Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/1tjQDdorUUjd2-JkSeIVbdli36k.roa
File: 1tjQDdorUUjd2-JkSeIVbdli36k.roa (raw, json)
Hash identifier: 5VaXaPfhvRv/ESpyO9Ufp86jqjNmgzvI36+7WFUryY4=
Subject key identifier: D6:D8:D0:0D:DA:2B:51:48:DD:DB:E2:64:49:E2:15:6D:D9:62:DF:A9
Certificate issuer: /CN=26425863c309f2655b884c1600394c4338e7fb41
Certificate serial: 019625133D7F60731CFE97AD2C68A7AA9AC7
Authority key identifier: 26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/1tjQDdorUUjd2-JkSeIVbdli36k.roa
Signing time: Fri 11 Apr 2025 13:39:00 +0000
ROA not before: Fri 11 Apr 2025 13:39:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210511
IP address blocks: 109.107.154.0/24 maxlen: 24
195.60.172.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 12 Apr 2025 08:23:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:25:13:3d:7f:60:73:1c:fe:97:ad:2c:68:a7:aa:9a:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26425863c309f2655b884c1600394c4338e7fb41
Validity
Not Before: Apr 11 13:39:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6d8d00dda2b5148dddbe26449e2156dd962dfa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:66:29:30:1d:9a:32:42:b3:58:ca:92:e7:5c:
1b:5e:c7:d1:35:2a:61:e8:3d:b0:9d:e0:c6:55:ad:
d7:9e:17:e5:16:79:5e:5d:14:58:5e:1b:81:02:14:
b6:0b:37:66:c0:32:16:44:34:c0:91:18:a3:fd:1f:
d9:f8:d1:0c:5f:95:70:0e:f8:16:79:bc:ff:7a:f0:
92:c9:94:a1:18:71:f5:fb:fb:16:d5:df:05:ab:f0:
8b:1f:97:05:79:8a:28:43:b2:e2:11:f8:9d:93:62:
01:76:54:ce:70:16:c0:9a:63:96:0b:56:de:8c:2b:
26:d0:6b:bd:f6:9f:8d:8d:22:c8:ee:35:bc:02:17:
5d:c7:ab:43:fc:4c:7d:a7:68:76:40:93:f3:7d:ef:
61:cf:14:e3:d7:03:50:25:12:c8:04:14:9d:aa:fc:
28:6a:2d:bf:9b:dd:32:ef:04:3a:52:8e:7e:e9:7a:
27:ea:a2:bf:35:0d:4f:42:b4:c9:7e:10:17:8d:dd:
34:b1:e6:94:ed:41:55:93:75:39:88:9d:f5:d1:a4:
76:fa:4e:bc:a1:17:fd:28:f7:71:0a:ba:f0:cc:c1:
27:8c:f7:c6:4a:77:9b:70:4c:1e:70:fe:06:25:74:
9b:1d:97:fc:2d:00:1e:ad:ba:21:c2:73:0b:31:56:
3a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D8:D0:0D:DA:2B:51:48:DD:DB:E2:64:49:E2:15:6D:D9:62:DF:A9
X509v3 Authority Key Identifier:
keyid:26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/1tjQDdorUUjd2-JkSeIVbdli36k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.154.0/24
195.60.172.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:50:63:b4:ca:09:d0:f2:c7:b6:99:ac:49:37:69:14:ca:f0:
bc:4d:8c:a5:ed:35:ae:e8:93:07:85:8d:f3:2f:7b:a7:3d:f6:
3c:ae:c8:56:81:27:2e:e4:15:bf:11:d9:01:96:bc:ff:61:96:
3a:c0:14:64:34:58:9b:10:01:83:4d:1c:80:d7:86:db:fc:26:
25:24:3d:4f:58:c4:42:24:e2:3f:40:8a:e0:44:f5:19:33:60:
9e:b0:ee:0f:9d:4c:74:16:03:ca:fe:93:00:ff:26:ad:e5:40:
ac:fe:e0:b3:25:16:1e:fb:7e:9f:b5:62:19:09:e9:d3:0a:d2:
12:8c:be:65:a9:96:63:9c:67:04:a7:09:b6:77:b9:c8:ce:6a:
e3:43:ac:67:20:13:ca:16:5e:cf:59:c0:97:f4:59:15:e7:f2:
50:80:81:5b:ca:d2:b3:ee:ee:3a:dd:d8:d2:6b:ae:95:e0:b9:
fb:bc:cd:7f:93:7b:91:ce:86:0a:34:e6:84:07:a3:4b:1d:05:
4e:b5:d0:22:ef:14:cc:15:d2:39:6f:d5:1c:27:a1:19:63:a8:
a9:1d:55:26:31:af:5e:c6:ae:ca:a0:d3:63:71:35:56:82:f7:
7e:0c:de:75:e8:31:f5:5f:d1:e2:1c:70:5b:80:15:73:58:f0:
ad:a0:2a:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYlEz1/YHMc/petLGinqprHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDI1ODYzYzMwOWYyNjU1Yjg4NGMxNjAwMzk0YzQzMzhl
N2ZiNDEwHhcNMjUwNDExMTMzOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ4ZDAwZGRhMmI1MTQ4ZGRkYmUyNjQ0OWUyMTU2ZGQ5NjJkZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2YpMB2aMkKzWMqS51wbXsfRNSph
6D2wneDGVa3XnhflFnleXRRYXhuBAhS2CzdmwDIWRDTAkRij/R/Z+NEMX5VwDvgW
ebz/evCSyZShGHH1+/sW1d8Fq/CLH5cFeYooQ7LiEfidk2IBdlTOcBbAmmOWC1be
jCsm0Gu99p+NjSLI7jW8Ahddx6tD/Ex9p2h2QJPzfe9hzxTj1wNQJRLIBBSdqvwo
ai2/m90y7wQ6Uo5+6Xon6qK/NQ1PQrTJfhAXjd00seaU7UFVk3U5iJ310aR2+k68
oRf9KPdxCrrwzMEnjPfGSnebcEwecP4GJXSbHZf8LQAerbohwnMLMVY63wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNbY0A3aK1FI3dviZEniFW3ZYt+pMB8GA1UdIwQY
MBaAFCZCWGPDCfJlW4hMFgA5TEM45/tBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMt
YzE0ZjZiYTI1Y2IwLzEvMXRqUURkb3JVVWpkMi1Ka1NlSVZiZGxpMzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMtYzE0ZjZiYTI1Y2Iw
LzEvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbWuaAwQB
wzysMA0GCSqGSIb3DQEBCwUAA4IBAQB7UGO0ygnQ8se2maxJN2kUyvC8TYyl7TWu
6JMHhY3zL3unPfY8rshWgScu5BW/EdkBlrz/YZY6wBRkNFibEAGDTRyA14bb/CYl
JD1PWMRCJOI/QIrgRPUZM2CesO4PnUx0FgPK/pMA/yat5UCs/uCzJRYe+36ftWIZ
CenTCtISjL5lqZZjnGcEpwm2d7nIzmrjQ6xnIBPKFl7PWcCX9FkV5/JQgIFbytKz
7u463djSa66V4Ln7vM1/k3uRzoYKNOaEB6NLHQVOtdAi7xTMFdI5b9UcJ6EZY6ip
HVUmMa9exq7KoNNjcTVWgvd+DN516DH1X9HiHHBbgBVzWPCtoCrq
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:29:11 2025 by rpki-client