Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/sn0PnVxMDfZErYcqr3NNWcgO3c0.roa
File: sn0PnVxMDfZErYcqr3NNWcgO3c0.roa (raw, json)
Hash identifier: kboz0NtGXyhFD1dS5/uD4NmikjmXFcmDr+WFfQVevbk=
Subject key identifier: B2:7D:0F:9D:5C:4C:0D:F6:44:AD:87:2A:AF:73:4D:59:C8:0E:DD:CD
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0196E47D2B5C8009DDC516FF93598554C9BA
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/sn0PnVxMDfZErYcqr3NNWcgO3c0.roa
Signing time: Sun 18 May 2025 17:42:10 +0000
ROA not before: Sun 18 May 2025 17:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211747
IP address blocks: 194.31.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 09:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e4:7d:2b:5c:80:09:dd:c5:16:ff:93:59:85:54:c9:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: May 18 17:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b27d0f9d5c4c0df644ad872aaf734d59c80eddcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:14:e2:53:3f:fb:44:35:83:28:7f:a9:a8:95:
22:f2:20:73:cc:78:6a:fe:e7:8b:17:20:22:8f:1b:
76:ce:5e:28:33:87:1b:c3:3a:1a:9b:22:6d:be:55:
2f:52:b2:c7:8a:be:45:c2:9a:26:82:86:e6:51:3a:
d4:85:71:fb:67:0a:df:9e:7b:8a:83:e8:46:98:75:
7d:ce:82:56:d1:40:4d:74:57:d2:ee:54:62:cc:0d:
90:89:6e:b3:9f:b4:fb:68:5e:bd:de:85:35:8d:93:
5d:0f:3a:75:d5:70:0c:1a:ae:32:7a:ac:4c:29:9c:
fa:75:b8:8b:de:17:af:bd:73:09:16:65:a0:e6:af:
98:2e:13:a1:39:d1:a8:ae:24:e8:8b:dd:75:f2:58:
c1:02:2b:01:be:c3:04:0e:1b:24:f7:2d:83:2f:c9:
26:a4:38:9f:46:83:6c:3a:f3:83:91:e1:12:1e:f5:
62:a8:c0:cd:a0:b3:8c:e4:dc:02:69:6b:a6:05:77:
52:7a:16:7c:f5:45:9b:52:a4:79:2f:7a:be:d1:8f:
6b:cd:1f:ca:89:38:cf:25:66:04:b9:cc:e6:26:74:
d2:5f:41:a3:f9:46:29:e8:8a:42:64:66:a8:cc:ed:
7a:81:79:00:c9:71:0c:06:0a:b1:44:c8:23:24:9c:
d3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:7D:0F:9D:5C:4C:0D:F6:44:AD:87:2A:AF:73:4D:59:C8:0E:DD:CD
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/sn0PnVxMDfZErYcqr3NNWcgO3c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.143.0/24
Signature Algorithm: sha256WithRSAEncryption
32:27:80:69:1f:15:d2:d9:ca:36:41:33:0c:78:90:e1:85:b3:
e1:b6:49:b8:20:32:b1:22:12:5e:39:fc:6b:95:56:3c:a4:fd:
b1:ee:93:be:67:6c:12:aa:ef:b6:37:eb:2d:d3:72:f8:37:95:
c1:7a:3f:29:0c:36:4e:45:20:4b:00:d8:d1:37:e0:ab:cc:3a:
9b:0c:64:22:98:88:fa:93:8f:03:46:ab:f5:f9:08:5e:6b:65:
5e:e5:f1:80:c7:8a:58:32:05:98:86:0d:49:0b:81:e2:74:17:
09:07:e1:81:27:3c:db:e7:6b:48:fb:b2:91:20:4c:6c:46:95:
25:92:e6:b5:ba:31:c7:17:b0:b6:31:b9:d9:3b:c2:a2:fd:e2:
f9:69:ce:35:e5:99:8b:00:5d:3c:fb:16:f0:0a:c6:84:ad:ec:
c2:bc:38:ff:2e:e2:ce:35:94:70:44:63:b7:6c:a6:8a:5f:e6:
13:4b:cf:71:42:bc:a2:aa:bc:2d:e7:cb:cd:5b:4f:fc:c2:ed:
d0:1e:f2:06:a2:f1:9e:9c:73:21:97:5c:f5:30:fa:90:01:e0:
a5:bc:50:f8:59:f8:a5:61:27:46:db:93:38:12:5c:ba:0b:40:
47:01:d5:f8:4f:e3:4c:ab:76:a5:08:9a:a2:2e:50:44:9d:8a:
32:f5:e2:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbkfStcgAndxRb/k1mFVMm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNTE4MTc0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjdkMGY5ZDVjNGMwZGY2NDRhZDg3MmFhZjczNGQ1OWM4MGVkZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xTiUz/7RDWDKH+pqJUi8iBzzHhq
/ueLFyAijxt2zl4oM4cbwzoamyJtvlUvUrLHir5FwpomgobmUTrUhXH7ZwrfnnuK
g+hGmHV9zoJW0UBNdFfS7lRizA2QiW6zn7T7aF693oU1jZNdDzp11XAMGq4yeqxM
KZz6dbiL3hevvXMJFmWg5q+YLhOhOdGoriToi9118ljBAisBvsMEDhsk9y2DL8km
pDifRoNsOvODkeESHvViqMDNoLOM5NwCaWumBXdSehZ89UWbUqR5L3q+0Y9rzR/K
iTjPJWYEuczmJnTSX0Gj+UYp6IpCZGaozO16gXkAyXEMBgqxRMgjJJzTOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJ9D51cTA32RK2HKq9zTVnIDt3NMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvc24wUG5WeE1EZlpFclljcXIzTk5XY2dPM2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+PMA0G
CSqGSIb3DQEBCwUAA4IBAQAyJ4BpHxXS2co2QTMMeJDhhbPhtkm4IDKxIhJeOfxr
lVY8pP2x7pO+Z2wSqu+2N+st03L4N5XBej8pDDZORSBLANjRN+CrzDqbDGQimIj6
k48DRqv1+Qhea2Ve5fGAx4pYMgWYhg1JC4HidBcJB+GBJzzb52tI+7KRIExsRpUl
kua1ujHHF7C2MbnZO8Ki/eL5ac415ZmLAF08+xbwCsaErezCvDj/LuLONZRwRGO3
bKaKX+YTS89xQryiqrwt58vNW0/8wu3QHvIGovGenHMhl1z1MPqQAeClvFD4Wfil
YSdG25M4Ely6C0BHAdX4T+NMq3alCJqiLlBEnYoy9eKZ
-----END CERTIFICATE-----
Generated at Mon Jun 16 07:47:39 2025 by rpki-client