Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/AiwWpl6A3k5zMtbqLPErSSS_bEM.roa
File: AiwWpl6A3k5zMtbqLPErSSS_bEM.roa (raw, json)
Hash identifier: RdP/tfbL9xM+zgtRwNRQDf/qISMdftvN4oSQa0LB4aY=
Subject key identifier: 02:2C:16:A6:5E:80:DE:4E:73:32:D6:EA:2C:F1:2B:49:24:BF:6C:43
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB366DD9939878AA753D484CE5A147
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/AiwWpl6A3k5zMtbqLPErSSS_bEM.roa
Signing time: Wed 01 Jan 2025 17:47:56 +0000
ROA not before: Wed 01 Jan 2025 17:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:36:6d:d9:93:98:78:aa:75:3d:48:4c:e5:a1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=022c16a65e80de4e7332d6ea2cf12b4924bf6c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0e:94:2e:69:5b:04:73:ef:42:87:a1:c5:19:
a0:a3:70:0f:b1:e2:3a:70:64:60:00:9d:1f:a8:f7:
3b:8f:9e:57:5d:39:6a:c0:5e:45:23:e6:c2:3e:dc:
a9:5a:7a:df:68:48:b2:5f:20:f2:94:bc:bd:78:89:
ae:4f:2a:fd:89:a7:57:b8:20:5b:1a:2b:19:9a:3f:
cd:26:4a:e1:f8:87:3b:87:20:5c:57:d4:86:6b:3d:
df:f5:92:be:1b:79:62:c4:30:18:53:8f:a7:6e:c0:
da:d9:79:60:4c:02:9b:cb:3f:c8:8b:b0:a8:5b:84:
d2:cf:75:91:5f:47:b9:73:19:f0:6b:96:a9:cf:81:
56:42:02:7e:14:ab:3f:78:58:ec:bd:18:d4:c1:e0:
af:24:f0:3d:34:52:99:8e:da:21:3a:04:e1:ea:51:
7d:0b:ca:d2:f1:62:f2:c7:7a:99:78:6a:0f:9c:2c:
13:a9:e9:c2:52:ca:85:04:90:da:c8:54:2a:8e:e9:
ef:be:fa:f5:2b:7c:57:43:7e:1c:6a:31:4c:cd:3e:
00:f4:a7:f8:32:a4:3c:1f:ec:9f:88:0b:a4:f0:5f:
a4:37:34:46:10:23:f6:1c:6a:a0:ab:c2:90:7b:e1:
e8:e4:58:fb:4a:e5:d4:3c:61:09:1a:ec:1e:6f:2f:
9b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2C:16:A6:5E:80:DE:4E:73:32:D6:EA:2C:F1:2B:49:24:BF:6C:43
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/AiwWpl6A3k5zMtbqLPErSSS_bEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
33:69:1a:48:aa:54:51:2b:c1:a4:dd:70:de:e2:1c:ea:38:b6:
f8:a1:76:0c:7e:fd:3a:82:a7:14:5b:14:5c:14:c2:12:15:28:
a4:8e:ea:dc:f1:e7:c4:78:d7:0d:d5:f7:85:1e:81:12:a5:06:
d3:57:c2:b7:3f:bb:a9:f4:26:42:c6:7e:09:19:6a:7b:c3:ff:
f8:29:a9:08:59:77:f1:93:3b:48:d6:ea:db:49:fe:13:0c:fd:
46:e3:cb:18:38:45:43:f3:a2:67:9c:e3:e2:ed:b0:b9:18:fa:
4b:a8:7c:43:c7:eb:c6:cf:ee:a2:91:a7:03:e3:00:6c:69:c9:
65:15:4a:16:e2:b9:31:a0:5f:25:d8:b9:95:7b:ee:d1:ca:6f:
79:29:25:5d:ad:a4:ac:90:f8:d1:b9:b2:0f:40:7f:a1:44:91:
fe:57:af:0b:20:0e:a1:13:e6:2f:3b:f4:ae:ea:7f:2e:c4:3c:
06:0e:dc:85:37:ab:c2:13:d0:88:fe:a9:c8:41:54:65:c8:70:
65:92:84:79:af:09:74:49:56:26:00:ab:08:3d:e2:89:af:e6:
af:9f:98:50:72:39:33:83:74:49:62:5a:e9:89:52:ce:56:38:
9e:3c:0a:5f:6f:11:b9:10:f7:a6:2e:f0:24:53:8b:13:df:56:
14:15:d5:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zZt2ZOYeKp1PUhM5aFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJjMTZhNjVlODBkZTRlNzMzMmQ2ZWEyY2YxMmI0OTI0YmY2YzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g6ULmlbBHPvQoehxRmgo3APseI6
cGRgAJ0fqPc7j55XXTlqwF5FI+bCPtypWnrfaEiyXyDylLy9eImuTyr9iadXuCBb
GisZmj/NJkrh+Ic7hyBcV9SGaz3f9ZK+G3lixDAYU4+nbsDa2XlgTAKbyz/Ii7Co
W4TSz3WRX0e5cxnwa5apz4FWQgJ+FKs/eFjsvRjUweCvJPA9NFKZjtohOgTh6lF9
C8rS8WLyx3qZeGoPnCwTqenCUsqFBJDayFQqjunvvvr1K3xXQ34cajFMzT4A9Kf4
MqQ8H+yfiAuk8F+kNzRGECP2HGqgq8KQe+Ho5Fj7SuXUPGEJGuweby+bhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIsFqZegN5OczLW6izxK0kkv2xDMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvQWl3V3BsNkEzazV6TXRicUxQRXJTU1NfYkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQAzaRpIqlRRK8Gk3XDe4hzqOLb4oXYMfv06gqcUWxRc
FMISFSikjurc8efEeNcN1feFHoESpQbTV8K3P7up9CZCxn4JGWp7w//4KakIWXfx
kztI1urbSf4TDP1G48sYOEVD86JnnOPi7bC5GPpLqHxDx+vGz+6ikacD4wBsacll
FUoW4rkxoF8l2LmVe+7Rym95KSVdraSskPjRubIPQH+hRJH+V68LIA6hE+YvO/Su
6n8uxDwGDtyFN6vCE9CI/qnIQVRlyHBlkoR5rwl0SVYmAKsIPeKJr+avn5hQcjkz
g3RJYlrpiVLOVjiePApfbxG5EPemLvAkU4sT31YUFdWu
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:30:00 2025 by rpki-client