Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/odSJKiVyfXMImU4lLoDgpq2vfQQ.roa
File: odSJKiVyfXMImU4lLoDgpq2vfQQ.roa (raw, json)
Hash identifier: xmImCVcr/+jkrAnPiywNIHuI8qzlbG3hH9+bIfYLecQ=
Subject key identifier: A1:D4:89:2A:25:72:7D:73:08:99:4E:25:2E:80:E0:A6:AD:AF:7D:04
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 0196178C497975B9269E8C024FFC0691990B
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/odSJKiVyfXMImU4lLoDgpq2vfQQ.roa
Signing time: Tue 08 Apr 2025 22:36:31 +0000
ROA not before: Tue 08 Apr 2025 22:36:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 57.250.40.0/24 maxlen: 24
57.250.42.0/24 maxlen: 24
57.250.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 13:40:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:17:8c:49:79:75:b9:26:9e:8c:02:4f:fc:06:91:99:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Apr 8 22:36:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1d4892a25727d7308994e252e80e0a6adaf7d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:53:38:ec:ab:5f:ee:4a:f7:74:85:c9:a1:
a4:fb:6e:9c:9d:e8:7b:17:4d:cb:c7:82:78:a9:82:
23:20:83:d3:27:04:80:f6:2b:70:82:bf:16:9e:b7:
c5:c6:b3:66:c4:fb:41:bb:00:1f:85:04:07:e4:00:
14:bc:2d:72:2b:30:4a:8c:b8:69:bc:8d:ee:0b:b7:
f8:56:00:c8:49:51:93:01:8a:fa:2f:e7:7d:de:f3:
dc:74:9a:11:6e:63:31:78:4f:a0:12:fe:56:1e:26:
04:a6:70:ec:88:61:11:a2:8d:c9:c4:06:80:3d:0d:
23:09:ea:19:9b:e0:23:d4:5f:fa:fc:b0:10:84:a0:
1a:bd:d6:fa:b0:3d:44:ec:13:d5:0f:7f:fa:cd:76:
48:7c:65:e7:de:84:ec:5c:22:57:9e:f3:77:c3:9c:
8d:f5:33:29:af:c8:95:87:9b:ed:12:86:43:6b:01:
81:f3:f4:bd:d3:c4:ce:0f:44:75:93:3c:1f:18:55:
1c:65:c1:13:ee:c4:ef:7c:8f:d0:0a:2c:35:82:1e:
95:71:44:d1:ce:79:b6:91:c0:16:84:4e:00:aa:db:
e3:3b:7a:25:5e:af:fb:ac:eb:b2:ef:b5:55:44:af:
a8:0e:78:33:93:a8:a2:87:34:0c:cf:65:fb:92:ce:
39:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D4:89:2A:25:72:7D:73:08:99:4E:25:2E:80:E0:A6:AD:AF:7D:04
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/odSJKiVyfXMImU4lLoDgpq2vfQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.40.0/24
57.250.42.0/24
57.250.56.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c8:2e:ad:93:8b:fe:09:80:98:8b:56:81:0f:22:2a:5e:2f:
f6:94:dc:f0:32:56:62:e5:38:67:dd:c9:b0:f6:68:0f:d8:37:
8e:e9:4f:6c:93:df:e3:68:8d:e4:94:40:19:cf:3c:7b:d2:cc:
71:82:82:2c:c3:4b:2b:fe:b3:22:40:e6:c0:40:72:4e:0f:24:
1d:1d:4a:23:79:c4:1c:6d:35:7b:20:b0:b9:af:dd:b2:5a:d6:
6a:eb:25:86:60:35:18:f8:cf:4f:d0:0b:bc:e2:03:31:e1:b3:
77:44:9c:7c:18:f8:d9:25:00:bb:75:99:fa:8c:c8:96:10:85:
02:65:95:b0:d1:da:f5:20:da:d7:ed:8e:16:68:d4:9e:32:55:
cf:98:c2:9b:1f:5a:7e:de:a8:fd:32:84:9c:18:05:ae:52:7b:
b9:e4:82:3c:67:a6:06:a6:ed:d9:e4:6b:46:a7:80:65:34:c2:
2a:c5:25:09:3f:a2:be:96:22:76:23:ab:3d:80:a0:20:f2:96:
02:81:f3:a6:42:de:47:8b:21:cc:ca:92:2e:ee:95:fe:14:ee:
3e:3b:d3:13:31:80:a3:09:b0:fe:86:0f:d0:f6:85:da:cb:4c:
83:c0:cf:f2:5a:a9:e0:77:9f:4e:b0:7d:35:6f:2d:0c:38:c1:
9c:c7:d7:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYXjEl5dbkmnowCT/wGkZkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwNDA4MjIzNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ0ODkyYTI1NzI3ZDczMDg5OTRlMjUyZTgwZTBhNmFkYWY3ZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDxTOOyrX+5K93SFyaGk+26cneh7
F03Lx4J4qYIjIIPTJwSA9itwgr8WnrfFxrNmxPtBuwAfhQQH5AAUvC1yKzBKjLhp
vI3uC7f4VgDISVGTAYr6L+d93vPcdJoRbmMxeE+gEv5WHiYEpnDsiGERoo3JxAaA
PQ0jCeoZm+Aj1F/6/LAQhKAavdb6sD1E7BPVD3/6zXZIfGXn3oTsXCJXnvN3w5yN
9TMpr8iVh5vtEoZDawGB8/S908TOD0R1kzwfGFUcZcET7sTvfI/QCiw1gh6VcUTR
znm2kcAWhE4AqtvjO3olXq/7rOuy77VVRK+oDngzk6iihzQMz2X7ks45yQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKHUiSolcn1zCJlOJS6A4Katr30EMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvb2RTSktpVnlmWE1JbVU0bExvRGdwcTJ2ZlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAOfooAwQA
OfoqAwQAOfo4MA0GCSqGSIb3DQEBCwUAA4IBAQCAyC6tk4v+CYCYi1aBDyIqXi/2
lNzwMlZi5Thn3cmw9mgP2DeO6U9sk9/jaI3klEAZzzx70sxxgoIsw0sr/rMiQObA
QHJODyQdHUojecQcbTV7ILC5r92yWtZq6yWGYDUY+M9P0Au84gMx4bN3RJx8GPjZ
JQC7dZn6jMiWEIUCZZWw0dr1INrX7Y4WaNSeMlXPmMKbH1p+3qj9MoScGAWuUnu5
5II8Z6YGpu3Z5GtGp4BlNMIqxSUJP6K+liJ2I6s9gKAg8pYCgfOmQt5HiyHMypIu
7pX+FO4+O9MTMYCjCbD+hg/Q9oXay0yDwM/yWqngd59OsH01by0MOMGcx9dM
-----END CERTIFICATE-----
Generated at Mon Jun 16 00:00:26 2025 by rpki-client