Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/dxNsqjA8GaPSVW3n-tpAUA3lkHI.roa
File: dxNsqjA8GaPSVW3n-tpAUA3lkHI.roa (raw, json)
Hash identifier: 19OX3kDhVzj26IGDW1Qwn4xgpoS1KQp/YDlejg1jGtU=
Subject key identifier: 77:13:6C:AA:30:3C:19:A3:D2:55:6D:E7:FA:DA:40:50:0D:E5:90:72
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB33C2C90604F6D46540960F74D4A9
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/dxNsqjA8GaPSVW3n-tpAUA3lkHI.roa
Signing time: Wed 01 Jan 2025 17:47:55 +0000
ROA not before: Wed 01 Jan 2025 17:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 192.109.139.0/24 maxlen: 24
192.109.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 20:08:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:33:c2:c9:06:04:f6:d4:65:40:96:0f:74:d4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77136caa303c19a3d2556de7fada40500de59072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7a:7b:32:32:9c:20:ac:6a:75:58:d4:86:3a:
22:e6:2a:87:55:9d:2d:f9:1a:cd:f2:f0:b4:b8:1f:
16:aa:b3:e4:c6:0f:bc:09:bf:75:61:2f:80:8a:3e:
07:c2:18:58:da:f2:be:29:f1:63:9d:d3:5b:04:9e:
c8:51:1b:1b:5c:b9:3b:20:00:f5:a9:c3:58:4a:4a:
d6:35:ed:1e:09:81:f3:d1:13:dc:a2:4f:e3:f7:50:
db:2b:e8:45:82:68:e9:28:51:a9:29:e8:46:97:87:
71:83:62:fa:3d:a5:40:92:1c:c6:67:c3:fc:0f:e6:
af:26:35:5d:b1:ef:bd:45:db:09:3e:fa:70:eb:f8:
f5:9c:04:15:9b:f7:55:ce:12:bc:00:af:c6:3a:36:
18:f9:f0:cb:37:b3:ea:40:58:f6:0f:2d:02:46:0e:
51:c1:8f:ad:f7:ae:e6:a7:5a:9a:48:63:18:f0:3b:
c0:f3:9a:e9:ce:12:41:bc:52:9c:1d:2b:75:f4:91:
5c:86:79:91:84:1a:8e:ad:7b:96:4e:8a:af:8f:01:
df:56:6b:f5:2a:08:22:66:b3:22:b2:f5:2e:0b:ed:
88:48:4f:b7:46:a3:24:36:ca:4e:79:3c:3e:f6:d5:
5e:18:84:ff:1b:cb:c5:66:a4:0f:6c:41:1e:61:c0:
28:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:13:6C:AA:30:3C:19:A3:D2:55:6D:E7:FA:DA:40:50:0D:E5:90:72
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/dxNsqjA8GaPSVW3n-tpAUA3lkHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
192.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:7e:26:4f:f4:e7:2e:f3:41:bc:c3:21:a8:0c:e4:a5:1b:23:
50:a7:f4:ba:34:d3:d9:28:2c:48:0b:3d:9f:aa:2d:b7:d4:f2:
9d:c1:4f:43:74:25:b7:17:78:0e:12:92:1d:40:3c:fa:f8:01:
62:d5:82:9c:13:60:fa:77:aa:81:2a:a4:86:12:de:b5:08:40:
49:0f:c0:ab:4c:78:e2:71:e8:22:bb:63:ed:56:3b:38:e8:49:
c9:b1:24:28:c1:43:d5:25:29:93:2e:0b:82:53:bd:3f:a7:f2:
9e:d6:3b:59:77:db:cc:01:5b:b2:64:ac:ad:45:1b:ae:cf:47:
7e:73:20:0c:7f:99:86:34:fd:41:e6:cc:0c:e2:b8:44:2c:71:
56:b3:2a:40:d6:50:22:a0:25:47:c9:8a:b9:fd:eb:f9:3c:cb:
9c:8a:dd:f0:b2:c1:b6:d6:f5:bc:7c:17:32:a5:4f:e9:6a:7a:
e9:61:3d:8f:7c:8f:40:a5:87:c3:39:16:f0:a7:78:52:70:41:
92:d0:a0:48:10:14:b4:c7:3b:34:ad:18:76:6e:f9:03:5f:06:
fa:e4:d5:9f:2e:a1:6c:ef:a4:73:50:d8:46:88:65:b8:24:e0:
8b:21:0c:e7:bb:9b:85:6b:24:99:4e:fc:bb:f9:c1:8c:01:7f:
cd:f7:b7:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+zPCyQYE9tRlQJYPdNSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzEzNmNhYTMwM2MxOWEzZDI1NTZkZTdmYWRhNDA1MDBkZTU5MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Xp7MjKcIKxqdVjUhjoi5iqHVZ0t
+RrN8vC0uB8WqrPkxg+8Cb91YS+Aij4HwhhY2vK+KfFjndNbBJ7IURsbXLk7IAD1
qcNYSkrWNe0eCYHz0RPcok/j91DbK+hFgmjpKFGpKehGl4dxg2L6PaVAkhzGZ8P8
D+avJjVdse+9RdsJPvpw6/j1nAQVm/dVzhK8AK/GOjYY+fDLN7PqQFj2Dy0CRg5R
wY+t967mp1qaSGMY8DvA85rpzhJBvFKcHSt19JFchnmRhBqOrXuWToqvjwHfVmv1
KggiZrMisvUuC+2ISE+3RqMkNspOeTw+9tVeGIT/G8vFZqQPbEEeYcAodwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHcTbKowPBmj0lVt5/raQFAN5ZByMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEvZHhOc3FqQThHYVBTVlczbi10cEFVQTNsa0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG2LAwQA
wG3IMA0GCSqGSIb3DQEBCwUAA4IBAQC2fiZP9Ocu80G8wyGoDOSlGyNQp/S6NNPZ
KCxICz2fqi231PKdwU9DdCW3F3gOEpIdQDz6+AFi1YKcE2D6d6qBKqSGEt61CEBJ
D8CrTHjicegiu2PtVjs46EnJsSQowUPVJSmTLguCU70/p/Ke1jtZd9vMAVuyZKyt
RRuuz0d+cyAMf5mGNP1B5swM4rhELHFWsypA1lAioCVHyYq5/ev5PMucit3wssG2
1vW8fBcypU/panrpYT2PfI9ApYfDORbwp3hScEGS0KBIEBS0xzs0rRh2bvkDXwb6
5NWfLqFs76RzUNhGiGW4JOCLIQznu5uFaySZTvy7+cGMAX/N97dL
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:05:47 2025 by rpki-client