Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T8NYW7AfPwHxm5-2Af1QvxUeGTQ.roa
File: T8NYW7AfPwHxm5-2Af1QvxUeGTQ.roa (raw, json)
Hash identifier: sy12NTOyNzWZ3kTRcQmmW+7iBxUoVOhpcaRtvLxRCHk=
Subject key identifier: 4F:C3:58:5B:B0:1F:3F:01:F1:9B:9F:B6:01:FD:50:BF:15:1E:19:34
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01918EAD394F5D6C6D452CCF271710589F70
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T8NYW7AfPwHxm5-2Af1QvxUeGTQ.roa
Signing time: Mon 26 Aug 2024 12:33:22 +0000
ROA not before: Mon 26 Aug 2024 12:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214304
IP address blocks: 194.87.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 13:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:ad:39:4f:5d:6c:6d:45:2c:cf:27:17:10:58:9f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 26 12:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fc3585bb01f3f01f19b9fb601fd50bf151e1934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b3:ac:a7:9e:4b:59:96:64:74:da:a8:b9:31:
de:b0:1e:ee:65:11:d3:51:43:e7:eb:eb:d9:4e:67:
be:53:bf:5d:ca:0e:5c:4a:21:8c:85:bc:75:79:09:
85:3a:14:d2:0d:b2:14:33:79:80:7b:b9:dc:6a:07:
40:7b:c4:5c:3a:cd:4e:15:51:31:b5:98:12:7c:97:
28:6b:da:f9:37:59:c1:a7:c5:73:7d:72:dc:9b:2b:
82:69:0a:4d:1d:ac:a4:5b:36:d0:a0:21:ca:92:0b:
88:06:88:ad:b3:67:86:7b:ef:84:29:43:48:33:f9:
f5:5a:72:7d:2d:2c:d6:e1:b2:6a:7c:00:f3:b9:37:
da:12:ba:44:2e:0b:10:48:12:b6:f2:f7:a0:a6:36:
31:9a:9e:5c:84:8b:f6:9a:95:55:f0:e1:cf:2f:ce:
2d:5a:2b:45:41:98:48:ea:b3:38:37:13:bc:27:96:
6a:3b:6a:f0:06:5c:02:de:3d:19:ce:36:8c:90:c6:
47:96:d2:08:f8:65:9f:2e:5b:1e:0d:1f:e8:aa:60:
9c:ca:c6:cf:5b:0f:26:f3:d6:f2:a4:2e:00:12:0b:
4d:88:0f:c7:86:88:e7:7b:30:49:35:aa:6c:f0:ca:
ef:ce:5f:c5:19:4d:3a:41:ca:c0:0b:91:36:d9:d6:
72:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C3:58:5B:B0:1F:3F:01:F1:9B:9F:B6:01:FD:50:BF:15:1E:19:34
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T8NYW7AfPwHxm5-2Af1QvxUeGTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.246.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:5a:ca:1b:1c:0a:5d:aa:53:4e:5a:75:2c:b1:91:86:10:05:
5b:28:2f:b1:26:ae:29:78:69:59:1f:e5:05:62:95:43:21:33:
91:bf:fb:34:a6:fb:d4:bc:80:c9:b2:c2:4b:b4:fe:3b:b1:5b:
3b:19:b1:04:14:56:26:fd:28:ae:af:d1:52:a2:c2:ad:16:42:
18:bd:0a:d5:c6:5d:10:24:43:02:8b:ab:5e:5e:fe:26:47:39:
12:74:43:ba:b7:66:8f:c9:26:07:fc:bf:44:be:fe:64:08:8a:
25:21:b7:05:3a:b1:16:49:e1:16:75:4b:81:71:e0:33:26:ad:
28:bc:3a:10:ca:2b:f1:a4:2b:f4:a5:b3:fe:de:f4:38:ba:e6:
8d:26:48:1c:e5:fd:eb:0a:d8:98:60:9a:eb:d5:88:7f:d3:d1:
77:24:27:38:ef:c0:31:2f:b2:28:ed:9a:bf:1e:4d:2f:3d:c1:
9d:3e:65:b6:f0:96:25:b5:f4:f9:dd:45:14:a4:bb:e7:14:e0:
26:2e:f7:27:01:72:ec:20:f9:88:67:81:8a:42:7a:51:ea:ab:
f7:fc:da:e7:26:6a:80:26:de:a5:73:40:c7:cb:d3:b9:f9:c9:
35:aa:57:c3:c9:73:86:b7:5d:60:35:6a:6f:0e:08:58:e4:a6:
ff:70:77:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGOrTlPXWxtRSzPJxcQWJ9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwODI2MTIzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmMzNTg1YmIwMWYzZjAxZjE5YjlmYjYwMWZkNTBiZjE1MWUxOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLOsp55LWZZkdNqouTHesB7uZRHT
UUPn6+vZTme+U79dyg5cSiGMhbx1eQmFOhTSDbIUM3mAe7ncagdAe8RcOs1OFVEx
tZgSfJcoa9r5N1nBp8VzfXLcmyuCaQpNHaykWzbQoCHKkguIBoits2eGe++EKUNI
M/n1WnJ9LSzW4bJqfADzuTfaErpELgsQSBK28vegpjYxmp5chIv2mpVV8OHPL84t
WitFQZhI6rM4NxO8J5ZqO2rwBlwC3j0ZzjaMkMZHltII+GWfLlseDR/oqmCcysbP
Ww8m89bypC4AEgtNiA/HhojnezBJNaps8Mrvzl/FGU06QcrAC5E22dZyywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/DWFuwHz8B8ZuftgH9UL8VHhk0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDhOWVc3QWZQd0h4bTUtMkFmMVF2eFVlR1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlf2MA0G
CSqGSIb3DQEBCwUAA4IBAQCLWsobHApdqlNOWnUssZGGEAVbKC+xJq4peGlZH+UF
YpVDITORv/s0pvvUvIDJssJLtP47sVs7GbEEFFYm/Siur9FSosKtFkIYvQrVxl0Q
JEMCi6teXv4mRzkSdEO6t2aPySYH/L9Evv5kCIolIbcFOrEWSeEWdUuBceAzJq0o
vDoQyivxpCv0pbP+3vQ4uuaNJkgc5f3rCtiYYJrr1Yh/09F3JCc478AxL7Io7Zq/
Hk0vPcGdPmW28JYltfT53UUUpLvnFOAmLvcnAXLsIPmIZ4GKQnpR6qv3/NrnJmqA
Jt6lc0DHy9O5+ck1qlfDyXOGt11gNWpvDghY5Kb/cHfk
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:04:56 2025 by rpki-client