Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/SOs2yeYIMBoUiIKsf1J8z9yTPwc.roa
File: SOs2yeYIMBoUiIKsf1J8z9yTPwc.roa (raw, json)
Hash identifier: 8QUebxXfHVD+s7tlUSrh9wUD/NAncBNTL0FV6oXTb6M=
Subject key identifier: 48:EB:36:C9:E6:08:30:1A:14:88:82:AC:7F:52:7C:CF:DC:93:3F:07
Certificate issuer: /CN=761624dddc5c0279c7f8c9ff1288a4d3044c0847
Certificate serial: 0193AD441D26D09B8408F481FD4FA5DB83A8
Authority key identifier: 76:16:24:DD:DC:5C:02:79:C7:F8:C9:FF:12:88:A4:D3:04:4C:08:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/SOs2yeYIMBoUiIKsf1J8z9yTPwc.roa
Signing time: Mon 09 Dec 2024 21:12:22 +0000
ROA not before: Mon 09 Dec 2024 21:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202865
IP address blocks: 185.152.68.0/22 maxlen: 22
185.152.68.0/24 maxlen: 24
185.152.69.0/24 maxlen: 24
185.152.70.0/24 maxlen: 24
185.152.71.0/24 maxlen: 24
2a07:8100::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ad:44:1d:26:d0:9b:84:08:f4:81:fd:4f:a5:db:83:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=761624dddc5c0279c7f8c9ff1288a4d3044c0847
Validity
Not Before: Dec 9 21:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48eb36c9e608301a148882ac7f527ccfdc933f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:69:db:0c:ff:17:59:ca:4d:c1:67:0e:f5:3f:
17:8a:e0:a8:f4:5e:91:d8:a8:84:e9:0a:5a:27:fa:
6b:c0:02:8a:94:07:5f:23:0e:03:b1:a0:60:42:f4:
40:5d:48:54:ea:40:b2:fa:34:05:26:17:23:a3:93:
e9:95:35:d1:b2:f3:7b:b9:10:af:2a:51:e2:fb:a4:
9c:b0:f1:9a:04:96:b0:c5:a4:e1:b0:7a:ea:76:23:
03:06:b1:a0:1e:e4:aa:54:84:76:16:24:3e:31:60:
5c:ca:3b:ec:c5:18:8f:8f:4c:3a:1d:f8:61:a4:1b:
97:b9:c7:bf:4a:84:ca:dc:2f:7d:c3:7f:e3:d0:5c:
a5:90:3a:a1:9b:1e:76:4c:73:02:68:2a:cf:b8:00:
78:fe:e6:bd:51:47:e4:91:21:51:24:75:4d:dd:f4:
56:2b:0b:6f:d7:1f:0d:24:74:aa:ea:51:01:14:5c:
7d:1f:1a:b9:25:02:40:96:cc:cf:d6:a2:e4:cf:22:
bd:65:45:0a:44:09:20:6d:80:fa:12:f9:27:c1:da:
56:8a:68:ac:76:04:d9:25:0a:28:90:ec:88:11:c7:
0f:71:6c:95:d8:b3:fd:56:48:47:5b:7c:10:18:22:
79:51:71:d2:70:4d:06:17:0f:4e:8e:91:1f:64:8b:
3d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:EB:36:C9:E6:08:30:1A:14:88:82:AC:7F:52:7C:CF:DC:93:3F:07
X509v3 Authority Key Identifier:
keyid:76:16:24:DD:DC:5C:02:79:C7:F8:C9:FF:12:88:A4:D3:04:4C:08:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/SOs2yeYIMBoUiIKsf1J8z9yTPwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589761-c662-4f13-870a-13e8801628f5/1/dhYk3dxcAnnH-Mn_Eoik0wRMCEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.68.0/22
IPv6:
2a07:8100::/29
Signature Algorithm: sha256WithRSAEncryption
7d:3b:a3:84:73:13:8e:81:20:cd:e3:60:d0:e0:8b:ae:66:61:
3d:16:cc:31:bd:9f:22:c9:8e:7a:82:37:5b:20:19:6f:a7:95:
7c:ac:1c:82:37:d6:eb:42:9c:e6:70:1c:44:0f:f4:22:8b:bb:
a9:e5:4d:2e:e9:fc:89:90:1e:eb:cf:5e:ed:c8:c4:08:5a:a7:
7b:2b:3f:62:46:7b:ce:51:d1:9c:dd:7b:e5:9a:01:0a:19:ac:
9f:86:6f:34:66:f2:a2:72:a6:ef:29:fb:db:7d:b9:b3:c7:b5:
e4:52:61:66:c3:01:d9:36:64:b0:63:cc:11:05:55:83:00:53:
db:2c:54:81:6d:07:7d:b1:22:35:d4:c8:e4:69:36:13:0f:84:
bc:94:b1:85:ed:d5:5b:da:d0:8f:be:f2:c5:52:1f:0a:d9:57:
95:01:1b:cf:1b:a2:5d:c9:dd:48:27:6b:70:09:2b:a2:c5:16:
ba:82:8e:03:22:2b:33:38:91:81:dd:0b:04:81:6e:f1:98:43:
b4:15:11:1b:81:45:35:de:99:24:bd:c5:99:ac:4a:99:7e:90:
1a:5a:e0:3f:73:ae:86:e6:a6:91:e7:55:86:18:8b:b2:24:42:
1f:dc:89:1a:b7:fc:e0:61:f5:00:8b:bd:9e:59:db:66:d4:1e:
fd:42:f2:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOtRB0m0JuECPSB/U+l24OoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MTYyNGRkZGM1YzAyNzljN2Y4YzlmZjEyODhhNGQzMDQ0
YzA4NDcwHhcNMjQxMjA5MjExMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGViMzZjOWU2MDgzMDFhMTQ4ODgyYWM3ZjUyN2NjZmRjOTMzZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWnbDP8XWcpNwWcO9T8XiuCo9F6R
2KiE6QpaJ/prwAKKlAdfIw4DsaBgQvRAXUhU6kCy+jQFJhcjo5PplTXRsvN7uRCv
KlHi+6ScsPGaBJawxaThsHrqdiMDBrGgHuSqVIR2FiQ+MWBcyjvsxRiPj0w6Hfhh
pBuXuce/SoTK3C99w3/j0FylkDqhmx52THMCaCrPuAB4/ua9UUfkkSFRJHVN3fRW
Kwtv1x8NJHSq6lEBFFx9Hxq5JQJAlszP1qLkzyK9ZUUKRAkgbYD6EvknwdpWimis
dgTZJQookOyIEccPcWyV2LP9VkhHW3wQGCJ5UXHScE0GFw9OjpEfZIs9PQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEjrNsnmCDAaFIiCrH9SfM/ckz8HMB8GA1UdIwQY
MBaAFHYWJN3cXAJ5x/jJ/xKIpNMETAhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGhZazNkeGNBbm5ILU1uX0VvaWswd1JNQ0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODk3NjEtYzY2Mi00ZjEzLTg3MGEt
MTNlODgwMTYyOGY1LzEvU09zMnllWUlNQm9VaUlLc2YxSjh6OXlUUHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ODk3NjEtYzY2Mi00ZjEzLTg3MGEtMTNlODgwMTYyOGY1
LzEvZGhZazNkeGNBbm5ILU1uX0VvaWswd1JNQ0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZhEMA0E
AgACMAcDBQMqB4EAMA0GCSqGSIb3DQEBCwUAA4IBAQB9O6OEcxOOgSDN42DQ4Iuu
ZmE9FswxvZ8iyY56gjdbIBlvp5V8rByCN9brQpzmcBxED/Qii7up5U0u6fyJkB7r
z17tyMQIWqd7Kz9iRnvOUdGc3XvlmgEKGayfhm80ZvKicqbvKfvbfbmzx7XkUmFm
wwHZNmSwY8wRBVWDAFPbLFSBbQd9sSI11MjkaTYTD4S8lLGF7dVb2tCPvvLFUh8K
2VeVARvPG6Jdyd1IJ2twCSuixRa6go4DIiszOJGB3QsEgW7xmEO0FREbgUU13pkk
vcWZrEqZfpAaWuA/c66G5qaR51WGGIuyJEIf3Ikat/zgYfUAi72eWdtm1B79QvKB
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:57:44 2025 by rpki-client