Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/fNmjjRgoFfu12fIad0Ru6NPx8EA.roa
File: fNmjjRgoFfu12fIad0Ru6NPx8EA.roa (raw, json)
Hash identifier: KArFnYnBzojeTZRCn4KfVAyXzA/SZ9xvfyXxB4u7qs0=
Subject key identifier: 7C:D9:A3:8D:18:28:15:FB:B5:D9:F2:1A:77:44:6E:E8:D3:F1:F0:40
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019422202D5612293608B6010B059936E999
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/fNmjjRgoFfu12fIad0Ru6NPx8EA.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48430
IP address blocks: 185.139.212.0/22 maxlen: 22
2a07:1840::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 01 Apr 2025 23:40:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2d:56:12:29:36:08:b6:01:0b:05:99:36:e9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cd9a38d182815fbb5d9f21a77446ee8d3f1f040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:61:c9:9a:ef:c2:76:2c:d2:f7:a0:7c:2f:a5:
db:dd:00:04:32:b4:7a:d5:34:dd:0f:dc:1f:ea:cc:
f0:21:f3:5b:11:67:15:9d:21:f2:9f:53:ff:85:b6:
da:f2:53:71:31:33:44:ca:4e:66:13:77:1d:92:4b:
88:59:26:28:43:22:2f:7c:bd:a2:07:d5:5b:1d:af:
79:92:d6:9a:a4:10:6e:26:8a:a4:39:09:bc:bb:46:
ae:b9:7f:31:63:f6:40:6b:11:e7:67:ea:1f:3c:db:
cc:6a:ef:28:1e:82:45:fc:f9:93:8f:90:dd:ed:d1:
6b:d6:84:d6:92:9d:ef:11:63:97:5a:7f:5d:67:dd:
fd:61:5c:57:9d:b6:16:f1:d4:f1:3f:90:b9:5d:f8:
a1:f0:8f:66:ea:ce:cf:a4:57:c9:18:90:b8:50:75:
8f:58:91:21:b8:9c:04:cb:1b:af:a5:12:b1:d0:55:
30:54:c7:7d:b7:d1:ac:ed:e9:22:cd:53:9e:4e:65:
83:26:d2:f2:94:1e:4a:52:a5:7d:85:d3:d6:20:c1:
44:dd:63:e8:88:7c:33:b2:ee:64:6c:56:3b:dc:bb:
f0:61:8d:c1:e8:ac:18:d9:72:84:eb:04:df:5d:8c:
72:37:48:cf:bb:7e:d1:2b:0e:70:84:c2:bc:c2:da:
6e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D9:A3:8D:18:28:15:FB:B5:D9:F2:1A:77:44:6E:E8:D3:F1:F0:40
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/fNmjjRgoFfu12fIad0Ru6NPx8EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.212.0/22
IPv6:
2a07:1840::/32
Signature Algorithm: sha256WithRSAEncryption
05:c4:5d:39:bd:55:17:8c:65:cc:d7:0e:7b:bf:09:e9:ba:55:
cf:04:b0:9a:24:7f:e7:be:1a:56:a5:8d:b7:67:3f:ca:1c:fc:
e9:93:10:de:4e:2f:0c:5e:d3:5e:4e:bf:56:52:53:31:b5:cd:
21:64:3a:f7:44:11:43:6c:1f:7e:82:20:69:f3:b4:be:19:f8:
c5:59:60:22:c9:ce:0c:a0:9e:14:52:58:26:5c:7e:86:e7:1c:
8e:05:c7:29:2e:7d:cb:82:07:f2:d5:8a:16:8a:f8:1d:f1:6d:
61:1a:ad:5f:39:40:c0:eb:05:56:52:d7:32:ba:78:d6:20:6a:
41:ee:18:eb:aa:d7:b0:15:e7:ce:5f:cb:d5:1f:1b:e2:5d:83:
b2:f8:80:a5:d2:a6:be:7a:bb:cb:84:69:7d:6c:0d:5a:24:a8:
10:ad:94:7c:a2:ac:ce:e3:95:99:eb:f2:64:c3:87:ea:1c:36:
d2:76:1b:59:7f:2a:2f:de:79:df:e6:cd:01:bf:da:41:eb:16:
c8:f3:9c:cb:6d:be:58:07:c1:df:33:70:07:b8:e8:91:cb:bb:
68:97:66:89:fc:4e:3c:8b:06:35:8c:84:c6:b0:e1:e9:35:6a:
15:e2:d0:fd:78:a4:aa:01:e9:39:13:cc:5e:3f:ed:c3:7b:4e:
da:28:e8:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiIC1WEik2CLYBCwWZNumZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q5YTM4ZDE4MjgxNWZiYjVkOWYyMWE3NzQ0NmVlOGQzZjFmMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mHJmu/CdizS96B8L6Xb3QAEMrR6
1TTdD9wf6szwIfNbEWcVnSHyn1P/hbba8lNxMTNEyk5mE3cdkkuIWSYoQyIvfL2i
B9VbHa95ktaapBBuJoqkOQm8u0auuX8xY/ZAaxHnZ+ofPNvMau8oHoJF/PmTj5Dd
7dFr1oTWkp3vEWOXWn9dZ939YVxXnbYW8dTxP5C5Xfih8I9m6s7PpFfJGJC4UHWP
WJEhuJwEyxuvpRKx0FUwVMd9t9Gs7ekizVOeTmWDJtLylB5KUqV9hdPWIMFE3WPo
iHwzsu5kbFY73LvwYY3B6KwY2XKE6wTfXYxyN0jPu37RKw5whMK8wtpuVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHzZo40YKBX7tdnyGndEbujT8fBAMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvZk5tampSZ29GZnUxMmZJYWQwUnU2TlB4OEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYvUMA0E
AgACMAcDBQAqBxhAMA0GCSqGSIb3DQEBCwUAA4IBAQAFxF05vVUXjGXM1w57vwnp
ulXPBLCaJH/nvhpWpY23Zz/KHPzpkxDeTi8MXtNeTr9WUlMxtc0hZDr3RBFDbB9+
giBp87S+GfjFWWAiyc4MoJ4UUlgmXH6G5xyOBccpLn3Lggfy1YoWivgd8W1hGq1f
OUDA6wVWUtcyunjWIGpB7hjrqtewFefOX8vVHxviXYOy+ICl0qa+ervLhGl9bA1a
JKgQrZR8oqzO45WZ6/Jkw4fqHDbSdhtZfyov3nnf5s0Bv9pB6xbI85zLbb5YB8Hf
M3AHuOiRy7tol2aJ/E48iwY1jITGsOHpNWoV4tD9eKSqAek5E8xeP+3De07aKOgR
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:01:43 2025 by rpki-client