Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DgYCSfvZPCkAfWtZ9FiGAckWNvs.roa
File: DgYCSfvZPCkAfWtZ9FiGAckWNvs.roa (raw, json)
Hash identifier: TgTTbzWHot/ONdH06nZJh+YUhEp/DByssZu0fbR4/WM=
Subject key identifier: 0E:06:02:49:FB:D9:3C:29:00:7D:6B:59:F4:58:86:01:C9:16:36:FB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01961A4E2D863BB543A94447185B00BF63F1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DgYCSfvZPCkAfWtZ9FiGAckWNvs.roa
Signing time: Wed 09 Apr 2025 11:27:33 +0000
ROA not before: Wed 09 Apr 2025 11:27:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21840
IP address blocks: 194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 10:14:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:4e:2d:86:3b:b5:43:a9:44:47:18:5b:00:bf:63:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 9 11:27:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e060249fbd93c29007d6b59f4588601c91636fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:cb:b3:c6:94:46:af:d3:d8:6a:0d:58:ba:06:
4c:46:56:b0:17:78:cf:bc:6f:0f:06:57:d3:a1:cc:
04:47:cb:b7:2a:fc:51:36:14:86:64:0e:19:12:ee:
10:00:89:7a:89:4c:55:0b:b4:dd:80:7f:83:0d:8c:
9f:4f:25:51:51:94:24:18:8b:4b:46:75:d6:47:1e:
08:94:f2:0e:33:f8:16:83:d6:03:2a:75:03:2a:36:
7e:bb:44:0e:c1:a7:7d:ac:1f:8f:e7:02:9a:0d:1f:
59:7e:a6:f6:75:8c:89:14:e5:c4:35:ec:90:81:d2:
92:16:c0:db:2a:24:9e:76:49:5c:a5:7e:55:7d:1c:
49:8f:4c:66:97:85:5c:87:90:b2:e9:c0:42:ee:01:
72:ca:6f:c9:b8:5c:1b:e5:e1:f3:fb:4f:06:f3:b4:
9d:fc:46:76:c0:bb:0c:3b:04:62:48:31:e1:3a:a7:
ed:de:50:d5:45:c1:3a:42:51:1a:4b:b9:37:82:f9:
0c:a3:92:12:45:23:3e:79:0b:df:b1:a4:51:a5:c8:
87:df:e9:80:78:7c:90:c4:9f:39:f8:ce:93:75:e2:
3c:1c:b9:e7:21:40:f5:92:e6:9f:a7:bf:10:a4:b2:
8b:37:40:f1:2b:65:92:2c:61:b7:77:43:ca:8a:3e:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:06:02:49:FB:D9:3C:29:00:7D:6B:59:F4:58:86:01:C9:16:36:FB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/DgYCSfvZPCkAfWtZ9FiGAckWNvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bf:04:2c:b0:c0:8e:50:93:ab:75:81:77:9b:87:e7:2b:58:
78:62:80:15:ac:cf:b0:66:79:af:ac:71:91:4f:98:92:e9:24:
9e:be:2b:85:12:cb:83:a7:ca:18:a7:c0:43:a5:a0:98:5f:ae:
8e:ef:ee:86:57:33:57:9b:76:7e:28:0f:84:9a:45:b9:51:14:
b5:7d:4b:02:d4:0d:6c:f3:55:bb:8e:66:25:46:72:8f:89:69:
49:b0:1e:e1:0d:ec:bc:b8:1f:5c:82:3f:8f:a8:c3:42:36:00:
88:ee:f6:30:13:5f:ce:a6:11:8c:31:3c:ac:f3:d9:09:ea:92:
a1:6a:e5:e8:17:bd:df:70:e3:52:d2:e7:9a:c0:b9:52:d2:02:
9a:10:02:93:71:71:59:99:37:09:95:6e:c5:6d:4a:7e:00:41:
d3:76:85:11:b7:20:43:0c:2b:4f:f7:52:59:0b:fe:32:37:dd:
f0:52:8a:51:0e:97:32:05:ae:14:f8:ed:51:42:31:81:a1:3a:
cf:76:6c:8d:f2:86:e6:d9:75:c3:42:90:f8:f1:3b:d7:8a:8f:
47:6e:3f:19:a2:81:a3:24:15:b3:32:47:8d:a4:52:4a:74:90:
01:91:b6:6c:d2:fd:a5:5d:89:87:dd:3a:a4:05:d7:8c:62:d5:
42:f8:05:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYaTi2GO7VDqURHGFsAv2PxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDA5MTEyNzMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA2MDI0OWZiZDkzYzI5MDA3ZDZiNTlmNDU4ODYwMWM5MTYzNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cuzxpRGr9PYag1YugZMRlawF3jP
vG8PBlfTocwER8u3KvxRNhSGZA4ZEu4QAIl6iUxVC7TdgH+DDYyfTyVRUZQkGItL
RnXWRx4IlPIOM/gWg9YDKnUDKjZ+u0QOwad9rB+P5wKaDR9Zfqb2dYyJFOXENeyQ
gdKSFsDbKiSedklcpX5VfRxJj0xml4Vch5Cy6cBC7gFyym/JuFwb5eHz+08G87Sd
/EZ2wLsMOwRiSDHhOqft3lDVRcE6QlEaS7k3gvkMo5ISRSM+eQvfsaRRpciH3+mA
eHyQxJ85+M6TdeI8HLnnIUD1kuafp78QpLKLN0DxK2WSLGG3d0PKij4FhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA4GAkn72TwpAH1rWfRYhgHJFjb7MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRGdZQ1NmdlpQQ2tBZld0WjlGaUdBY2tXTnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkysMA0G
CSqGSIb3DQEBCwUAA4IBAQAOvwQssMCOUJOrdYF3m4fnK1h4YoAVrM+wZnmvrHGR
T5iS6SSeviuFEsuDp8oYp8BDpaCYX66O7+6GVzNXm3Z+KA+EmkW5URS1fUsC1A1s
81W7jmYlRnKPiWlJsB7hDey8uB9cgj+PqMNCNgCI7vYwE1/OphGMMTys89kJ6pKh
auXoF73fcONS0ueawLlS0gKaEAKTcXFZmTcJlW7FbUp+AEHTdoURtyBDDCtP91JZ
C/4yN93wUopRDpcyBa4U+O1RQjGBoTrPdmyN8obm2XXDQpD48TvXio9Hbj8ZooGj
JBWzMkeNpFJKdJABkbZs0v2lXYmH3TqkBdeMYtVC+AUK
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:55:09 2025 by rpki-client