Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/1W08dokN-aL3RHyeKBou1EwpR2w.roa
File: 1W08dokN-aL3RHyeKBou1EwpR2w.roa (raw, json)
Hash identifier: HPI6RMtmuo+TDkJuCqgaVxcUHXukkGvJ6LNZdkQIgf4=
Subject key identifier: D5:6D:3C:76:89:0D:F9:A2:F7:44:7C:9E:28:1A:2E:D4:4C:29:47:6C
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 0194D5F1D468F15CCA7D311FC57F121E7FF7
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/1W08dokN-aL3RHyeKBou1EwpR2w.roa
Signing time: Wed 05 Feb 2025 11:49:43 +0000
ROA not before: Wed 05 Feb 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 178.17.48.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 14 Feb 2025 13:22:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:f1:d4:68:f1:5c:ca:7d:31:1f:c5:7f:12:1e:7f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Feb 5 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d56d3c76890df9a2f7447c9e281a2ed44c29476c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:55:98:02:6f:4a:26:4b:6c:26:4f:67:76:12:
d6:80:91:39:1a:9c:73:e5:92:6c:e9:08:29:29:17:
35:6e:8e:53:e3:4a:09:9a:8f:cb:5d:46:0a:bd:91:
5f:76:a6:a6:ac:10:29:3e:98:9e:46:52:7c:62:86:
86:bc:d5:0e:f3:79:e0:7f:85:a7:f2:d9:ed:82:11:
25:c4:60:e9:32:d6:07:85:f6:31:ff:2d:d9:a9:a6:
bb:9c:14:f3:e7:c3:92:04:6b:a4:13:58:04:4f:dd:
61:50:96:e4:54:bf:31:d6:6d:5a:fb:b3:99:a1:ff:
dd:42:27:33:cc:29:a7:42:01:7c:00:3a:9d:bd:19:
44:07:60:f1:c8:7a:01:5a:15:df:47:2a:71:2a:9f:
50:3c:cd:dd:93:05:68:5d:0f:46:d6:87:5b:c2:e8:
33:1c:f8:be:43:30:3f:2b:30:90:f1:14:84:b6:a1:
28:e0:25:63:46:d9:39:20:75:96:9b:1a:4a:85:a6:
66:9c:46:1b:fb:c8:c8:44:6d:45:c1:16:3c:c3:90:
37:18:5f:e8:a1:66:1a:f8:ee:a5:1a:36:a2:14:b4:
64:36:ee:8e:c7:d0:d7:b7:c8:64:9b:41:48:f8:db:
07:b7:4b:9a:7b:5f:03:1c:a9:cf:ca:11:24:3a:86:
f3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:6D:3C:76:89:0D:F9:A2:F7:44:7C:9E:28:1A:2E:D4:4C:29:47:6C
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/1W08dokN-aL3RHyeKBou1EwpR2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.17.48.0/20
Signature Algorithm: sha256WithRSAEncryption
46:df:e0:56:55:01:73:4a:fc:7d:4d:cd:50:14:7b:62:e3:a1:
3f:b6:eb:eb:52:e2:99:a1:1f:7f:b4:82:ec:11:49:95:cb:52:
2c:8d:c0:8c:6d:ed:91:7b:c9:34:22:91:54:ac:48:9e:56:7b:
14:cb:6f:9e:be:9e:24:52:33:3d:bf:26:37:8c:f8:b8:48:17:
70:34:b6:df:e3:e8:d1:b7:59:bd:97:cd:28:d2:86:f2:a3:45:
61:f9:43:82:9c:52:25:bd:13:cf:e5:27:cf:2b:46:44:0e:ef:
e2:e8:86:20:0f:83:60:4f:58:c3:65:c7:f6:0f:01:d6:9b:6d:
dd:5e:97:42:8f:dd:65:8f:83:08:d8:72:ec:4b:d7:f3:c4:f6:
9c:45:e9:57:97:f6:41:30:b7:e4:8f:30:24:9c:50:f0:68:a2:
99:6d:ff:07:86:c8:ec:93:d8:b1:b2:cd:e1:0b:03:e5:33:35:
09:ae:ed:f0:1f:02:6c:a2:bb:19:00:15:ca:82:f6:39:52:6d:
93:fe:f0:8a:59:4a:a2:a1:05:54:77:7f:86:4b:1a:be:ee:bd:
ca:5d:a4:bc:de:5a:d8:1e:2e:71:6f:46:23:42:4d:4a:08:91:
ed:ec:a3:6b:92:7e:3c:8f:e4:d0:e1:3e:d3:7d:51:71:17:e5:
eb:e2:ac:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTV8dRo8VzKfTEfxX8SHn/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwMjA1MTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTZkM2M3Njg5MGRmOWEyZjc0NDdjOWUyODFhMmVkNDRjMjk0NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlWYAm9KJktsJk9ndhLWgJE5Gpxz
5ZJs6QgpKRc1bo5T40oJmo/LXUYKvZFfdqamrBApPpieRlJ8YoaGvNUO83ngf4Wn
8tntghElxGDpMtYHhfYx/y3Zqaa7nBTz58OSBGukE1gET91hUJbkVL8x1m1a+7OZ
of/dQiczzCmnQgF8ADqdvRlEB2DxyHoBWhXfRypxKp9QPM3dkwVoXQ9G1odbwugz
HPi+QzA/KzCQ8RSEtqEo4CVjRtk5IHWWmxpKhaZmnEYb+8jIRG1FwRY8w5A3GF/o
oWYa+O6lGjaiFLRkNu6Ox9DXt8hkm0FI+NsHt0uae18DHKnPyhEkOobzIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNVtPHaJDfmi90R8nigaLtRMKUdsMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvMVcwOGRva04tYUwzUkh5ZUtCb3UxRXdwUjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEshEwMA0G
CSqGSIb3DQEBCwUAA4IBAQBG3+BWVQFzSvx9Tc1QFHti46E/tuvrUuKZoR9/tILs
EUmVy1IsjcCMbe2Re8k0IpFUrEieVnsUy2+evp4kUjM9vyY3jPi4SBdwNLbf4+jR
t1m9l80o0obyo0Vh+UOCnFIlvRPP5SfPK0ZEDu/i6IYgD4NgT1jDZcf2DwHWm23d
XpdCj91lj4MI2HLsS9fzxPacRelXl/ZBMLfkjzAknFDwaKKZbf8Hhsjsk9ixss3h
CwPlMzUJru3wHwJsorsZABXKgvY5Um2T/vCKWUqioQVUd3+GSxq+7r3KXaS83lrY
Hi5xb0YjQk1KCJHt7KNrkn48j+TQ4T7TfVFxF+Xr4qzk
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:47 2025 by rpki-client