Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/11VsZAkfZ2Be9X5wXLS3HRgw1C0.roa
File: 11VsZAkfZ2Be9X5wXLS3HRgw1C0.roa (raw, json)
Hash identifier: Qo9u4dMpD84kE7KSvoGWQclybxuAo27JCJYDYGpUCAw=
Subject key identifier: D7:55:6C:64:09:1F:67:60:5E:F5:7E:70:5C:B4:B7:1D:18:30:D4:2D
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747F7C41AEBBB25EB1953238F8958C1
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/11VsZAkfZ2Be9X5wXLS3HRgw1C0.roa
Signing time: Thu 02 Jan 2025 13:50:15 +0000
ROA not before: Thu 02 Jan 2025 13:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398779
IP address blocks: 185.227.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 09:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f7:c4:1a:eb:bb:25:eb:19:53:23:8f:89:58:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7556c64091f67605ef57e705cb4b71d1830d42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3f:0b:5a:96:37:7a:aa:5d:d3:d8:f5:73:c0:
1c:28:52:f7:7a:3c:f7:fb:bc:95:31:e8:7f:1f:c1:
36:59:71:6b:b2:5d:d3:d0:94:76:47:63:02:0d:da:
e9:49:3a:dd:20:9b:ee:e5:d5:17:3b:8b:ed:b9:5c:
9f:f0:47:1b:9e:81:b6:e6:c5:21:71:db:c2:b4:9f:
45:39:42:ac:d7:8e:ac:ac:9c:4c:55:0e:e7:7c:0c:
15:0c:59:6c:02:8a:e7:3d:bd:c1:50:f5:2d:51:17:
44:a8:e1:98:22:d6:96:52:d4:55:5b:83:29:41:1d:
82:2a:7e:56:eb:98:8f:f9:39:45:7c:09:d8:7e:25:
38:7e:82:e6:34:e5:ee:32:4e:d5:e0:23:37:08:d2:
16:67:00:f2:7c:81:af:14:dd:9d:57:c1:f1:07:86:
cd:be:40:2f:88:dc:51:c9:67:5c:8d:7d:7e:4c:e9:
53:1d:a9:c0:1c:cd:8c:6b:55:18:62:9a:0f:13:bc:
5b:1c:3f:d5:cd:21:e3:95:c6:7d:dd:7d:9c:cd:4b:
25:77:71:f6:47:81:72:f9:9e:2b:5d:1f:dd:aa:53:
99:85:2a:bf:93:d4:db:19:ed:84:c3:33:fe:ef:97:
9b:ce:b5:2e:0c:66:91:a8:f6:f4:56:58:92:b9:ac:
5e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:55:6C:64:09:1F:67:60:5E:F5:7E:70:5C:B4:B7:1D:18:30:D4:2D
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/11VsZAkfZ2Be9X5wXLS3HRgw1C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.69.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:8e:ab:35:a4:3e:d0:d1:73:66:bd:19:a1:de:72:24:b0:5d:
94:22:74:ab:e8:0f:82:44:82:b9:50:a2:9e:51:33:68:22:46:
3c:c1:87:eb:d7:fb:ed:ba:22:92:ea:b9:01:0a:be:bf:e7:c4:
42:4b:f0:e9:2e:e5:49:fe:e7:e9:02:8f:ca:20:15:2b:66:e9:
31:70:62:d6:14:f4:12:8a:28:f8:b0:8d:3a:3d:e8:3f:5a:47:
28:fb:6a:f5:bc:72:ca:23:3a:eb:91:10:35:d7:be:05:13:31:
5b:40:2b:91:01:a1:a2:a3:4b:d2:fa:d6:97:99:0f:7c:13:0f:
64:b5:48:76:77:d7:e0:e7:f3:39:f3:83:b8:df:a2:29:bb:2c:
b7:85:2e:f7:b5:6b:00:90:86:48:bc:43:80:39:a2:31:e4:31:
d3:90:66:c1:5d:95:4f:31:3e:e5:00:7e:a4:52:ae:57:28:6f:
1d:da:5a:e5:4f:99:53:f2:f2:14:e3:6d:a8:52:45:f2:51:aa:
1e:be:6b:fc:e1:19:54:f1:1c:1a:ab:c9:8c:8c:03:5a:5e:2c:
9b:b4:88:22:a1:1c:68:9b:87:a3:52:bc:7d:ce:41:ef:34:fe:
13:d4:6b:aa:36:01:8e:61:73:e6:82:d7:65:9c:88:aa:dd:60:
9c:bb:75:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/fEGuu7JesZUyOPiVjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzU1NmM2NDA5MWY2NzYwNWVmNTdlNzA1Y2I0YjcxZDE4MzBkNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz8LWpY3eqpd09j1c8AcKFL3ejz3
+7yVMeh/H8E2WXFrsl3T0JR2R2MCDdrpSTrdIJvu5dUXO4vtuVyf8EcbnoG25sUh
cdvCtJ9FOUKs146srJxMVQ7nfAwVDFlsAornPb3BUPUtURdEqOGYItaWUtRVW4Mp
QR2CKn5W65iP+TlFfAnYfiU4foLmNOXuMk7V4CM3CNIWZwDyfIGvFN2dV8HxB4bN
vkAviNxRyWdcjX1+TOlTHanAHM2Ma1UYYpoPE7xbHD/VzSHjlcZ93X2czUsld3H2
R4Fy+Z4rXR/dqlOZhSq/k9TbGe2EwzP+75ebzrUuDGaRqPb0VliSuaxeSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdVbGQJH2dgXvV+cFy0tx0YMNQtMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMTFWc1pBa2ZaMkJlOVg1d1hMUzNIUmd3MUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueNFMA0G
CSqGSIb3DQEBCwUAA4IBAQBbjqs1pD7Q0XNmvRmh3nIksF2UInSr6A+CRIK5UKKe
UTNoIkY8wYfr1/vtuiKS6rkBCr6/58RCS/DpLuVJ/ufpAo/KIBUrZukxcGLWFPQS
iij4sI06Peg/Wkco+2r1vHLKIzrrkRA1174FEzFbQCuRAaGio0vS+taXmQ98Ew9k
tUh2d9fg5/M584O436Ipuyy3hS73tWsAkIZIvEOAOaIx5DHTkGbBXZVPMT7lAH6k
Uq5XKG8d2lrlT5lT8vIU422oUkXyUaoevmv84RlU8Rwaq8mMjANaXiybtIgioRxo
m4ejUrx9zkHvNP4T1GuqNgGOYXPmgtdlnIiq3WCcu3VC
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:28:56 2025 by rpki-client