Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/Cm2T2yL74dStBNHHIbZ5DIpBP0M.roa
File: Cm2T2yL74dStBNHHIbZ5DIpBP0M.roa (raw, json)
Hash identifier: 0GmN6mHGa7ChJE0GxzZSVhpOkLQbXr6/8vSF7J4UQYc=
Subject key identifier: 0A:6D:93:DB:22:FB:E1:D4:AD:04:D1:C7:21:B6:79:0C:8A:41:3F:43
Certificate issuer: /CN=655aef3cef3d9afa027db33579f4a1fe8ad91c6f
Certificate serial: 0190729F91F14C57B937B9C9061008295DB4
Authority key identifier: 65:5A:EF:3C:EF:3D:9A:FA:02:7D:B3:35:79:F4:A1:FE:8A:D9:1C:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZVrvPO89mvoCfbM1efSh_orZHG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/Cm2T2yL74dStBNHHIbZ5DIpBP0M.roa
Signing time: Tue 02 Jul 2024 08:46:18 +0000
ROA not before: Tue 02 Jul 2024 08:46:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200654
IP address blocks: 185.100.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:9f:91:f1:4c:57:b9:37:b9:c9:06:10:08:29:5d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=655aef3cef3d9afa027db33579f4a1fe8ad91c6f
Validity
Not Before: Jul 2 08:46:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a6d93db22fbe1d4ad04d1c721b6790c8a413f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:55:0d:4c:af:88:53:26:3c:f3:12:ba:4c:16:
cb:96:c5:d1:14:d3:59:9b:4b:e1:8f:bf:e8:dd:eb:
dc:ad:7b:9a:40:5d:70:3f:00:df:f4:59:a2:d9:f4:
47:d3:4d:68:63:2c:63:db:98:53:e4:b6:2b:71:5f:
08:22:4e:b8:6c:5e:54:e1:1f:65:3b:01:11:c1:83:
15:30:8a:b5:f2:a3:a8:b5:c7:ce:ca:42:86:a3:4e:
66:9d:0f:f3:d2:70:c2:a9:70:0f:c6:b9:89:1b:81:
95:67:f7:63:56:52:c0:98:59:2d:24:63:b1:df:be:
36:77:0f:ff:d4:aa:78:0d:9a:87:5b:aa:83:a0:ae:
e7:59:12:39:b7:79:8c:72:1c:f6:6d:b3:1b:f6:46:
7b:90:18:30:b6:1a:a9:fa:5e:5e:a1:fa:95:ea:cc:
14:c0:e9:4b:ab:bd:6a:e8:44:d0:ec:d4:c7:c8:d4:
f6:a6:e5:4b:50:e8:80:4c:5b:a0:6a:b1:69:66:31:
c6:cd:bf:7c:8f:94:16:aa:9f:bf:2c:bb:39:2a:a5:
84:4b:3f:c6:63:9d:6a:9f:48:9d:6b:1e:56:ee:ad:
c1:af:13:a1:d4:cc:83:3e:35:18:16:31:64:41:53:
4c:9f:97:7b:95:61:d4:84:b2:34:55:4b:82:6c:e6:
f2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:6D:93:DB:22:FB:E1:D4:AD:04:D1:C7:21:B6:79:0C:8A:41:3F:43
X509v3 Authority Key Identifier:
keyid:65:5A:EF:3C:EF:3D:9A:FA:02:7D:B3:35:79:F4:A1:FE:8A:D9:1C:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZVrvPO89mvoCfbM1efSh_orZHG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/Cm2T2yL74dStBNHHIbZ5DIpBP0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e2ee51-1523-436e-ac75-ef6bd26a0305/1/ZVrvPO89mvoCfbM1efSh_orZHG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.20.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:25:bb:e3:b7:a3:85:88:87:73:3e:49:99:2d:3f:2d:7e:2c:
64:f8:f7:82:10:3b:2f:49:33:6f:86:80:75:2c:b6:06:62:d9:
a1:2e:52:9e:af:75:0e:4e:58:5a:ac:ae:dc:fd:1d:49:10:43:
2d:ef:a0:20:8c:07:61:b3:82:58:4f:93:a0:65:e8:4f:a3:d6:
17:9b:51:50:f9:42:e0:d8:a8:75:fa:82:d6:2c:85:b8:36:7d:
fb:87:f6:49:19:65:26:94:f0:75:31:26:cf:5d:91:8f:7b:6c:
b6:53:e6:af:f0:9d:43:e6:1f:bd:48:36:50:b7:b5:1a:72:6d:
6a:f4:ca:20:2d:ae:48:da:12:2c:3f:b8:f5:d5:87:d7:fe:c3:
ec:1f:ee:58:eb:e4:4e:be:7c:e5:46:18:57:74:b9:87:65:80:
d7:2f:b6:70:76:83:39:77:29:49:a9:64:09:15:da:90:59:88:
e2:a9:16:91:75:48:d3:c5:ba:0d:f3:9a:81:d9:e6:f7:3b:e6:
42:20:d4:b7:ac:cc:a0:0b:59:84:78:a8:1a:21:76:df:de:f8:
f3:70:e2:df:9e:05:af:e7:b1:ce:b3:cc:7d:fc:42:13:2c:b1:
d5:b1:cd:1f:91:4c:e3:da:93:02:f1:27:9a:14:62:81:62:03:
2a:3d:09:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZByn5HxTFe5N7nJBhAIKV20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NWFlZjNjZWYzZDlhZmEwMjdkYjMzNTc5ZjRhMWZlOGFk
OTFjNmYwHhcNMjQwNzAyMDg0NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTZkOTNkYjIyZmJlMWQ0YWQwNGQxYzcyMWI2NzkwYzhhNDEzZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1UNTK+IUyY88xK6TBbLlsXRFNNZ
m0vhj7/o3evcrXuaQF1wPwDf9Fmi2fRH001oYyxj25hT5LYrcV8IIk64bF5U4R9l
OwERwYMVMIq18qOotcfOykKGo05mnQ/z0nDCqXAPxrmJG4GVZ/djVlLAmFktJGOx
3742dw//1Kp4DZqHW6qDoK7nWRI5t3mMchz2bbMb9kZ7kBgwthqp+l5eofqV6swU
wOlLq71q6ETQ7NTHyNT2puVLUOiATFugarFpZjHGzb98j5QWqp+/LLs5KqWESz/G
Y51qn0idax5W7q3BrxOh1MyDPjUYFjFkQVNMn5d7lWHUhLI0VUuCbOby6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAptk9si++HUrQTRxyG2eQyKQT9DMB8GA1UdIwQY
MBaAFGVa7zzvPZr6An2zNXn0of6K2RxvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlZydlBPODltdm9DZmJNMWVmU2hfb3JaSEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lMmVlNTEtMTUyMy00MzZlLWFjNzUt
ZWY2YmQyNmEwMzA1LzEvQ20yVDJ5TDc0ZFN0Qk5ISEliWjVESXBCUDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9lMmVlNTEtMTUyMy00MzZlLWFjNzUtZWY2YmQyNmEwMzA1
LzEvWlZydlBPODltdm9DZmJNMWVmU2hfb3JaSEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWQUMA0G
CSqGSIb3DQEBCwUAA4IBAQBvJbvjt6OFiIdzPkmZLT8tfixk+PeCEDsvSTNvhoB1
LLYGYtmhLlKer3UOTlharK7c/R1JEEMt76AgjAdhs4JYT5OgZehPo9YXm1FQ+ULg
2Kh1+oLWLIW4Nn37h/ZJGWUmlPB1MSbPXZGPe2y2U+av8J1D5h+9SDZQt7Uacm1q
9MogLa5I2hIsP7j11YfX/sPsH+5Y6+ROvnzlRhhXdLmHZYDXL7ZwdoM5dylJqWQJ
FdqQWYjiqRaRdUjTxboN85qB2eb3O+ZCINS3rMygC1mEeKgaIXbf3vjzcOLfngWv
57HOs8x9/EITLLHVsc0fkUzj2pMC8SeaFGKBYgMqPQmD
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:56:40 2025 by rpki-client