Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/JPk9PyDOPb4jQ4-vSF17EXQHaTU.roa
File: JPk9PyDOPb4jQ4-vSF17EXQHaTU.roa (raw, json)
Hash identifier: rJfki5NB/+ceLQQyjf4JW9+YXoPM9fTsOapORp0UXWo=
Subject key identifier: 24:F9:3D:3F:20:CE:3D:BE:23:43:8F:AF:48:5D:7B:11:74:07:69:35
Certificate issuer: /CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Certificate serial: 01960465E8E736C41BBF914D84AA92FE0775
Authority key identifier: D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/JPk9PyDOPb4jQ4-vSF17EXQHaTU.roa
Signing time: Sat 05 Apr 2025 05:21:49 +0000
ROA not before: Sat 05 Apr 2025 05:21:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.104.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 05:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:04:65:e8:e7:36:c4:1b:bf:91:4d:84:aa:92:fe:07:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Validity
Not Before: Apr 5 05:21:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24f93d3f20ce3dbe23438faf485d7b1174076935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6f:72:9f:1d:6c:df:af:76:b0:a9:70:a8:38:
63:89:1d:b1:a8:d5:c1:1c:81:dc:99:0d:e0:55:18:
f6:e2:74:c4:82:a6:ac:23:f2:ac:a7:fd:e6:36:09:
e8:9b:b8:fd:a6:d5:3d:5d:23:80:89:6d:7d:21:f9:
25:ad:50:1e:eb:b7:03:cb:f8:bb:f9:5c:a7:13:f6:
9f:28:09:7a:a6:ab:b7:5f:3e:f2:75:c5:2a:4c:77:
79:61:1d:da:14:d0:2c:52:bf:06:07:e2:c8:97:16:
c5:9b:2b:b2:50:db:bd:49:17:87:e4:8f:6a:6b:3a:
6d:8c:df:5e:ad:59:f7:3d:06:12:96:7e:0b:22:ff:
29:2d:86:d3:69:74:ee:da:3e:09:28:32:c3:5e:d3:
50:cc:cf:4d:2d:d7:bd:77:9d:7f:da:e2:ca:74:40:
fb:6c:ef:c6:84:78:64:e8:2d:89:7c:a0:26:02:0b:
4a:12:18:2f:27:5a:99:e6:90:d7:81:24:e7:23:13:
00:38:dc:2c:12:e9:0f:70:13:f4:6f:4c:08:3c:49:
ed:fc:be:92:e3:0b:29:35:78:07:ff:28:c4:7a:fb:
48:c9:56:cb:a7:96:74:dd:24:d9:3d:1a:d1:db:f2:
8a:86:0a:4d:57:e8:57:6d:ce:c7:2e:eb:18:74:3f:
e2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F9:3D:3F:20:CE:3D:BE:23:43:8F:AF:48:5D:7B:11:74:07:69:35
X509v3 Authority Key Identifier:
keyid:D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/JPk9PyDOPb4jQ4-vSF17EXQHaTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.33.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b5:2d:48:43:b7:26:ef:13:2e:06:f0:61:80:23:2d:04:51:
ff:7d:79:b3:6a:99:37:1e:6c:7a:02:3a:b6:b8:90:e3:7e:03:
08:57:9a:29:57:cd:28:a9:08:dc:b6:9f:d1:f2:34:c9:53:08:
d1:69:ac:ed:e5:dd:d3:97:c5:78:06:2d:f5:52:29:bc:2e:12:
60:ce:2d:0d:59:35:a8:11:9d:92:3d:c7:0c:7d:d9:fc:b4:2d:
f2:80:a6:24:e1:42:17:87:c7:9a:65:35:01:56:27:a0:c5:71:
ab:d9:63:4a:ff:90:06:65:df:36:c5:b5:ec:83:9f:5b:9e:82:
69:c0:86:bf:17:b3:04:61:46:24:4b:d5:38:2b:a5:cb:07:37:
ee:84:45:39:87:dd:ea:a6:a5:c4:ea:b4:b0:48:fc:8a:c7:ce:
87:46:40:6d:63:d3:e1:25:3d:95:77:32:d6:6c:91:d9:c1:81:
2b:17:f8:28:bd:a0:fb:e2:4e:bc:ed:7b:4b:ed:f4:71:20:da:
61:32:37:fa:a2:a5:81:0c:63:89:28:6f:8d:5c:89:57:05:d9:
c5:fb:06:e2:42:a1:b1:92:49:f3:e3:4b:29:41:fb:8a:53:27:
19:aa:03:30:c4:41:c7:8a:be:7b:88:57:e1:ff:39:b3:4d:c9:
d1:45:9b:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYEZejnNsQbv5FNhKqS/gd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2E2NzYxMDI4NmFiNzM4Zjg2Y2U5MzVmZGY1ZWQ2MjBm
MDJkOTYwHhcNMjUwNDA1MDUyMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGY5M2QzZjIwY2UzZGJlMjM0MzhmYWY0ODVkN2IxMTc0MDc2OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA429ynx1s3692sKlwqDhjiR2xqNXB
HIHcmQ3gVRj24nTEgqasI/Ksp/3mNgnom7j9ptU9XSOAiW19IfklrVAe67cDy/i7
+VynE/afKAl6pqu3Xz7ydcUqTHd5YR3aFNAsUr8GB+LIlxbFmyuyUNu9SReH5I9q
azptjN9erVn3PQYSln4LIv8pLYbTaXTu2j4JKDLDXtNQzM9NLde9d51/2uLKdED7
bO/GhHhk6C2JfKAmAgtKEhgvJ1qZ5pDXgSTnIxMAONwsEukPcBP0b0wIPEnt/L6S
4wspNXgH/yjEevtIyVbLp5Z03STZPRrR2/KKhgpNV+hXbc7HLusYdD/iAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCT5PT8gzj2+I0OPr0hdexF0B2k1MB8GA1UdIwQY
MBaAFNHKZ2EChqtzj4bOk1/fXtYg8C2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUt
MzViZmY5NmRhNGM1LzEvSlBrOVB5RE9QYjRqUTQtdlNGMTdFWFFIYVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUtMzViZmY5NmRhNGM1
LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWghMA0G
CSqGSIb3DQEBCwUAA4IBAQAAtS1IQ7cm7xMuBvBhgCMtBFH/fXmzapk3Hmx6Ajq2
uJDjfgMIV5opV80oqQjctp/R8jTJUwjRaazt5d3Tl8V4Bi31Uim8LhJgzi0NWTWo
EZ2SPccMfdn8tC3ygKYk4UIXh8eaZTUBViegxXGr2WNK/5AGZd82xbXsg59bnoJp
wIa/F7MEYUYkS9U4K6XLBzfuhEU5h93qpqXE6rSwSPyKx86HRkBtY9PhJT2VdzLW
bJHZwYErF/govaD74k687XtL7fRxINphMjf6oqWBDGOJKG+NXIlXBdnF+wbiQqGx
kknz40spQfuKUycZqgMwxEHHir57iFfh/zmzTcnRRZsu
-----END CERTIFICATE-----
Generated at Thu May 1 06:40:59 2025 by rpki-client