Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/9a8REaHeh0dLDmrNr6HcFt8xNdg.roa
File: 9a8REaHeh0dLDmrNr6HcFt8xNdg.roa (raw, json)
Hash identifier: ZRNTTplWoxY77bQw7uQJeiV/qQlotyRKqxCpcCgDIf4=
Subject key identifier: F5:AF:11:11:A1:DE:87:47:4B:0E:6A:CD:AF:A1:DC:16:DF:31:35:D8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195F9DA065E252FAAD18E57A66BF38E12D6
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/9a8REaHeh0dLDmrNr6HcFt8xNdg.roa
Signing time: Thu 03 Apr 2025 04:12:50 +0000
ROA not before: Thu 03 Apr 2025 04:12:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 185.47.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 01:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f9:da:06:5e:25:2f:aa:d1:8e:57:a6:6b:f3:8e:12:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 3 04:12:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5af1111a1de87474b0e6acdafa1dc16df3135d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:91:ae:2b:81:e2:b0:3e:18:79:25:eb:e0:01:
a4:a0:af:8b:89:fa:dc:9f:47:4b:1e:a5:73:a7:ca:
fd:22:92:78:db:39:6f:27:4a:3c:ab:3f:3d:7d:c5:
bc:02:4b:a3:78:90:d0:d2:d4:ca:55:96:56:c8:ce:
f4:a6:68:6e:88:4f:10:f3:4d:db:cb:03:54:a7:b1:
8c:2d:af:6f:17:50:d4:ec:10:42:71:9d:be:69:18:
a7:f6:b8:d6:fb:4f:bf:30:a2:ab:4f:c6:fc:6f:e4:
b6:1f:b8:6f:a3:e3:02:f2:c0:77:4d:b3:93:2f:90:
b6:6b:e2:02:bf:ec:d7:70:2a:97:c9:d6:ed:9a:e4:
27:d4:7c:1c:a4:a3:db:16:ff:31:14:2a:dd:1d:40:
55:8d:29:ef:e4:51:6f:b0:40:e4:4e:4b:73:c2:bb:
ad:c6:b7:19:31:ad:5a:85:40:f2:52:4f:86:db:63:
79:a1:db:4b:73:e3:bb:91:29:17:77:f9:8e:da:a9:
cb:7a:54:68:89:6b:27:95:ac:c7:22:78:68:13:0f:
15:a4:2a:d5:8c:be:43:ba:77:63:a5:fb:9b:b2:17:
ff:6a:18:50:c6:5b:74:1e:d0:99:7a:96:61:f5:7f:
e7:3c:3d:f7:70:67:af:d3:af:26:7d:9c:3e:54:58:
a6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AF:11:11:A1:DE:87:47:4B:0E:6A:CD:AF:A1:DC:16:DF:31:35:D8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/9a8REaHeh0dLDmrNr6HcFt8xNdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.142.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d2:7f:4a:ee:23:48:83:7b:90:38:20:4f:1b:7a:60:17:27:
6e:d9:8a:7d:d1:ce:0e:5d:03:ba:d0:a2:d9:18:3f:71:47:b7:
ef:b6:46:d3:df:28:5e:66:c3:9d:c1:e7:29:ea:53:b1:90:b0:
c8:d0:ff:45:b3:d8:8d:96:0f:23:aa:58:aa:96:f8:78:ac:7f:
bf:e1:0b:13:b6:c6:0b:5d:dd:f1:d3:87:5b:2c:bd:b3:e1:c4:
54:2e:02:d1:8d:b6:6e:ff:97:fd:dd:d2:4e:66:c5:af:2d:e0:
cd:20:28:2d:03:5d:cc:2c:25:cc:70:e8:c4:98:bf:3f:07:27:
6f:36:9c:1e:2d:e4:0f:94:2b:11:3d:d7:b0:20:9c:e2:71:68:
e2:8e:f6:e0:fc:dc:13:e5:52:f0:2b:78:7c:9a:5e:02:65:9d:
8b:0e:a0:80:ae:b8:2a:a2:c5:41:f5:5d:26:df:26:0e:0f:cc:
cd:31:9c:52:02:3b:c8:15:c1:d4:4d:32:8c:37:a9:ce:2e:12:
8a:af:0b:80:e0:cb:c6:9c:ef:1a:f9:3f:23:0e:30:d5:86:2c:
2e:55:f0:2b:d5:76:c0:6b:8d:91:98:64:34:88:a5:0a:4c:df:
66:c1:be:7a:4d:5d:3a:27:bb:b1:f8:f5:75:a7:17:bd:f7:f8:
b3:83:65:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX52gZeJS+q0Y5XpmvzjhLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDAzMDQxMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWFmMTExMWExZGU4NzQ3NGIwZTZhY2RhZmExZGMxNmRmMzEzNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JGuK4HisD4YeSXr4AGkoK+Lifrc
n0dLHqVzp8r9IpJ42zlvJ0o8qz89fcW8AkujeJDQ0tTKVZZWyM70pmhuiE8Q803b
ywNUp7GMLa9vF1DU7BBCcZ2+aRin9rjW+0+/MKKrT8b8b+S2H7hvo+MC8sB3TbOT
L5C2a+ICv+zXcCqXydbtmuQn1HwcpKPbFv8xFCrdHUBVjSnv5FFvsEDkTktzwrut
xrcZMa1ahUDyUk+G22N5odtLc+O7kSkXd/mO2qnLelRoiWsnlazHInhoEw8VpCrV
jL5Dundjpfubshf/ahhQxlt0HtCZepZh9X/nPD33cGev068mfZw+VFimOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWvERGh3odHSw5qza+h3BbfMTXYMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOWE4UkVhSGVoMGRMRG1yTnI2SGNGdDh4TmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS+OMA0G
CSqGSIb3DQEBCwUAA4IBAQAe0n9K7iNIg3uQOCBPG3pgFydu2Yp90c4OXQO60KLZ
GD9xR7fvtkbT3yheZsOdwecp6lOxkLDI0P9Fs9iNlg8jqliqlvh4rH+/4QsTtsYL
Xd3x04dbLL2z4cRULgLRjbZu/5f93dJOZsWvLeDNICgtA13MLCXMcOjEmL8/Bydv
NpweLeQPlCsRPdewIJzicWjijvbg/NwT5VLwK3h8ml4CZZ2LDqCArrgqosVB9V0m
3yYOD8zNMZxSAjvIFcHUTTKMN6nOLhKKrwuA4MvGnO8a+T8jDjDVhiwuVfAr1XbA
a42RmGQ0iKUKTN9mwb56TV06J7ux+PV1pxe99/izg2X4
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:44:49 2025 by rpki-client