Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/ALc1ohOd1rHhczr7MXtYF3fKjpc.roa
File: ALc1ohOd1rHhczr7MXtYF3fKjpc.roa (raw, json)
Hash identifier: Xy8G+sXd8OmsXy4jXcvNp/ib2IPt+W1sBmN7w8cEtvE=
Subject key identifier: 00:B7:35:A2:13:9D:D6:B1:E1:73:3A:FB:31:7B:58:17:77:CA:8E:97
Certificate issuer: /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial: 0194228E3265E424CA346201F973E0D5F73A
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/ALc1ohOd1rHhczr7MXtYF3fKjpc.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.103.4.0/22 maxlen: 22
185.103.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 18:56:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:32:65:e4:24:ca:34:62:01:f9:73:e0:d5:f7:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00b735a2139dd6b1e1733afb317b581777ca8e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:80:fb:b6:42:fd:6e:4e:44:da:b8:87:63:
93:97:26:8d:37:6d:4f:24:bd:f3:72:9a:c1:a5:fa:
14:c0:f2:e3:64:8a:36:f8:34:1f:ea:d9:99:89:b2:
2f:34:bd:a6:06:96:d8:c5:88:06:c6:a8:9a:8e:0a:
c4:54:71:a0:5c:83:5f:66:69:4d:8e:84:8c:d5:80:
1f:b6:04:46:e9:e8:29:3a:86:3f:1f:69:d1:5f:bf:
a2:22:18:17:d0:3e:44:90:69:9d:5a:33:38:12:c7:
22:aa:37:ed:e8:ca:29:e4:3d:0b:bd:ef:fd:41:8a:
7e:c6:bb:26:d2:63:51:ad:54:e6:d3:9e:8a:77:9a:
99:d8:75:dc:a2:4a:e8:a5:8c:99:b5:f6:e3:63:47:
54:95:9c:87:0e:7c:57:53:58:d2:71:17:83:8d:d9:
42:a8:09:6c:7f:75:b3:01:a6:b8:a9:8b:ad:70:59:
6f:ca:a0:71:4b:a9:ac:62:ec:fc:96:2c:42:35:38:
cb:8a:48:84:6f:00:1f:be:fb:02:10:15:df:0b:bd:
ce:bf:d9:ba:e6:5e:82:07:9a:40:ab:6a:96:98:69:
4f:b3:c0:5f:dc:6d:03:72:54:f9:75:98:65:41:58:
39:51:9c:8b:29:3b:e0:a2:ad:fa:f8:78:d6:bf:78:
58:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B7:35:A2:13:9D:D6:B1:E1:73:3A:FB:31:7B:58:17:77:CA:8E:97
X509v3 Authority Key Identifier:
keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/ALc1ohOd1rHhczr7MXtYF3fKjpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.4.0/22
Signature Algorithm: sha256WithRSAEncryption
09:22:c0:cd:01:5b:1d:07:5b:e8:52:ba:70:b3:7d:bd:ea:01:
56:03:3f:b1:67:8b:e7:89:4f:f1:3a:67:24:62:b0:9c:9a:3c:
b5:6d:1d:60:78:3d:4b:00:53:f5:7a:bd:e6:df:5d:a8:a4:8f:
5f:ef:5d:c2:8d:8e:13:42:5a:7f:89:ef:b1:f2:71:0c:08:33:
a7:e6:ca:e6:d4:44:a1:ea:54:7a:bb:09:86:2e:7e:c4:bd:85:
68:60:72:41:d7:b0:e6:2b:09:a7:6d:8c:d7:f8:87:bd:23:f3:
13:8a:8e:54:35:06:d5:3c:1b:ac:30:18:16:ff:db:0e:cd:b5:
92:db:b7:c2:46:8e:19:83:1b:48:f1:c2:4b:84:1f:8c:14:6e:
2a:3e:f1:b5:6b:b0:79:27:6e:be:f2:9f:e2:ba:1f:38:d9:b2:
23:86:65:78:1c:b7:94:3b:4d:59:6e:30:95:20:0a:66:95:5c:
78:3f:bb:9e:4a:0e:b2:a8:11:b5:e1:ff:da:0d:f9:ea:52:a3:
5b:da:3b:e3:88:66:3a:6b:de:21:a5:15:a7:fa:ee:40:98:67:
fe:22:39:ef:d1:01:00:bf:ec:7b:6c:41:af:14:1e:b0:2e:63:
c2:ce:e4:ad:5f:1e:34:4f:44:67:81:2c:55:c9:22:1f:14:8e:
19:16:34:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijjJl5CTKNGIB+XPg1fc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI3MzVhMjEzOWRkNmIxZTE3MzNhZmIzMTdiNTgxNzc3Y2E4ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM+A+7ZC/W5ORNq4h2OTlyaNN21P
JL3zcprBpfoUwPLjZIo2+DQf6tmZibIvNL2mBpbYxYgGxqiajgrEVHGgXINfZmlN
joSM1YAftgRG6egpOoY/H2nRX7+iIhgX0D5EkGmdWjM4Esciqjft6Mop5D0Lve/9
QYp+xrsm0mNRrVTm056Kd5qZ2HXcokropYyZtfbjY0dUlZyHDnxXU1jScReDjdlC
qAlsf3WzAaa4qYutcFlvyqBxS6msYuz8lixCNTjLikiEbwAfvvsCEBXfC73Ov9m6
5l6CB5pAq2qWmGlPs8Bf3G0DclT5dZhlQVg5UZyLKTvgoq36+HjWv3hYrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAC3NaITndax4XM6+zF7WBd3yo6XMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvQUxjMW9oT2QxckhoY3pyN01YdFlGM2ZLanBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcEMA0G
CSqGSIb3DQEBCwUAA4IBAQAJIsDNAVsdB1voUrpws3296gFWAz+xZ4vniU/xOmck
YrCcmjy1bR1geD1LAFP1er3m312opI9f713CjY4TQlp/ie+x8nEMCDOn5srm1ESh
6lR6uwmGLn7EvYVoYHJB17DmKwmnbYzX+Ie9I/MTio5UNQbVPBusMBgW/9sOzbWS
27fCRo4ZgxtI8cJLhB+MFG4qPvG1a7B5J26+8p/iuh842bIjhmV4HLeUO01ZbjCV
IApmlVx4P7ueSg6yqBG14f/aDfnqUqNb2jvjiGY6a94hpRWn+u5AmGf+Ijnv0QEA
v+x7bEGvFB6wLmPCzuStXx40T0RngSxVySIfFI4ZFjSA
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:00:27 2025 by rpki-client