Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/_iIHU4Owm5JGaKdNuTMmrR6KBIQ.roa
File: _iIHU4Owm5JGaKdNuTMmrR6KBIQ.roa (raw, json)
Hash identifier: nlK4FshU5Oq0OoFu79ByKQUxpB7wyeSOmbD+VwhT+NU=
Subject key identifier: FE:22:07:53:83:B0:9B:92:46:68:A7:4D:B9:33:26:AD:1E:8A:04:84
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0194221F8E3D15EF361F9770D7CF43DB5FFA
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/_iIHU4Owm5JGaKdNuTMmrR6KBIQ.roa
Signing time: Wed 01 Jan 2025 13:48:00 +0000
ROA not before: Wed 01 Jan 2025 13:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57237
IP address blocks: 194.12.235.0/24 maxlen: 24
194.12.236.0/24 maxlen: 24
194.12.243.0/24 maxlen: 24
194.12.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:10:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8e:3d:15:ef:36:1f:97:70:d7:cf:43:db:5f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 13:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe22075383b09b924668a74db93326ad1e8a0484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cd:46:81:07:92:27:32:ed:3a:d4:e3:bb:83:
3d:ce:a2:5d:fe:2f:57:eb:bc:7a:49:d7:98:92:83:
7b:89:bb:b6:09:af:54:b0:e9:9c:95:f8:cc:a3:30:
92:5a:16:a5:a0:7d:36:43:06:13:6b:41:88:92:a6:
cd:30:58:06:be:94:4d:3c:96:eb:2f:c3:95:f4:8f:
68:20:c9:e6:0a:8a:eb:a4:64:72:8d:5c:c7:3f:c2:
1b:39:fd:27:cb:be:cb:ad:6c:f9:90:1d:e4:a1:c3:
dc:37:cc:98:ff:68:e7:73:64:e5:01:ba:08:2a:a7:
b3:77:4a:92:c1:86:98:41:d8:b8:a8:76:18:3d:96:
bd:24:56:ca:85:67:9d:e1:d1:2a:7b:5d:85:74:38:
8f:2f:52:ee:e2:a5:85:ed:58:f7:8e:d0:8e:66:d7:
71:69:62:f2:c3:28:3b:4b:f0:66:e2:16:d9:26:7f:
c2:c6:4b:59:52:f5:32:e4:54:c5:39:35:d7:30:f6:
0e:ae:35:85:90:e0:81:3e:c1:9a:70:dc:2b:03:b5:
e0:fd:8c:8c:34:6c:32:1f:66:8c:b1:a3:f2:df:9e:
3f:c1:ce:f1:cc:62:79:93:51:1a:79:51:92:86:22:
4e:fb:6e:17:ca:0f:a2:ad:47:be:cb:4c:1c:da:79:
59:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:22:07:53:83:B0:9B:92:46:68:A7:4D:B9:33:26:AD:1E:8A:04:84
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/_iIHU4Owm5JGaKdNuTMmrR6KBIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.12.235.0-194.12.236.255
194.12.243.0/24
194.12.252.0/24
Signature Algorithm: sha256WithRSAEncryption
55:78:6e:d3:bc:43:a9:be:65:6d:d3:1a:7c:fd:33:fd:11:73:
8b:fe:c2:2f:a2:dd:dc:2f:9f:90:79:7a:0a:25:c2:8a:57:d2:
7f:a6:e0:9b:91:5a:6c:f3:5a:da:05:09:21:65:54:25:a7:68:
b0:44:d5:95:98:85:ad:6d:6d:9b:7b:b4:55:f6:69:5f:f1:e9:
cb:7a:90:ae:b2:30:85:73:32:0b:d5:6b:ec:f8:53:8a:ec:c2:
1b:64:99:a0:43:c6:d1:33:a9:48:2f:b5:5e:4e:76:c6:32:2b:
2a:13:5a:dd:32:2b:84:74:8f:b4:a8:b7:b9:3b:d3:ba:91:6d:
c7:2a:a1:16:01:a8:b3:f2:3a:38:85:8c:69:5e:e0:ed:e9:21:
3a:c6:23:76:28:aa:9c:23:a3:ec:00:d7:bd:9f:92:21:bc:89:
4c:75:5a:1f:28:73:14:9f:3d:92:d0:1f:96:da:25:03:f3:d5:
03:88:e3:b3:1a:11:9f:cd:4c:54:45:d0:06:4d:a5:4d:15:8a:
0d:b8:05:39:e8:ca:fc:73:aa:72:22:27:a3:57:6d:19:e0:6f:
55:1b:b9:99:29:e6:4c:1e:de:5f:12:93:86:fd:10:ac:c9:96:
65:5b:c3:c2:6e:b6:cb:26:f2:32:75:83:68:7c:3e:dd:c4:ba:
3a:19:43:3d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiH449Fe82H5dw189D21/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjUwMTAxMTM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTIyMDc1MzgzYjA5YjkyNDY2OGE3NGRiOTMzMjZhZDFlOGEwNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy81GgQeSJzLtOtTju4M9zqJd/i9X
67x6SdeYkoN7ibu2Ca9UsOmclfjMozCSWhaloH02QwYTa0GIkqbNMFgGvpRNPJbr
L8OV9I9oIMnmCorrpGRyjVzHP8IbOf0ny77LrWz5kB3kocPcN8yY/2jnc2TlAboI
Kqezd0qSwYaYQdi4qHYYPZa9JFbKhWed4dEqe12FdDiPL1Lu4qWF7Vj3jtCOZtdx
aWLywyg7S/Bm4hbZJn/CxktZUvUy5FTFOTXXMPYOrjWFkOCBPsGacNwrA7Xg/YyM
NGwyH2aMsaPy354/wc7xzGJ5k1EaeVGShiJO+24Xyg+irUe+y0wc2nlZPwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP4iB1ODsJuSRminTbkzJq0eigSEMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvX2lJSFU0T3dtNUpHYUtkTnVUTW1yUjZLQklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADCDOsD
BADCDOwDBADCDPMDBADCDPwwDQYJKoZIhvcNAQELBQADggEBAFV4btO8Q6m+ZW3T
Gnz9M/0Rc4v+wi+i3dwvn5B5egolwopX0n+m4JuRWmzzWtoFCSFlVCWnaLBE1ZWY
ha1tbZt7tFX2aV/x6ct6kK6yMIVzMgvVa+z4U4rswhtkmaBDxtEzqUgvtV5OdsYy
KyoTWt0yK4R0j7Sot7k707qRbccqoRYBqLPyOjiFjGle4O3pITrGI3Yoqpwjo+wA
172fkiG8iUx1Wh8ocxSfPZLQH5baJQPz1QOI47MaEZ/NTFRF0AZNpU0Vig24BTno
yvxzqnIiJ6NXbRngb1UbuZkp5kwe3l8Sk4b9EKzJlmVbw8Jutssm8jJ1g2h8Pt3E
ujoZQz0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:48:21 2025 by rpki-client