Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/y1zOodNQ_ZflbMF4fRtyVitQdMc.roa
File: y1zOodNQ_ZflbMF4fRtyVitQdMc.roa (raw, json)
Hash identifier: PDKFa2oTJnSXWHIqJwg+E8RoUIuCqoAbM+ktDWJ7Cgg=
Subject key identifier: CB:5C:CE:A1:D3:50:FD:97:E5:6C:C1:78:7D:1B:72:56:2B:50:74:C7
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 019422FB34A7CD4DC5C94DCC704AF7F6D040
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/y1zOodNQ_ZflbMF4fRtyVitQdMc.roa
Signing time: Wed 01 Jan 2025 17:47:55 +0000
ROA not before: Wed 01 Jan 2025 17:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 10:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:34:a7:cd:4d:c5:c9:4d:cc:70:4a:f7:f6:d0:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Jan 1 17:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb5ccea1d350fd97e56cc1787d1b72562b5074c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:de:9d:cb:2d:f1:35:09:0b:c7:de:96:04:1d:
14:69:68:00:d5:d9:8a:20:b6:95:93:8f:46:97:75:
1f:ca:f5:47:28:43:f2:57:fe:d7:b4:28:a5:1d:eb:
d2:5d:2a:e6:66:fb:5f:90:73:0f:b0:b2:be:f5:d3:
a9:9e:d7:71:57:c6:23:50:f4:48:54:7f:ea:cc:27:
69:36:f9:4d:51:72:e3:a1:77:1a:1e:5a:82:cb:71:
2c:07:05:06:7d:cf:41:2e:1d:7b:13:b6:6b:91:80:
69:38:95:3f:a7:3f:d9:4a:6a:7e:7c:41:9a:49:94:
7b:e4:f7:cb:c5:c1:3e:5c:6b:2e:31:6f:4b:3c:b7:
96:68:36:16:a7:7e:10:64:52:78:44:7d:59:d9:5c:
cf:03:e8:04:0a:dc:af:57:84:b2:fe:25:25:c0:a7:
29:46:80:ae:28:01:2c:12:d9:fa:22:83:f2:e2:4c:
5a:8e:40:81:43:6c:2d:ef:94:a0:65:59:7a:74:f2:
2d:ae:03:91:b3:ae:a4:82:6e:95:4a:4f:a0:71:3d:
71:e6:cc:be:1d:35:06:f1:7e:0b:45:a5:a2:e0:ae:
3f:8f:2f:7f:13:19:80:2f:b7:f0:dd:06:f8:0f:aa:
8c:92:ce:bc:21:e7:1b:e9:4c:34:a6:c7:31:ad:a6:
68:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5C:CE:A1:D3:50:FD:97:E5:6C:C1:78:7D:1B:72:56:2B:50:74:C7
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/y1zOodNQ_ZflbMF4fRtyVitQdMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:16:09:a9:14:40:ad:3c:46:8a:ac:24:60:ac:70:ca:1e:ef:
c7:bf:db:fa:18:b4:c6:1b:75:a5:e7:be:00:9a:b4:05:9a:09:
fd:af:5f:33:52:0c:83:5c:10:8b:91:19:c5:7a:0b:4d:6b:1d:
95:74:c9:9d:52:49:58:81:13:40:21:39:83:46:52:18:a7:8f:
e6:59:65:79:39:2c:a2:27:65:df:77:8b:85:2a:53:dc:ff:42:
ff:78:7b:91:d7:6c:74:0b:94:3c:6c:c7:e3:8d:b3:c8:35:9b:
96:a4:27:a2:3a:64:0c:c0:ec:36:79:ec:d8:72:4f:a4:59:24:
56:38:9b:34:71:a1:55:d3:f8:79:bc:e5:dc:bb:a0:9f:75:e8:
ab:fa:93:ab:ee:5e:00:39:8f:f8:1a:fa:28:85:ce:4e:34:61:
ff:28:27:7d:60:05:ff:d6:c0:0c:58:6d:84:55:60:2f:dc:ee:
c3:9a:de:e0:89:bd:94:9e:5a:8d:a1:7b:ad:62:7e:61:d4:13:
b2:22:b4:8e:b8:b3:7f:cf:e1:b6:1e:78:24:cf:bd:55:00:61:
af:ae:d3:bd:b0:b8:c4:75:ad:32:79:d3:e5:f8:1d:8d:6c:1b:
9e:6b:32:35:09:f0:e1:71:ef:62:7c:e2:d3:4c:f0:0a:4b:57:
42:09:4d:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+zSnzU3FyU3McEr39tBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjUwMTAxMTc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjVjY2VhMWQzNTBmZDk3ZTU2Y2MxNzg3ZDFiNzI1NjJiNTA3NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t6dyy3xNQkLx96WBB0UaWgA1dmK
ILaVk49Gl3UfyvVHKEPyV/7XtCilHevSXSrmZvtfkHMPsLK+9dOpntdxV8YjUPRI
VH/qzCdpNvlNUXLjoXcaHlqCy3EsBwUGfc9BLh17E7ZrkYBpOJU/pz/ZSmp+fEGa
SZR75PfLxcE+XGsuMW9LPLeWaDYWp34QZFJ4RH1Z2VzPA+gECtyvV4Sy/iUlwKcp
RoCuKAEsEtn6IoPy4kxajkCBQ2wt75SgZVl6dPItrgORs66kgm6VSk+gcT1x5sy+
HTUG8X4LRaWi4K4/jy9/ExmAL7fw3Qb4D6qMks68Iecb6Uw0pscxraZoyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtczqHTUP2X5WzBeH0bclYrUHTHMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEveTF6T29kTlFfWmZsYk1GNGZSdHlWaXRRZE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQC0FgmpFECtPEaKrCRgrHDKHu/Hv9v6GLTGG3Wl574A
mrQFmgn9r18zUgyDXBCLkRnFegtNax2VdMmdUklYgRNAITmDRlIYp4/mWWV5OSyi
J2Xfd4uFKlPc/0L/eHuR12x0C5Q8bMfjjbPINZuWpCeiOmQMwOw2eezYck+kWSRW
OJs0caFV0/h5vOXcu6Cfdeir+pOr7l4AOY/4Gvoohc5ONGH/KCd9YAX/1sAMWG2E
VWAv3O7Dmt7gib2UnlqNoXutYn5h1BOyIrSOuLN/z+G2Hngkz71VAGGvrtO9sLjE
da0yedPl+B2NbBueazI1CfDhce9ifOLTTPAKS1dCCU2L
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:05:56 2025 by rpki-client