Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/9wgfy8OnrrF7TCi4J3PkbZFB4SQ.roa
File: 9wgfy8OnrrF7TCi4J3PkbZFB4SQ.roa (raw, json)
Hash identifier: t+Tqm5ORifzOLVywzE1ERiyOE47S6EoGga/HhvrK3qg=
Subject key identifier: F7:08:1F:CB:C3:A7:AE:B1:7B:4C:28:B8:27:73:E4:6D:91:41:E1:24
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 01942520E1197DF10D35860DE24AA865046A
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/9wgfy8OnrrF7TCi4J3PkbZFB4SQ.roa
Signing time: Thu 02 Jan 2025 03:48:19 +0000
ROA not before: Thu 02 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.195.0.0/22 maxlen: 24
2a01:77c0:1619::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Mar 2025 22:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:e1:19:7d:f1:0d:35:86:0d:e2:4a:a8:65:04:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Jan 2 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7081fcbc3a7aeb17b4c28b82773e46d9141e124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:59:2b:9c:24:ad:e9:91:db:59:c0:53:f5:
e6:db:10:32:f6:59:fc:ed:a0:d9:53:e9:c0:74:91:
b3:a2:3f:2d:7b:1a:98:1d:70:d2:4e:8f:0b:bb:ab:
af:17:15:25:d9:88:82:4f:33:15:bb:69:32:d8:ab:
47:f1:a2:4f:62:b7:10:94:c8:79:50:b2:a3:87:cd:
83:c4:6d:ed:c2:a1:c6:ea:bc:ab:e1:ec:78:fb:9c:
01:1e:e7:24:90:57:1c:20:0d:75:51:a0:52:d6:42:
0d:44:6b:29:62:ce:13:f0:fe:80:88:87:2f:7f:9c:
bc:c5:31:50:bd:47:1b:ae:b5:3e:88:c4:00:ca:ff:
2e:a2:0f:28:d7:65:35:a0:0b:4f:9e:b7:f8:39:36:
60:34:d5:0b:98:6e:af:fd:67:df:12:2a:56:13:cf:
ef:13:3a:4b:26:2b:91:f4:58:e2:18:3a:2f:fa:f2:
0e:7c:9c:0f:a1:3b:65:5b:69:38:79:10:5d:11:62:
26:89:63:f4:93:57:8b:dc:ff:b5:86:e3:e4:6d:bb:
07:7c:44:69:90:6d:ae:8e:0c:a0:d0:18:f3:fa:f0:
b2:8f:32:8b:90:29:6d:a7:12:cf:d1:79:d2:d4:9a:
cf:9a:7a:3d:a2:de:41:ac:ce:12:4e:fc:1f:ba:ca:
60:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:08:1F:CB:C3:A7:AE:B1:7B:4C:28:B8:27:73:E4:6D:91:41:E1:24
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/9wgfy8OnrrF7TCi4J3PkbZFB4SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.0.0/22
IPv6:
2a01:77c0:1619::/48
Signature Algorithm: sha256WithRSAEncryption
67:44:fe:06:6b:0e:d0:7d:d9:20:a3:a5:ca:00:f1:cb:da:9b:
76:63:e9:9c:17:46:76:21:1a:d2:fb:7e:ee:ba:42:0e:82:a4:
e7:20:b8:71:bb:cb:3c:68:6a:c1:15:83:86:2a:d7:a3:2a:a6:
56:1e:bd:cc:f6:54:79:b4:a0:1f:c6:4e:87:c0:c1:bd:36:9d:
45:f1:d1:6a:35:41:d3:99:df:23:66:a4:8f:19:1f:5c:f9:32:
db:b4:58:4e:b4:bc:30:76:35:22:4f:b1:02:9e:3b:95:15:d7:
3c:44:c2:74:7d:c8:d4:dc:ea:e8:34:9b:b2:70:16:f8:65:60:
19:97:8b:45:84:52:b2:28:c8:b8:ca:91:12:4b:1c:21:d4:d7:
34:35:a4:76:ea:f2:68:0e:ac:a8:20:cc:d5:8d:0b:6e:35:56:
30:84:76:53:fa:c1:7f:b3:ce:9f:c9:a8:e0:98:4e:4f:42:5e:
b5:43:8d:a0:51:9e:73:6c:e8:7e:51:c5:a4:6f:1b:56:82:d2:
73:df:0a:36:32:f0:69:05:dc:7f:2b:b5:71:98:9c:9c:ba:fd:
bd:8f:cb:9a:a3:12:a3:43:39:1d:89:de:e9:00:bb:8b:9c:87:
d5:6b:3f:1c:45:91:f9:ab:ea:ea:f6:ed:59:2d:75:d9:34:d3:
1a:d3:68:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlIOEZffENNYYN4kqoZQRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjUwMTAyMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzA4MWZjYmMzYTdhZWIxN2I0YzI4YjgyNzczZTQ2ZDkxNDFlMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokNZK5wkremR21nAU/Xm2xAy9ln8
7aDZU+nAdJGzoj8texqYHXDSTo8Lu6uvFxUl2YiCTzMVu2ky2KtH8aJPYrcQlMh5
ULKjh82DxG3twqHG6ryr4ex4+5wBHuckkFccIA11UaBS1kINRGspYs4T8P6AiIcv
f5y8xTFQvUcbrrU+iMQAyv8uog8o12U1oAtPnrf4OTZgNNULmG6v/WffEipWE8/v
EzpLJiuR9FjiGDov+vIOfJwPoTtlW2k4eRBdEWImiWP0k1eL3P+1huPkbbsHfERp
kG2ujgyg0Bjz+vCyjzKLkCltpxLP0XnS1JrPmno9ot5BrM4STvwfuspg1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPcIH8vDp66xe0wouCdz5G2RQeEkMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvOXdnZnk4T25yckY3VENpNEozUGtiWkZCNFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCucMAMA8E
AgACMAkDBwAqAXfAFhkwDQYJKoZIhvcNAQELBQADggEBAGdE/gZrDtB92SCjpcoA
8cvam3Zj6ZwXRnYhGtL7fu66Qg6CpOcguHG7yzxoasEVg4Yq16MqplYevcz2VHm0
oB/GTofAwb02nUXx0Wo1QdOZ3yNmpI8ZH1z5Mtu0WE60vDB2NSJPsQKeO5UV1zxE
wnR9yNTc6ug0m7JwFvhlYBmXi0WEUrIoyLjKkRJLHCHU1zQ1pHbq8mgOrKggzNWN
C241VjCEdlP6wX+zzp/JqOCYTk9CXrVDjaBRnnNs6H5RxaRvG1aC0nPfCjYy8GkF
3H8rtXGYnJy6/b2Py5qjEqNDOR2J3ukAu4uch9VrPxxFkfmr6ur27Vktddk00xrT
aFA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:46:08 2025 by rpki-client