Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/3ysXHaRMaDY0_uHzw3w_pnw09WM.roa
File: 3ysXHaRMaDY0_uHzw3w_pnw09WM.roa (raw, json)
Hash identifier: TIh1xc1igMBeMnuqj1qNXQ/UHGJk3HVAN5ZRYDEWZz4=
Subject key identifier: DF:2B:17:1D:A4:4C:68:36:34:FE:E1:F3:C3:7C:3F:A6:7C:34:F5:63
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB3770F5CA7BAC8AAC3832A8BFD6EA
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/3ysXHaRMaDY0_uHzw3w_pnw09WM.roa
Signing time: Wed 01 Jan 2025 17:47:56 +0000
ROA not before: Wed 01 Jan 2025 17:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199218
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:37:70:f5:ca:7b:ac:8a:ac:38:32:a8:bf:d6:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df2b171da44c683634fee1f3c37c3fa67c34f563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:66:ad:ca:f8:bb:ba:b1:33:7d:71:60:bb:1f:
5c:50:4b:8b:da:02:5b:7d:a1:fb:53:44:88:09:ac:
5a:01:97:7c:4b:a1:16:d0:8f:e5:72:e4:9c:fb:b9:
30:b3:cf:9c:c9:cf:90:dd:43:30:70:c8:5d:00:d3:
57:83:ae:47:7f:c1:da:80:3d:e3:29:34:cd:a6:fb:
f0:5a:66:0c:9f:71:60:9c:7b:f1:e2:a0:86:b1:9a:
65:44:b7:98:12:79:22:bc:f4:33:fe:62:88:5a:43:
0c:d8:c6:6c:57:95:fa:a1:af:56:60:21:b6:b1:bf:
2d:bc:b6:18:70:40:5b:ac:df:2a:fc:51:48:05:db:
02:46:15:35:e9:66:86:ab:28:e2:e6:cc:68:34:f0:
15:78:e6:5f:90:10:1e:bf:65:17:89:bd:7f:b5:8f:
89:99:8a:0f:04:75:c8:8e:49:41:e9:b5:67:e3:f8:
76:78:7d:e3:19:83:fc:73:76:99:da:24:16:41:40:
15:a8:46:70:42:78:c8:e9:7d:8d:75:66:b5:73:ba:
84:76:68:da:fd:7b:18:fb:66:8e:53:e1:4f:e0:e9:
93:b3:2b:36:b8:87:c7:4d:fe:14:86:12:0c:79:ac:
9f:4f:a4:9e:20:a8:64:b5:98:e4:53:58:1b:aa:d6:
4e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2B:17:1D:A4:4C:68:36:34:FE:E1:F3:C3:7C:3F:A6:7C:34:F5:63
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/3ysXHaRMaDY0_uHzw3w_pnw09WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ab:45:a0:e2:69:f2:70:d3:2a:f5:94:6f:1f:57:0e:4f:30:
9b:96:ac:53:50:d7:85:74:49:d0:6a:b8:0d:78:80:08:62:f1:
6c:e9:84:9a:65:b3:76:70:eb:99:64:e4:08:b2:e4:7d:55:ca:
b9:87:0b:f4:f4:69:c8:5c:19:9d:1c:f1:d4:c1:ff:17:4c:46:
53:ec:cd:3d:4b:9d:f3:73:8a:26:6a:28:07:af:29:ad:49:5d:
99:a8:c7:e8:16:d1:d9:25:aa:4e:f5:96:1a:68:79:1c:13:65:
e4:82:97:2d:29:be:36:f4:3b:9c:7a:07:2e:99:27:a9:57:ff:
2c:a8:d4:da:e6:86:22:81:e3:1c:e9:38:f0:bb:9d:ea:28:aa:
46:23:5d:be:a4:ca:7b:4d:e1:90:1a:5e:3d:0b:4f:8f:c7:aa:
5e:35:f0:28:c2:1f:9a:cb:39:7e:0c:74:b6:3a:11:c3:d8:a0:
1d:ca:4f:73:57:76:a3:9f:49:c0:d3:07:99:c0:42:c0:49:e4:
6c:cd:a7:ac:e3:38:98:ca:c3:92:a1:07:91:7d:84:28:0c:85:
1d:d3:20:ae:6d:3d:09:5b:cc:a4:b3:f7:6a:d5:6a:78:6d:c2:
b4:8b:cc:55:0b:96:1b:15:a8:09:f3:02:42:c4:b0:42:26:6b:
3e:0c:d7:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zdw9cp7rIqsODKov9bqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJiMTcxZGE0NGM2ODM2MzRmZWUxZjNjMzdjM2ZhNjdjMzRmNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmatyvi7urEzfXFgux9cUEuL2gJb
faH7U0SICaxaAZd8S6EW0I/lcuSc+7kws8+cyc+Q3UMwcMhdANNXg65Hf8HagD3j
KTTNpvvwWmYMn3FgnHvx4qCGsZplRLeYEnkivPQz/mKIWkMM2MZsV5X6oa9WYCG2
sb8tvLYYcEBbrN8q/FFIBdsCRhU16WaGqyji5sxoNPAVeOZfkBAev2UXib1/tY+J
mYoPBHXIjklB6bVn4/h2eH3jGYP8c3aZ2iQWQUAVqEZwQnjI6X2NdWa1c7qEdmja
/XsY+2aOU+FP4OmTsys2uIfHTf4UhhIMeayfT6SeIKhktZjkU1gbqtZOAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8rFx2kTGg2NP7h88N8P6Z8NPVjMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvM3lzWEhhUk1hRFkwX3VIenczd19wbncwOVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQB4q0Wg4mnycNMq9ZRvH1cOTzCblqxTUNeFdEnQargN
eIAIYvFs6YSaZbN2cOuZZOQIsuR9Vcq5hwv09GnIXBmdHPHUwf8XTEZT7M09S53z
c4omaigHrymtSV2ZqMfoFtHZJapO9ZYaaHkcE2XkgpctKb429DucegcumSepV/8s
qNTa5oYigeMc6Tjwu53qKKpGI12+pMp7TeGQGl49C0+Px6peNfAowh+ayzl+DHS2
OhHD2KAdyk9zV3ajn0nA0weZwELASeRszaes4ziYysOSoQeRfYQoDIUd0yCubT0J
W8yks/dq1Wp4bcK0i8xVC5YbFagJ8wJCxLBCJms+DNca
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:10:31 2025 by rpki-client