anUO0IvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjUwMzE0MDYyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTdiYWNlZDg4ZGNjNDYxMjYzMjkzZWNjNDlkODQ1MTNhMTliNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLohQK4CPy/neF2Jy8EgtMUcIyXB
DX3JRIM3kXbXCGMuxtpNcdCPD2qohb9YS5DMtoTvsmhb5QRbkRNArzuo8Vh5gaVh
FVjYHqrAWdYjKSBRTzVtyZHSYeOOZAcl0Ra75KdASbKNHL8Ovi0YlJGjSGawtAxE
5OVeBmPqWgA/G7kEX+ODN0otcED0m8SQBBIg6iXcnqQ5jp/v/7hF6AbZNtCiiVPA
8crV9Jb+J7MLIwzYZVUnBZh9xDrCPPvHHCAT8w34BAXIr738/Zb3kyMbj6BYwZGe
qn1xvBvrh3XspJf3IPHWLAgJZASLsDAiED4m7hLd7MaMgb70NeWRKk4BaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGl7rO2I3MRhJjKT7MSdhFE6GbdgMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvYVh1czdZamN4R0VtTXBQc3hKMkVVVG9adDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQAbgU4PtidBai4oj2tA/YvsLhvp0SwdqOXyYA8bJST8
RY2N7ffHIGfMRBVWfR8Pycw0CRSW35nbqiUQircNJdqctBP8nxCDNO9bnHNhaTZc
ZehgTHT06wyP3nOQuRollmZUSD1e9ne+JGVH6UVhOLqnsa+Y6da5vTJKVH22jnSS
SO2ktEeNyu07wARY5nvN6S/Oksx734ozD/EGZ2E2my5RGmBDXGNX5XjzZC2QbFQh
WZDhq3kpECY3WDea8k4RAxf26M5C59h+fNryUtT1Mc20a6urmvF8K/RHy1oicqYg
bwwyffNhKxligxgMum35iaO7WAuXZy/LXtGeVbw1bGdh
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:54:28 2025 by rpki-client