Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/ss_0_naifVqN8QSbWx6CkKVRubk.roa
File: ss_0_naifVqN8QSbWx6CkKVRubk.roa (raw, json)
Hash identifier: d3ReLdb0sgccL6HMbqarWoRC040dgh0/bwrtktycYaQ=
Subject key identifier: B2:CF:F4:FE:76:A2:7D:5A:8D:F1:04:9B:5B:1E:82:90:A5:51:B9:B9
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01945EA9C434DC4B5B00899396E675506EE5
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/ss_0_naifVqN8QSbWx6CkKVRubk.roa
Signing time: Mon 13 Jan 2025 07:56:11 +0000
ROA not before: Mon 13 Jan 2025 07:56:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58349
IP address blocks: 194.143.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 20:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:a9:c4:34:dc:4b:5b:00:89:93:96:e6:75:50:6e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 13 07:56:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2cff4fe76a27d5a8df1049b5b1e8290a551b9b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:40:90:8e:d7:36:32:09:e4:6b:b0:a5:6e:60:
bb:e3:70:27:ac:b2:aa:7b:c1:14:e1:75:af:c5:74:
4a:9b:7b:c9:93:0e:ca:c1:96:6d:c8:dc:4d:1f:74:
34:4e:25:e3:14:18:83:bf:b0:2b:74:1d:31:85:91:
17:ab:68:43:3f:7d:51:60:74:d0:3a:2b:ac:df:be:
30:1b:f0:98:33:bd:d9:93:a5:20:e0:7a:d0:8a:a8:
c8:c1:44:6e:ae:ec:b6:fb:fa:49:6c:c0:ef:9b:17:
c8:c7:8b:27:a3:83:19:da:09:30:26:35:3c:c1:10:
79:eb:8a:63:d5:4d:ed:a9:09:2d:8c:86:da:5d:f4:
c4:e2:44:f8:00:b7:ff:06:ab:3b:35:23:15:75:e9:
5f:53:fb:15:e0:09:30:c9:89:74:23:89:bf:d7:dc:
fb:e4:80:9a:b8:12:2f:b9:f1:b3:83:fd:c2:28:77:
77:ac:a7:4f:07:dd:5b:b8:36:83:36:f5:48:c6:4d:
f5:57:ab:a5:a8:7a:3b:b6:ca:93:4a:8c:b2:ca:3f:
63:09:96:a3:2d:cd:16:85:4e:6c:2a:a4:f8:4b:bb:
f8:00:a3:93:d6:34:e2:08:2a:d6:85:15:d5:75:ae:
d4:ea:39:21:d8:2d:4b:c8:34:fe:8a:ef:9f:3b:80:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:CF:F4:FE:76:A2:7D:5A:8D:F1:04:9B:5B:1E:82:90:A5:51:B9:B9
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/ss_0_naifVqN8QSbWx6CkKVRubk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.203.0/24
Signature Algorithm: sha256WithRSAEncryption
17:aa:d0:55:f9:ed:e2:ee:60:94:72:48:c7:3c:71:2f:0c:31:
bc:d6:b1:25:22:71:5b:76:ca:31:c7:96:75:50:d4:63:c8:b6:
ef:3e:c8:0b:c4:0e:9d:0c:af:34:4e:44:f8:d6:15:3b:ed:cd:
19:42:6e:4f:6b:57:c0:00:08:c6:3e:18:c6:ef:e7:c3:d2:34:
e4:10:28:41:30:2f:af:f9:b3:3d:9b:20:5a:9c:ca:b7:25:f1:
47:b8:d9:3f:73:e8:74:be:b4:3a:c1:a4:a4:14:74:b0:ca:9c:
ff:af:5b:99:fd:15:b0:b8:d8:93:eb:f0:d1:a9:31:d5:a2:5a:
8c:6f:e7:a5:c6:f0:a9:0f:4b:1b:04:58:98:b1:fd:c0:37:7f:
1e:da:b5:6e:e4:3b:52:9d:67:30:55:00:60:97:69:a7:9b:a5:
5f:9d:09:20:39:0d:ec:9c:52:d1:b4:e0:e8:9b:c1:55:5a:8a:
95:3b:5e:db:61:26:ec:ae:b6:3c:1f:da:bc:2f:12:33:de:c8:
5f:c7:5f:b1:7f:9b:c0:78:cf:26:99:90:6a:f0:0c:70:d3:63:
13:b4:d6:86:c6:44:2f:05:e5:a8:68:5c:d0:42:92:53:23:77:
2f:fa:73:e2:8d:f5:84:8f:53:d0:8e:4b:cc:15:26:47:fa:7e:
d8:59:dd:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZReqcQ03EtbAImTluZ1UG7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTEzMDc1NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmNmZjRmZTc2YTI3ZDVhOGRmMTA0OWI1YjFlODI5MGE1NTFiOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUCQjtc2Mgnka7ClbmC743AnrLKq
e8EU4XWvxXRKm3vJkw7KwZZtyNxNH3Q0TiXjFBiDv7ArdB0xhZEXq2hDP31RYHTQ
Oius374wG/CYM73Zk6Ug4HrQiqjIwURuruy2+/pJbMDvmxfIx4sno4MZ2gkwJjU8
wRB564pj1U3tqQktjIbaXfTE4kT4ALf/Bqs7NSMVdelfU/sV4AkwyYl0I4m/19z7
5ICauBIvufGzg/3CKHd3rKdPB91buDaDNvVIxk31V6ulqHo7tsqTSoyyyj9jCZaj
Lc0WhU5sKqT4S7v4AKOT1jTiCCrWhRXVda7U6jkh2C1LyDT+iu+fO4Ds0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLLP9P52on1ajfEEm1segpClUbm5MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvc3NfMF9uYWlmVnFOOFFTYld4NkNrS1ZSdWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwo/LMA0G
CSqGSIb3DQEBCwUAA4IBAQAXqtBV+e3i7mCUckjHPHEvDDG81rElInFbdsoxx5Z1
UNRjyLbvPsgLxA6dDK80TkT41hU77c0ZQm5Pa1fAAAjGPhjG7+fD0jTkEChBMC+v
+bM9myBanMq3JfFHuNk/c+h0vrQ6waSkFHSwypz/r1uZ/RWwuNiT6/DRqTHVolqM
b+elxvCpD0sbBFiYsf3AN38e2rVu5DtSnWcwVQBgl2mnm6VfnQkgOQ3snFLRtODo
m8FVWoqVO17bYSbsrrY8H9q8LxIz3shfx1+xf5vAeM8mmZBq8Axw02MTtNaGxkQv
BeWoaFzQQpJTI3cv+nPijfWEj1PQjkvMFSZH+n7YWd2l
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:08:47 2025 by rpki-client