Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/dsDeHVofT9dAWQF6p9o_QLKktls.roa
File: dsDeHVofT9dAWQF6p9o_QLKktls.roa (raw, json)
Hash identifier: 12z+9nHaMVaspDCBQX+16Sc8k0F6Pb3wLiuiyA5VmRk=
Subject key identifier: 76:C0:DE:1D:5A:1F:4F:D7:40:59:01:7A:A7:DA:3F:40:B2:A4:B6:5B
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 01953C1F4668E982046D2EE37AD1A9F51430
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/dsDeHVofT9dAWQF6p9o_QLKktls.roa
Signing time: Tue 25 Feb 2025 08:00:37 +0000
ROA not before: Tue 25 Feb 2025 08:00:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.59.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 12:35:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:1f:46:68:e9:82:04:6d:2e:e3:7a:d1:a9:f5:14:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Feb 25 08:00:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76c0de1d5a1f4fd74059017aa7da3f40b2a4b65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:b8:b8:8c:dd:db:d4:08:3d:b4:40:bd:68:
fa:e1:de:de:d5:5b:e7:d2:bf:f8:c8:e9:0b:b9:b7:
3f:dd:aa:86:f7:fd:aa:26:8b:26:12:20:97:73:a3:
9e:aa:93:82:c9:2c:9d:3a:40:9c:5a:ee:c1:36:31:
ff:6a:3a:58:21:d2:87:81:af:03:34:7d:cd:30:ee:
ef:96:a1:93:05:b6:51:86:7f:a1:f5:52:49:71:07:
9d:6c:f6:d0:cd:34:a3:cb:0d:5e:10:a5:22:dc:65:
5b:ad:66:1d:f4:ed:ea:c0:49:56:e0:de:cd:80:58:
00:b3:57:fc:4b:44:e2:6c:34:41:45:21:cf:10:44:
5e:d3:ee:ec:82:14:07:86:49:c2:b2:a4:b4:ee:4a:
9d:29:62:9b:13:37:09:ea:4f:9d:3b:9c:bc:1b:23:
59:42:a0:d6:b0:8f:ef:39:3a:65:0a:4c:98:db:ef:
d2:7b:b9:62:f1:38:5b:6d:77:3d:d3:76:77:e9:2a:
ba:d6:76:e1:96:b5:91:ed:bd:2c:ce:6b:ac:a2:06:
52:a6:f6:3a:62:5f:8f:d1:4c:5b:d5:44:12:b9:76:
9f:76:4c:69:1b:22:77:5a:21:ba:cc:fa:2d:25:2b:
3f:12:e9:ab:e7:9f:89:79:df:f3:4b:7c:c3:ec:46:
f0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C0:DE:1D:5A:1F:4F:D7:40:59:01:7A:A7:DA:3F:40:B2:A4:B6:5B
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/dsDeHVofT9dAWQF6p9o_QLKktls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.6.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:0e:cc:ff:a7:2e:b8:c2:ba:ff:c2:d0:7c:0f:3a:39:ce:5e:
a6:9a:8b:71:45:fd:dd:cc:0f:d5:94:bb:fe:37:46:5a:a8:95:
d2:f4:db:bf:f4:28:a1:82:b1:26:27:c3:bf:27:50:d7:44:f0:
ab:4d:ac:f0:da:96:c5:a9:96:00:52:62:e1:0d:c6:c2:da:20:
28:5e:c0:7b:24:90:96:8e:37:a5:7f:53:66:8d:3e:19:97:25:
20:ac:1f:f9:93:4c:fb:f6:b6:93:8e:a9:bc:55:6e:86:a3:fe:
97:97:a8:4b:f5:d4:0a:94:2c:55:d8:3c:38:3d:a1:58:1d:5b:
4a:1e:e3:14:66:2b:0c:9b:33:96:42:d6:37:4e:2d:61:d0:52:
0b:1b:b9:91:b3:93:da:4c:de:ca:00:7f:0b:f2:27:3d:64:68:
56:c8:5f:8f:ee:0a:58:45:5f:09:c3:59:a7:3a:2b:04:39:5b:
3a:97:52:64:65:7e:81:73:41:36:38:f9:6e:3e:2e:7a:ee:73:
ba:8f:af:6d:9f:63:9d:aa:ab:19:89:57:94:3c:ec:cf:b8:a4:
13:6e:83:27:5e:74:4f:34:82:51:f1:82:da:d2:fb:b6:6e:b0:
9b:7c:e0:2d:d8:de:17:36:c9:89:f1:f6:30:56:14:bf:d7:ef:
9b:e8:af:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU8H0Zo6YIEbS7jetGp9RQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjN2FkNzc1NDc5NWRkZDYwNWYyODgzOGJiN2NjMzU5ZGY3
YTI2NmEwHhcNMjUwMjI1MDgwMDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmMwZGUxZDVhMWY0ZmQ3NDA1OTAxN2FhN2RhM2Y0MGIyYTRiNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcy4uIzd29QIPbRAvWj64d7e1Vvn
0r/4yOkLubc/3aqG9/2qJosmEiCXc6OeqpOCySydOkCcWu7BNjH/ajpYIdKHga8D
NH3NMO7vlqGTBbZRhn+h9VJJcQedbPbQzTSjyw1eEKUi3GVbrWYd9O3qwElW4N7N
gFgAs1f8S0TibDRBRSHPEERe0+7sghQHhknCsqS07kqdKWKbEzcJ6k+dO5y8GyNZ
QqDWsI/vOTplCkyY2+/Se7li8ThbbXc903Z36Sq61nbhlrWR7b0szmusogZSpvY6
Yl+P0Uxb1UQSuXafdkxpGyJ3WiG6zPotJSs/Eumr55+Jed/zS3zD7EbwHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbA3h1aH0/XQFkBeqfaP0CypLZbMB8GA1UdIwQY
MBaAFBx613VHld3WBfKIOLt8w1nfeiZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgt
YWRhNWMyMGUzZjdiLzEvZHNEZUhWb2ZUOWRBV1FGNnA5b19RTEtrdGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9jNWE5ZTMtNjcyMi00YjZhLWJlNTgtYWRhNWMyMGUzZjdi
LzEvSEhyWGRVZVYzZFlGOG9nNHUzekRXZDk2Sm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjsGMA0G
CSqGSIb3DQEBCwUAA4IBAQA7Dsz/py64wrr/wtB8Dzo5zl6mmotxRf3dzA/VlLv+
N0ZaqJXS9Nu/9CihgrEmJ8O/J1DXRPCrTazw2pbFqZYAUmLhDcbC2iAoXsB7JJCW
jjelf1NmjT4ZlyUgrB/5k0z79raTjqm8VW6Go/6Xl6hL9dQKlCxV2Dw4PaFYHVtK
HuMUZisMmzOWQtY3Ti1h0FILG7mRs5PaTN7KAH8L8ic9ZGhWyF+P7gpYRV8Jw1mn
OisEOVs6l1JkZX6Bc0E2OPluPi567nO6j69tn2OdqqsZiVeUPOzPuKQTboMnXnRP
NIJR8YLa0vu2brCbfOAt2N4XNsmJ8fYwVhS/1++b6K/1
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:59 2025 by rpki-client