Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sl1kuQXOWvu6Bwm2cDPEday-09Q.roa
File: sl1kuQXOWvu6Bwm2cDPEday-09Q.roa (raw, json)
Hash identifier: o6N3SkQSBfrPIU0R9AlfdVVkIOcMREo5rD4++38gnhw=
Subject key identifier: B2:5D:64:B9:05:CE:5A:FB:BA:07:09:B6:70:33:C4:75:AC:BE:D3:D4
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019644C123F056BB3B46DAA16F57EF6A3B21
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sl1kuQXOWvu6Bwm2cDPEday-09Q.roa
Signing time: Thu 17 Apr 2025 17:17:10 +0000
ROA not before: Thu 17 Apr 2025 17:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 192.144.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 09:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:c1:23:f0:56:bb:3b:46:da:a1:6f:57:ef:6a:3b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 17 17:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b25d64b905ce5afbba0709b67033c475acbed3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f7:e2:7d:18:65:ed:de:9c:d4:a2:94:46:70:
b9:e5:59:40:7d:83:5f:58:f6:37:ff:fb:17:0c:41:
70:c4:75:ea:5a:a8:10:05:d5:82:16:01:d8:8f:58:
61:05:0e:ad:4d:cd:42:4c:9b:8c:61:2a:2e:ab:c2:
db:5f:02:81:e2:13:64:12:f7:43:dc:a8:74:e5:53:
98:49:7d:9e:c9:c8:7b:26:2a:36:db:8b:2f:34:be:
c8:20:24:a0:24:fc:9a:ff:ee:cc:80:d2:dc:ab:b7:
45:ff:bb:ce:3b:09:d6:96:55:9e:b2:52:09:85:70:
01:f6:cd:18:30:3f:54:10:11:de:7e:34:30:f2:74:
01:1d:77:a9:6f:5d:bb:91:fb:c1:19:f7:27:5a:e0:
fc:23:9d:2c:a3:18:14:11:5e:69:60:c1:3b:42:c0:
f5:a3:92:9a:11:5b:20:6c:83:9b:21:be:e6:25:7b:
28:3d:2e:42:38:a6:7a:25:bf:80:3c:bc:f8:04:33:
86:00:b2:2e:ab:37:46:c7:62:e0:7c:84:07:98:e9:
ae:48:a0:44:59:aa:d1:66:b6:e0:33:ba:7b:d3:7c:
79:ac:6c:08:e7:d5:1c:1e:80:29:61:5c:56:71:18:
14:8b:52:44:c4:61:14:92:5c:6b:38:20:5b:b4:76:
9e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5D:64:B9:05:CE:5A:FB:BA:07:09:B6:70:33:C4:75:AC:BE:D3:D4
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sl1kuQXOWvu6Bwm2cDPEday-09Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.29.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:4a:82:73:10:d2:35:4c:01:1b:07:38:7a:61:fd:1e:90:b2:
8b:71:20:7c:96:ed:d3:e7:b5:26:18:bc:c5:2a:b9:dc:4c:71:
b5:60:82:96:6e:0b:07:91:8f:01:60:b9:bb:d2:74:67:49:a1:
c9:ab:31:65:94:e0:cb:ef:81:4f:c8:30:d9:58:a1:7c:7d:10:
b0:f0:b0:91:12:70:03:ec:0f:d5:88:d3:8f:05:22:73:00:e3:
33:40:50:87:b1:a0:db:71:62:a3:10:fb:c4:8f:8e:59:00:11:
1e:30:f9:e1:d2:ad:6c:5d:3c:14:31:36:1b:c2:be:e0:03:3d:
80:a9:b4:6c:75:c1:56:0d:c6:8e:e0:ee:17:10:6e:ca:ff:13:
d5:03:7b:10:fb:4b:9a:dc:4d:e2:a5:88:8c:f1:9b:05:52:df:
9c:51:0d:f4:54:31:fb:50:fd:2b:1c:c2:11:13:7e:12:eb:cf:
71:5a:1d:a2:57:9d:51:fc:62:27:d6:2e:52:b4:03:b4:a3:8f:
f1:e1:6b:43:19:0c:8c:d6:a7:66:67:41:f2:14:2a:c8:a9:56:
72:ad:68:b2:45:8f:38:a8:39:9a:84:e2:9a:fa:bb:2e:71:06:
75:dd:fb:a7:3b:1c:2c:a6:dd:c2:47:6f:25:5e:47:a8:a5:8b:
62:cd:e0:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZEwSPwVrs7Rtqhb1fvajshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNDE3MTcxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVkNjRiOTA1Y2U1YWZiYmEwNzA5YjY3MDMzYzQ3NWFjYmVkM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPfifRhl7d6c1KKURnC55VlAfYNf
WPY3//sXDEFwxHXqWqgQBdWCFgHYj1hhBQ6tTc1CTJuMYSouq8LbXwKB4hNkEvdD
3Kh05VOYSX2eych7Jio224svNL7IICSgJPya/+7MgNLcq7dF/7vOOwnWllWeslIJ
hXAB9s0YMD9UEBHefjQw8nQBHXepb127kfvBGfcnWuD8I50soxgUEV5pYME7QsD1
o5KaEVsgbIObIb7mJXsoPS5COKZ6Jb+APLz4BDOGALIuqzdGx2LgfIQHmOmuSKBE
WarRZrbgM7p703x5rGwI59UcHoApYVxWcRgUi1JExGEUklxrOCBbtHae7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJdZLkFzlr7ugcJtnAzxHWsvtPUMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvc2wxa3VRWE9XdnU2QndtMmNEUEVkYXktMDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJAdMA0G
CSqGSIb3DQEBCwUAA4IBAQCKSoJzENI1TAEbBzh6Yf0ekLKLcSB8lu3T57UmGLzF
KrncTHG1YIKWbgsHkY8BYLm70nRnSaHJqzFllODL74FPyDDZWKF8fRCw8LCREnAD
7A/ViNOPBSJzAOMzQFCHsaDbcWKjEPvEj45ZABEeMPnh0q1sXTwUMTYbwr7gAz2A
qbRsdcFWDcaO4O4XEG7K/xPVA3sQ+0ua3E3ipYiM8ZsFUt+cUQ30VDH7UP0rHMIR
E34S689xWh2iV51R/GIn1i5StAO0o4/x4WtDGQyM1qdmZ0HyFCrIqVZyrWiyRY84
qDmahOKa+rsucQZ13funOxwspt3CR28lXkeopYtizeDr
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:26:25 2025 by rpki-client