Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XngTUUCqjy7cAw8y71haifMV3XA.roa
File: XngTUUCqjy7cAw8y71haifMV3XA.roa (raw, json)
Hash identifier: 1LqIUfJ+u14bPtDjoD1/nMzxncgrFl7OmcEcEOdikpA=
Subject key identifier: 5E:78:13:51:40:AA:8F:2E:DC:03:0F:32:EF:58:5A:89:F3:15:DD:70
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0195661C366B2002895ADC879C01DE4F7701
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XngTUUCqjy7cAw8y71haifMV3XA.roa
Signing time: Wed 05 Mar 2025 11:41:19 +0000
ROA not before: Wed 05 Mar 2025 11:41:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 193.135.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 06:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:1c:36:6b:20:02:89:5a:dc:87:9c:01:de:4f:77:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Mar 5 11:41:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e78135140aa8f2edc030f32ef585a89f315dd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:be:cd:1f:e3:bc:bd:ac:8f:b2:e4:23:86:91:
56:ec:b8:c5:69:40:0c:d8:3f:e1:6d:3e:7e:d3:5a:
51:c4:95:88:8c:a4:cd:bb:40:56:65:74:28:98:9b:
7a:25:14:41:37:de:e6:ec:36:81:3f:a9:76:4b:92:
da:42:c0:c8:30:2b:e7:ad:55:b1:e3:d2:fd:c4:0d:
3f:3d:25:7a:82:65:e4:11:cc:de:d0:94:46:96:64:
31:02:03:85:fa:e9:21:6c:55:2d:d0:2d:9b:2c:7a:
d1:49:37:c3:3e:1e:db:ca:55:21:a6:0f:bd:1d:a2:
b7:b2:fd:4e:8a:d6:fb:f0:ff:81:66:b9:71:fb:82:
13:31:0f:6a:58:1c:a0:c7:e8:96:a4:7f:a4:e7:ff:
3f:91:9a:2a:e6:e6:2c:09:3c:cd:98:c5:83:bb:d3:
f3:bb:aa:a1:c1:38:96:10:d7:b7:4a:3e:bc:46:d7:
7c:2c:25:0f:6b:6c:6f:02:d9:a1:63:d5:8a:e2:99:
fb:62:ad:29:5f:61:4a:a8:39:f4:fd:44:93:20:9b:
e7:ee:5f:02:35:5f:15:1f:96:71:73:7d:48:c4:08:
58:6e:71:e3:a9:d1:42:2f:e0:df:71:26:09:bb:56:
c8:ed:64:a3:17:dd:f1:d2:4e:4e:be:a2:d2:67:90:
85:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:78:13:51:40:AA:8F:2E:DC:03:0F:32:EF:58:5A:89:F3:15:DD:70
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/XngTUUCqjy7cAw8y71haifMV3XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.157.0/24
Signature Algorithm: sha256WithRSAEncryption
41:da:50:65:e9:75:58:1d:27:2f:cb:80:5d:c9:32:bd:65:f1:
30:0c:fc:91:1b:76:56:dc:54:62:a8:67:57:9c:6c:22:89:44:
b5:89:37:12:18:cf:02:22:95:b1:11:8b:e0:94:d8:99:5c:b0:
ed:81:79:fd:11:c3:54:8a:67:50:bc:0b:30:ec:26:1a:8b:29:
aa:5a:90:b1:1d:84:09:3b:8b:ef:60:fa:ba:ec:fa:27:c2:f5:
83:2a:24:24:cb:12:4f:34:8b:d8:8a:97:45:7e:0a:34:80:2a:
54:0e:ff:33:58:17:f5:94:21:bf:45:dd:2d:b5:16:fe:5d:58:
52:b2:c7:98:ef:2b:3d:fe:f0:14:4d:42:e6:d3:a7:d0:c5:1a:
7c:e5:c7:c8:82:13:2e:0d:8e:d1:7c:be:36:6c:c4:83:f8:d0:
d7:62:e0:c9:a1:49:64:09:27:0d:5d:bd:02:80:ef:3c:e1:36:
7e:8a:8d:1c:22:31:ac:cd:5f:83:5b:10:4c:6b:f8:07:98:bd:
8e:ec:90:50:b5:1a:6b:93:f7:6a:43:81:f7:5d:ef:64:04:32:
bc:01:0b:99:82:1f:52:1e:4f:cd:1a:46:5f:d1:55:c1:27:a0:
8d:6c:93:7a:4b:f1:1a:f4:a3:5f:50:da:ef:91:f6:6f:eb:35:
11:6e:cc:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVmHDZrIAKJWtyHnAHeT3cBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwMzA1MTE0MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc4MTM1MTQwYWE4ZjJlZGMwMzBmMzJlZjU4NWE4OWYzMTVkZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA577NH+O8vayPsuQjhpFW7LjFaUAM
2D/hbT5+01pRxJWIjKTNu0BWZXQomJt6JRRBN97m7DaBP6l2S5LaQsDIMCvnrVWx
49L9xA0/PSV6gmXkEcze0JRGlmQxAgOF+ukhbFUt0C2bLHrRSTfDPh7bylUhpg+9
HaK3sv1Oitb78P+BZrlx+4ITMQ9qWBygx+iWpH+k5/8/kZoq5uYsCTzNmMWDu9Pz
u6qhwTiWENe3Sj68Rtd8LCUPa2xvAtmhY9WK4pn7Yq0pX2FKqDn0/USTIJvn7l8C
NV8VH5Zxc31IxAhYbnHjqdFCL+DfcSYJu1bI7WSjF93x0k5OvqLSZ5CFPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF54E1FAqo8u3AMPMu9YWonzFd1wMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvWG5nVFVVQ3FqeTdjQXc4eTcxaGFpZk1WM1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYedMA0G
CSqGSIb3DQEBCwUAA4IBAQBB2lBl6XVYHScvy4BdyTK9ZfEwDPyRG3ZW3FRiqGdX
nGwiiUS1iTcSGM8CIpWxEYvglNiZXLDtgXn9EcNUimdQvAsw7CYaiymqWpCxHYQJ
O4vvYPq67PonwvWDKiQkyxJPNIvYipdFfgo0gCpUDv8zWBf1lCG/Rd0ttRb+XVhS
sseY7ys9/vAUTULm06fQxRp85cfIghMuDY7RfL42bMSD+NDXYuDJoUlkCScNXb0C
gO884TZ+io0cIjGszV+DWxBMa/gHmL2O7JBQtRprk/dqQ4H3Xe9kBDK8AQuZgh9S
Hk/NGkZf0VXBJ6CNbJN6S/Ea9KNfUNrvkfZv6zURbsym
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:24:12 2025 by rpki-client