Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/2v4hUkAnNJGclftoBLo3ki38J0E.roa
File: 2v4hUkAnNJGclftoBLo3ki38J0E.roa (raw, json)
Hash identifier: 0P9LP/sf3MUlM80qK2k4wkz6uATcV2WAhn6J+FckOPI=
Subject key identifier: DA:FE:21:52:40:27:34:91:9C:95:FB:68:04:BA:37:92:2D:FC:27:41
Certificate issuer: /CN=22b6a25f2f74191be9ea0ca9c1915fe745cf57c8
Certificate serial: 019421B23C85B1985EAE781C184D6C68218C
Authority key identifier: 22:B6:A2:5F:2F:74:19:1B:E9:EA:0C:A9:C1:91:5F:E7:45:CF:57:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IraiXy90GRvp6gypwZFf50XPV8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/2v4hUkAnNJGclftoBLo3ki38J0E.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 194.26.8.0/22 maxlen: 22
194.26.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Jan 2025 10:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3c:85:b1:98:5e:ae:78:1c:18:4d:6c:68:21:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22b6a25f2f74191be9ea0ca9c1915fe745cf57c8
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dafe2152402734919c95fb6804ba37922dfc2741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7f:67:66:b8:21:72:94:86:2d:a2:9d:0b:8f:
03:3e:4a:42:b6:4a:b6:3c:ec:ee:c4:2a:9f:7f:b8:
0d:9c:28:ea:53:22:7d:ee:aa:b5:20:c3:cf:36:37:
3e:20:a3:a1:f0:da:b8:3c:cc:8e:ea:2c:88:9f:88:
b7:4b:3c:39:d9:58:89:fa:0e:5d:98:fa:a1:b7:5d:
d2:29:45:8e:a3:f2:33:32:ec:e9:d6:b3:c0:3a:b4:
a6:90:4e:34:1a:c1:65:44:26:74:e9:ac:d9:aa:2e:
fc:8c:d0:cf:38:7c:e7:fb:d2:b4:bf:31:4e:50:d0:
33:40:01:ee:07:49:11:ae:68:58:dc:4f:e5:98:f9:
8d:42:e0:49:2e:fd:e1:09:26:b5:8e:2c:09:ad:cc:
bf:fc:1c:b1:7a:bd:53:3b:a1:28:a0:71:93:1e:a9:
b5:93:9f:fe:d0:0f:4a:1c:cf:eb:cd:cb:79:03:8f:
63:50:75:3d:ed:3e:84:f4:db:95:70:fc:20:80:43:
1a:52:e3:c3:6d:8d:fa:78:cc:53:77:b0:b4:4b:2b:
1b:72:3b:9a:4b:29:80:6a:f1:1f:25:90:a2:53:8b:
0e:9b:db:55:2a:1e:fb:75:9f:24:a9:20:44:83:72:
cc:8e:b9:79:eb:dc:ba:37:ae:b3:9f:d5:3c:32:b3:
12:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FE:21:52:40:27:34:91:9C:95:FB:68:04:BA:37:92:2D:FC:27:41
X509v3 Authority Key Identifier:
keyid:22:B6:A2:5F:2F:74:19:1B:E9:EA:0C:A9:C1:91:5F:E7:45:CF:57:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IraiXy90GRvp6gypwZFf50XPV8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/2v4hUkAnNJGclftoBLo3ki38J0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/IraiXy90GRvp6gypwZFf50XPV8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.8.0/21
Signature Algorithm: sha256WithRSAEncryption
34:87:3a:11:c2:b0:2f:51:5c:e6:f6:ac:17:80:1a:4f:df:30:
24:b1:62:a4:45:a8:98:f9:bc:2f:1e:a1:f8:c9:d7:c3:b3:84:
5a:b9:c8:b0:c1:2d:c9:69:3e:f3:db:99:45:6d:90:ab:5e:e0:
a7:41:fc:be:ff:ec:80:b0:7c:06:61:80:3a:f8:ce:63:23:e6:
b8:68:5f:78:25:59:6e:82:18:a2:11:1b:7c:83:55:ce:28:26:
4c:19:aa:23:94:66:b5:34:dd:94:9e:b5:35:16:65:f1:37:c1:
6c:f2:48:0c:6b:b0:a8:22:17:17:97:04:89:4d:f7:14:cb:1e:
22:bb:0b:e5:dc:57:b2:cb:96:a0:57:61:7a:16:7a:6b:26:bf:
c5:9c:06:46:3a:89:1c:81:43:bd:ca:44:bd:de:f2:d5:76:2f:
ae:b6:54:f9:97:98:0b:05:59:0f:0f:c9:2f:bc:04:36:8a:3e:
1d:30:dc:da:1a:80:f1:b8:e4:20:c9:65:4f:63:61:ea:c9:9a:
6f:16:14:4c:59:ff:bd:05:ef:2f:e4:8e:b5:92:be:f6:80:59:
3f:97:7f:70:c4:0f:eb:7a:b4:1a:c2:7d:d4:0c:a3:ae:b4:af:
57:75:e9:d6:4f:c3:d2:b3:c5:7b:3d:09:ca:e3:53:b2:40:eb:
77:94:a9:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsjyFsZherngcGE1saCGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYjZhMjVmMmY3NDE5MWJlOWVhMGNhOWMxOTE1ZmU3NDVj
ZjU3YzgwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWZlMjE1MjQwMjczNDkxOWM5NWZiNjgwNGJhMzc5MjJkZmMyNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH9nZrghcpSGLaKdC48DPkpCtkq2
POzuxCqff7gNnCjqUyJ97qq1IMPPNjc+IKOh8Nq4PMyO6iyIn4i3Szw52ViJ+g5d
mPqht13SKUWOo/IzMuzp1rPAOrSmkE40GsFlRCZ06azZqi78jNDPOHzn+9K0vzFO
UNAzQAHuB0kRrmhY3E/lmPmNQuBJLv3hCSa1jiwJrcy//Byxer1TO6EooHGTHqm1
k5/+0A9KHM/rzct5A49jUHU97T6E9NuVcPwggEMaUuPDbY36eMxTd7C0Sysbcjua
SymAavEfJZCiU4sOm9tVKh77dZ8kqSBEg3LMjrl569y6N66zn9U8MrMSLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNr+IVJAJzSRnJX7aAS6N5It/CdBMB8GA1UdIwQY
MBaAFCK2ol8vdBkb6eoMqcGRX+dFz1fIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXJhaVh5OTBHUnZwNmd5cHdaRmY1MFhQVjhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xY2VjMTQtZGI1OS00OTUwLWJkYjgt
YjkwYTk0MWVhNTFhLzEvMnY0aFVrQW5OSkdjbGZ0b0JMbzNraTM4SjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xY2VjMTQtZGI1OS00OTUwLWJkYjgtYjkwYTk0MWVhNTFh
LzEvSXJhaVh5OTBHUnZwNmd5cHdaRmY1MFhQVjhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwhoIMA0G
CSqGSIb3DQEBCwUAA4IBAQA0hzoRwrAvUVzm9qwXgBpP3zAksWKkRaiY+bwvHqH4
ydfDs4RauciwwS3JaT7z25lFbZCrXuCnQfy+/+yAsHwGYYA6+M5jI+a4aF94JVlu
ghiiERt8g1XOKCZMGaojlGa1NN2UnrU1FmXxN8Fs8kgMa7CoIhcXlwSJTfcUyx4i
uwvl3Feyy5agV2F6FnprJr/FnAZGOokcgUO9ykS93vLVdi+utlT5l5gLBVkPD8kv
vAQ2ij4dMNzaGoDxuOQgyWVPY2HqyZpvFhRMWf+9Be8v5I61kr72gFk/l39wxA/r
erQawn3UDKOutK9XdenWT8PSs8V7PQnK41OyQOt3lKmT
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:27:45 2025 by rpki-client