Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/1fYxhat8h5SieOxyarFVdXzKgyI.roa
File: 1fYxhat8h5SieOxyarFVdXzKgyI.roa (raw, json)
Hash identifier: saGlh+VYmLmC4eqfVFl+x6908aasMoCmwh/L1NQPkkw=
Subject key identifier: D5:F6:31:85:AB:7C:87:94:A2:78:EC:72:6A:B1:55:75:7C:CA:83:22
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 0196144A83C4AB3962BADCA8E3437C486081
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/1fYxhat8h5SieOxyarFVdXzKgyI.roa
Signing time: Tue 08 Apr 2025 07:25:49 +0000
ROA not before: Tue 08 Apr 2025 07:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 195.66.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 08 Apr 2025 08:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:4a:83:c4:ab:39:62:ba:dc:a8:e3:43:7c:48:60:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Apr 8 07:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5f63185ab7c8794a278ec726ab155757cca8322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:24:0c:eb:86:3e:d9:f1:c1:ca:8b:a8:e1:77:
6f:a5:71:b5:c9:89:1a:db:ba:d1:91:ec:31:6b:43:
fe:d8:d1:7b:02:a2:64:12:9a:d4:d8:6b:93:38:ae:
d1:bd:f5:98:9f:2c:59:99:b8:dc:ca:94:af:6a:cf:
27:30:d9:e4:e5:a0:2f:44:1a:20:ef:27:74:6f:81:
1d:f7:97:cf:bb:ba:88:b9:6b:df:8d:c7:cc:9e:66:
19:57:bb:7b:0a:ec:e5:ca:d5:42:8b:76:f0:7a:9f:
2f:73:3e:46:5d:2a:81:16:ff:18:f3:dd:7e:da:a8:
da:93:44:3a:e7:60:ea:d5:45:fc:12:bf:c5:b8:d8:
af:bb:a1:64:83:ee:46:17:77:94:14:3a:be:d8:1f:
9b:59:c4:cc:85:f6:01:1f:6a:b0:26:8f:5f:fc:af:
8b:6b:8f:c3:4e:73:8d:b9:0c:b7:96:b7:4a:31:02:
33:69:da:e2:c8:49:04:cd:03:e5:91:6b:1b:df:30:
66:81:ca:04:4b:ac:0a:dc:32:d7:1a:4c:aa:dc:fb:
84:5c:b2:98:9f:72:29:ee:92:23:a0:f4:8d:df:70:
ae:0f:dc:fe:3a:a6:8a:7f:8b:94:c1:72:bf:90:98:
65:bb:a6:7d:2a:91:00:44:ae:0b:74:28:48:a5:f6:
52:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F6:31:85:AB:7C:87:94:A2:78:EC:72:6A:B1:55:75:7C:CA:83:22
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/1fYxhat8h5SieOxyarFVdXzKgyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.32.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:fa:4e:1a:0e:6b:88:40:9b:67:1d:06:c9:5f:b1:b1:d5:ae:
f6:d1:78:36:ac:95:13:8e:4b:2e:c0:f0:9f:6e:f3:c9:83:60:
cf:73:a3:bf:bb:f1:3d:eb:ff:30:e5:fe:0d:53:71:8c:3d:5f:
22:f3:01:51:8f:46:2d:4f:a9:bc:58:00:52:c9:4d:67:f1:5e:
3d:5a:0d:d6:b0:0e:53:83:63:d0:8f:e8:c2:00:78:e1:5b:da:
08:fc:6e:0f:4a:b8:6b:32:bc:e8:29:ff:89:54:da:9d:56:46:
df:56:5e:d8:88:b1:96:50:68:5a:7c:ed:ca:fa:93:38:6d:6f:
62:5c:69:87:23:c0:f8:5f:77:32:0c:0e:ba:bf:f6:29:ff:f3:
3d:c8:a8:da:d8:33:e3:4c:5d:80:86:5c:a5:f5:1e:97:6e:69:
b4:4b:d1:4e:37:45:5b:fd:80:e0:b7:89:bf:e0:73:ba:5e:6f:
dc:57:e0:df:db:9d:ab:62:e3:3e:c9:df:61:82:c1:10:bd:22:
66:05:29:23:30:6c:06:f2:15:6e:86:f9:8a:57:ff:7f:6d:ca:
c8:e5:45:3f:fd:f4:21:bb:5c:d4:a8:17:b3:7a:15:f6:e5:31:
b9:1c:87:37:d5:c9:e4:5c:d8:d3:bb:88:56:51:36:79:e4:9c:
89:00:c3:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYUSoPEqzliutyo40N8SGCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjUwNDA4MDcyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWY2MzE4NWFiN2M4Nzk0YTI3OGVjNzI2YWIxNTU3NTdjY2E4MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCQM64Y+2fHByouo4XdvpXG1yYka
27rRkewxa0P+2NF7AqJkEprU2GuTOK7RvfWYnyxZmbjcypSvas8nMNnk5aAvRBog
7yd0b4Ed95fPu7qIuWvfjcfMnmYZV7t7CuzlytVCi3bwep8vcz5GXSqBFv8Y891+
2qjak0Q652Dq1UX8Er/FuNivu6Fkg+5GF3eUFDq+2B+bWcTMhfYBH2qwJo9f/K+L
a4/DTnONuQy3lrdKMQIzadriyEkEzQPlkWsb3zBmgcoES6wK3DLXGkyq3PuEXLKY
n3Ip7pIjoPSN33CuD9z+OqaKf4uUwXK/kJhlu6Z9KpEARK4LdChIpfZSwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNX2MYWrfIeUonjscmqxVXV8yoMiMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvMWZZeGhhdDhoNVNpZU94eWFyRlZkWHpLZ3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFw0IgMA0G
CSqGSIb3DQEBCwUAA4IBAQAa+k4aDmuIQJtnHQbJX7Gx1a720Xg2rJUTjksuwPCf
bvPJg2DPc6O/u/E96/8w5f4NU3GMPV8i8wFRj0YtT6m8WABSyU1n8V49Wg3WsA5T
g2PQj+jCAHjhW9oI/G4PSrhrMrzoKf+JVNqdVkbfVl7YiLGWUGhafO3K+pM4bW9i
XGmHI8D4X3cyDA66v/Yp//M9yKja2DPjTF2Ahlyl9R6Xbmm0S9FON0Vb/YDgt4m/
4HO6Xm/cV+Df252rYuM+yd9hgsEQvSJmBSkjMGwG8hVuhvmKV/9/bcrI5UU//fQh
u1zUqBezehX25TG5HIc31cnkXNjTu4hWUTZ55JyJAMNI
-----END CERTIFICATE-----
Generated at Thu Jun 19 10:08:28 2025 by rpki-client