Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0ra3iep9oje8OHtcHgpVDdEN2Ow.roa
File: 0ra3iep9oje8OHtcHgpVDdEN2Ow.roa (raw, json)
Hash identifier: ukK2IXzVEehzgrldq1z8mep0k0JlGyTvQKd6OVsLU/o=
Subject key identifier: D2:B6:B7:89:EA:7D:A2:37:BC:38:7B:5C:1E:0A:55:0D:D1:0D:D8:EC
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01961567E306D8059CBD578EAF55F1CDFDBC
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0ra3iep9oje8OHtcHgpVDdEN2Ow.roa
Signing time: Tue 08 Apr 2025 12:37:31 +0000
ROA not before: Tue 08 Apr 2025 12:37:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
212.69.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 13:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:67:e3:06:d8:05:9c:bd:57:8e:af:55:f1:cd:fd:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 8 12:37:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2b6b789ea7da237bc387b5c1e0a550dd10dd8ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1c:8f:fd:dd:1d:31:c4:a5:89:e1:e8:8c:2c:
35:f9:8a:18:12:6b:59:a5:8e:d0:b1:65:a2:ef:89:
28:84:81:7a:49:82:42:cc:a2:e2:c6:c6:e4:2d:d4:
c8:ad:be:ed:ec:c3:1d:6c:cf:ff:8f:67:1a:15:df:
ce:66:c7:0e:e1:d9:58:44:50:54:b0:26:f6:cc:96:
af:f3:c6:3b:6d:e9:c4:79:0a:9f:f2:fb:9e:e0:e3:
90:fa:05:82:82:3e:38:22:da:ed:61:02:4e:ef:bc:
b5:21:ac:f5:52:63:dc:2c:fe:19:cc:07:73:b4:bf:
f5:83:0e:2f:9b:cd:50:4f:c8:f1:c3:af:8a:4b:19:
1f:55:af:f0:a9:34:15:cb:cc:31:e6:8e:6f:42:21:
d0:02:00:d2:af:ff:26:55:e2:4c:12:42:f5:ae:a0:
ed:3a:c1:e8:2a:c6:f6:7e:41:e6:5b:65:cf:de:8d:
9c:6a:24:e0:9f:d3:25:a3:17:99:cd:4b:89:dc:88:
1c:b7:a0:5f:d9:1d:0c:a5:f6:d2:a4:72:8d:0b:f4:
2a:52:74:8e:88:81:a2:ee:1b:89:10:50:20:3a:7f:
6b:65:92:49:ab:74:dc:43:9d:b0:b5:62:21:31:61:
08:e3:13:3f:f5:a2:19:e3:a6:4a:ac:54:31:db:f4:
a5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B6:B7:89:EA:7D:A2:37:BC:38:7B:5C:1E:0A:55:0D:D1:0D:D8:EC
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/0ra3iep9oje8OHtcHgpVDdEN2Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.43.0/24
185.47.91.0/24
212.69.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:48:51:13:4e:23:5b:f2:9f:cf:b9:fd:11:7e:42:da:fe:a8:
c0:4c:a0:7c:2a:68:71:5c:f7:f3:6e:5c:22:c9:c4:2f:d8:dc:
8c:55:cc:51:99:a3:7b:8c:bd:43:08:67:ec:ed:03:e3:6d:7c:
9f:57:38:6c:06:cb:76:8d:dd:65:e6:1c:f3:74:6d:d7:aa:d3:
bc:01:8d:fb:46:87:19:41:3e:2d:c5:fb:6e:35:81:1d:da:99:
38:b1:c9:8d:0f:ff:6d:29:78:2d:f4:b9:8f:27:0b:eb:ac:80:
af:94:40:10:b4:89:69:ff:ac:86:b2:15:c1:c1:22:04:40:72:
d9:3b:88:ad:1e:85:b9:f2:da:ea:ae:3b:c1:2e:8a:9f:92:01:
37:91:e3:c6:67:16:dc:2f:c2:96:46:c2:fd:f8:6a:5b:5a:cb:
fe:52:fe:d9:53:97:d4:a8:54:46:62:94:db:0c:6c:bd:e6:e1:
a8:2e:3c:24:04:d9:d2:f2:5e:9e:18:50:fc:02:0c:1d:eb:63:
0a:02:61:b5:c8:16:82:5e:2e:95:ef:52:49:18:66:72:5c:99:
7c:8a:2b:67:a2:2b:d0:c0:a4:31:3b:66:e8:61:31:20:c3:4c:
7b:a8:95:a6:f5:84:98:85:bb:82:17:4a:4a:91:2a:bc:68:dc:
88:5e:00:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYVZ+MG2AWcvVeOr1Xxzf28MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNDA4MTIzNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI2Yjc4OWVhN2RhMjM3YmMzODdiNWMxZTBhNTUwZGQxMGRkOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRyP/d0dMcSlieHojCw1+YoYEmtZ
pY7QsWWi74kohIF6SYJCzKLixsbkLdTIrb7t7MMdbM//j2caFd/OZscO4dlYRFBU
sCb2zJav88Y7benEeQqf8vue4OOQ+gWCgj44ItrtYQJO77y1Iaz1UmPcLP4ZzAdz
tL/1gw4vm81QT8jxw6+KSxkfVa/wqTQVy8wx5o5vQiHQAgDSr/8mVeJMEkL1rqDt
OsHoKsb2fkHmW2XP3o2caiTgn9MloxeZzUuJ3Igct6Bf2R0MpfbSpHKNC/QqUnSO
iIGi7huJEFAgOn9rZZJJq3TcQ52wtWIhMWEI4xM/9aIZ46ZKrFQx2/SlOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNK2t4nqfaI3vDh7XB4KVQ3RDdjsMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvMHJhM2llcDlvamU4T0h0Y0hncFZEZEVOMk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXkrAwQA
uS9bAwQA1EUBMA0GCSqGSIb3DQEBCwUAA4IBAQBuSFETTiNb8p/Puf0RfkLa/qjA
TKB8KmhxXPfzblwiycQv2NyMVcxRmaN7jL1DCGfs7QPjbXyfVzhsBst2jd1l5hzz
dG3XqtO8AY37RocZQT4txftuNYEd2pk4scmND/9tKXgt9LmPJwvrrICvlEAQtIlp
/6yGshXBwSIEQHLZO4itHoW58trqrjvBLoqfkgE3kePGZxbcL8KWRsL9+GpbWsv+
Uv7ZU5fUqFRGYpTbDGy95uGoLjwkBNnS8l6eGFD8Agwd62MKAmG1yBaCXi6V71JJ
GGZyXJl8iitnoivQwKQxO2boYTEgw0x7qJWm9YSYhbuCF0pKkSq8aNyIXgCG
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:50:39 2025 by rpki-client