Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/jk2u3rCp5JuPVP3GULdeTxo0S7o.roa
File: jk2u3rCp5JuPVP3GULdeTxo0S7o.roa (raw, json)
Hash identifier: paqAJrCbUkrKQAk06nDD/p6uBsdr89OwbC2Th5fXwlM=
Subject key identifier: 8E:4D:AE:DE:B0:A9:E4:9B:8F:54:FD:C6:50:B7:5E:4F:1A:34:4B:BA
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196B86FB5CCC69D6E6642675C24D922751E
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/jk2u3rCp5JuPVP3GULdeTxo0S7o.roa
Signing time: Sat 10 May 2025 04:24:10 +0000
ROA not before: Sat 10 May 2025 04:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36352
IP address blocks: 94.249.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 21:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:6f:b5:cc:c6:9d:6e:66:42:67:5c:24:d9:22:75:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 10 04:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e4daedeb0a9e49b8f54fdc650b75e4f1a344bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:46:cc:60:1d:9c:3b:20:6b:79:49:37:f8:cd:
7a:e6:c5:ea:82:ab:e4:1e:15:bc:94:ae:25:05:a8:
0c:32:a7:e4:28:d8:cf:9b:1b:ef:16:5c:47:87:c2:
08:a6:43:03:cf:9a:96:40:95:01:07:0e:ee:2e:20:
65:23:70:e5:15:da:a4:26:cb:81:18:1e:b5:d1:a8:
d7:a1:e5:17:91:0b:3e:55:8f:dc:53:1f:05:fa:01:
11:60:43:94:22:a1:e0:2a:34:2e:5f:cc:0d:9c:5d:
a5:8c:7e:11:8e:5d:34:d2:0a:52:f2:48:2f:27:05:
d7:af:7c:8f:94:3a:6e:5b:d5:7c:f6:1f:ca:08:b6:
05:69:9e:41:c9:0c:66:c3:0e:d4:27:37:4b:51:4e:
5a:db:5d:18:a9:f9:f0:24:fd:eb:36:d0:1d:03:e4:
1b:ec:8f:3a:e4:0e:11:f7:c9:81:73:b5:c1:56:09:
74:a9:03:f0:3e:d1:b7:0b:66:97:8f:44:0f:46:58:
87:37:e0:b4:53:19:0b:50:3e:78:26:54:d1:af:46:
5e:ac:0c:02:83:ed:75:d0:d8:3e:23:91:8c:cc:cd:
fc:96:b5:15:08:bd:4a:da:f8:75:6a:dd:12:b8:39:
99:5f:54:8a:24:27:40:bb:5c:de:da:4e:7d:69:8e:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4D:AE:DE:B0:A9:E4:9B:8F:54:FD:C6:50:B7:5E:4F:1A:34:4B:BA
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/jk2u3rCp5JuPVP3GULdeTxo0S7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.249.232.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:62:52:52:50:67:b4:0a:37:c6:d0:6d:1d:d5:ac:4a:f5:f2:
d2:66:ea:29:2a:ac:0a:e8:1f:3e:39:fc:06:f7:82:fc:36:7d:
49:94:ac:b0:0c:ff:41:b0:73:e9:09:b6:1f:b7:72:26:62:24:
5e:69:53:17:4c:4c:5e:58:42:00:b9:7f:03:4b:d2:e0:bc:2b:
2d:d6:de:ed:ae:b5:59:e5:2a:9d:25:54:d9:b4:4c:e5:bd:9d:
4d:46:b1:32:dd:01:a2:4c:3b:e1:8f:7c:64:1a:32:19:bd:22:
f4:c3:a1:62:72:17:b9:5f:65:c8:54:ea:a8:52:58:03:22:b5:
c8:d8:66:3d:ed:f9:0e:8d:c9:55:e5:13:2b:bf:25:a2:da:90:
1c:f0:6f:fd:83:e5:dc:c8:bc:96:df:c4:53:23:b0:41:bc:07:
e0:8d:2c:9f:38:c0:78:58:38:6e:54:68:9b:c3:81:91:d0:36:
64:fc:85:2c:84:e0:04:77:83:a2:39:b4:6c:2d:90:79:27:95:
73:d6:a4:d0:c9:25:8d:6c:a7:f4:54:99:05:f7:41:9a:b9:31:
55:15:bb:33:ed:af:40:70:a7:13:30:78:b6:8d:a4:3b:4c:42:
c2:58:91:a5:fe:c1:34:63:10:cd:34:60:06:12:9f:11:17:c9:
25:c4:76:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZa4b7XMxp1uZkJnXCTZInUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTEwMDQyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRkYWVkZWIwYTllNDliOGY1NGZkYzY1MGI3NWU0ZjFhMzQ0YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UbMYB2cOyBreUk3+M165sXqgqvk
HhW8lK4lBagMMqfkKNjPmxvvFlxHh8IIpkMDz5qWQJUBBw7uLiBlI3DlFdqkJsuB
GB610ajXoeUXkQs+VY/cUx8F+gERYEOUIqHgKjQuX8wNnF2ljH4Rjl000gpS8kgv
JwXXr3yPlDpuW9V89h/KCLYFaZ5ByQxmww7UJzdLUU5a210YqfnwJP3rNtAdA+Qb
7I865A4R98mBc7XBVgl0qQPwPtG3C2aXj0QPRliHN+C0UxkLUD54JlTRr0ZerAwC
g+110Ng+I5GMzM38lrUVCL1K2vh1at0SuDmZX1SKJCdAu1ze2k59aY6HhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5Nrt6wqeSbj1T9xlC3Xk8aNEu6MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvamsydTNyQ3A1SnVQVlAzR1VMZGVUeG8wUzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXvnoMA0G
CSqGSIb3DQEBCwUAA4IBAQDhYlJSUGe0CjfG0G0d1axK9fLSZuopKqwK6B8+OfwG
94L8Nn1JlKywDP9BsHPpCbYft3ImYiReaVMXTExeWEIAuX8DS9LgvCst1t7trrVZ
5SqdJVTZtEzlvZ1NRrEy3QGiTDvhj3xkGjIZvSL0w6Fiche5X2XIVOqoUlgDIrXI
2GY97fkOjclV5RMrvyWi2pAc8G/9g+XcyLyW38RTI7BBvAfgjSyfOMB4WDhuVGib
w4GR0DZk/IUshOAEd4OiObRsLZB5J5Vz1qTQySWNbKf0VJkF90GauTFVFbsz7a9A
cKcTMHi2jaQ7TELCWJGl/sE0YxDNNGAGEp8RF8klxHZI
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:48:56 2025 by rpki-client