Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/40a102-efcd-4fd2-9373-d06aa518aa6d/1/2he2uoPYPjow8qnnndEhg0YVPHg.roa
File: 2he2uoPYPjow8qnnndEhg0YVPHg.roa (raw, json)
Hash identifier: /Vh71qV0M/DDCtm6F/PLUjiqbFyRiYsbYY1Px/ohsRo=
Subject key identifier: DA:17:B6:BA:83:D8:3E:3A:30:F2:A9:E7:9D:D1:21:83:46:15:3C:78
Certificate issuer: /CN=9599b3e782370dc2814f525c1d6ece84d8f70f36
Certificate serial: 019426D98F99A4907BAB50C877904AC5E2C7
Authority key identifier: 95:99:B3:E7:82:37:0D:C2:81:4F:52:5C:1D:6E:CE:84:D8:F7:0F:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZmz54I3DcKBT1JcHW7OhNj3DzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/40a102-efcd-4fd2-9373-d06aa518aa6d/1/2he2uoPYPjow8qnnndEhg0YVPHg.roa
Signing time: Thu 02 Jan 2025 11:49:39 +0000
ROA not before: Thu 02 Jan 2025 11:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204025
IP address blocks: 185.226.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:8f:99:a4:90:7b:ab:50:c8:77:90:4a:c5:e2:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9599b3e782370dc2814f525c1d6ece84d8f70f36
Validity
Not Before: Jan 2 11:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da17b6ba83d83e3a30f2a9e79dd1218346153c78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d9:f1:0e:98:f6:dc:44:ef:1a:9c:b8:5a:86:
0a:7c:5b:69:06:b9:79:92:6c:b2:9b:79:6e:8e:e9:
88:09:13:bc:ed:6c:cb:89:16:72:55:17:61:fa:c4:
64:a3:fc:28:22:ff:69:e4:8a:60:d5:e9:73:29:a3:
ce:9d:2c:ce:21:f0:7e:d9:c5:1d:7a:3f:48:a7:eb:
15:78:6f:cd:04:60:86:f4:aa:49:7d:8e:2f:35:0a:
79:4f:32:d2:70:ff:37:23:1b:92:ff:a0:2c:1b:9b:
63:0e:19:46:5a:b0:3b:d9:59:7b:ef:1d:92:6d:4c:
b9:d6:0e:44:d3:1c:30:87:a1:27:e3:bb:4f:0c:7b:
a2:42:f5:c7:22:7d:bd:d6:79:f6:64:bc:1e:c9:b6:
96:ca:d7:06:78:67:cb:41:c6:34:13:7f:1f:5a:42:
41:db:9f:0e:d8:3f:b3:08:74:06:d1:0a:2d:32:52:
fe:e4:7c:f1:5e:08:aa:65:84:1c:82:86:a3:d9:b2:
99:e6:c4:94:1c:3e:49:d2:7b:7e:6c:16:c8:65:94:
98:5e:1e:a7:58:b7:f7:8b:69:c7:3c:6f:fd:34:9d:
ae:02:1e:84:3b:dd:1f:35:18:f0:75:ad:46:80:77:
b6:24:69:d7:04:db:4c:cf:4b:13:0a:42:b8:3a:8e:
b7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:17:B6:BA:83:D8:3E:3A:30:F2:A9:E7:9D:D1:21:83:46:15:3C:78
X509v3 Authority Key Identifier:
keyid:95:99:B3:E7:82:37:0D:C2:81:4F:52:5C:1D:6E:CE:84:D8:F7:0F:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZmz54I3DcKBT1JcHW7OhNj3DzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/40a102-efcd-4fd2-9373-d06aa518aa6d/1/2he2uoPYPjow8qnnndEhg0YVPHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/40a102-efcd-4fd2-9373-d06aa518aa6d/1/lZmz54I3DcKBT1JcHW7OhNj3DzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.20.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8c:02:66:b9:66:fe:bf:c5:e8:f0:61:f4:da:bb:e4:4b:4e:
71:f5:8f:97:64:f5:ef:9d:66:c0:58:31:88:d8:f9:f8:27:5e:
43:ad:e6:3f:a9:93:c1:75:8e:71:85:c2:bb:5e:7b:6a:92:4d:
7f:64:0f:7a:50:46:d3:90:6a:9d:dd:c1:32:8f:d4:0e:f8:cc:
fb:86:07:58:7d:96:f2:19:59:98:cf:9e:73:a4:66:8a:9c:5e:
9d:7b:96:00:a7:5b:ea:39:4f:36:f0:70:98:1d:e3:7b:da:93:
e5:83:d9:d8:f8:c0:c9:76:f1:3e:70:0a:2c:dc:93:bf:6a:32:
01:b3:46:db:90:24:c9:fa:ff:48:c7:21:af:27:70:56:39:52:
d6:44:2f:7b:d5:00:d8:8e:77:a7:35:1e:56:e0:e4:4b:27:a3:
16:a5:ef:87:28:4d:6f:c7:b9:b7:bb:4e:20:fb:0b:0b:6a:f5:
5c:4c:4e:d6:b3:fd:aa:fd:fd:6e:90:27:bc:03:ec:d8:83:a2:
2e:87:9a:f7:22:9d:28:24:cb:dd:45:ca:8a:2e:95:45:55:7e:
b8:2f:b4:d2:98:2b:20:67:c6:1a:49:22:e6:76:1f:19:25:d4:
99:74:4d:d9:b2:51:94:1c:d3:d6:23:7d:b6:09:b1:03:eb:e4:
04:64:22:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2Y+ZpJB7q1DId5BKxeLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OTliM2U3ODIzNzBkYzI4MTRmNTI1YzFkNmVjZTg0ZDhm
NzBmMzYwHhcNMjUwMTAyMTE0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTE3YjZiYTgzZDgzZTNhMzBmMmE5ZTc5ZGQxMjE4MzQ2MTUzYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39nxDpj23ETvGpy4WoYKfFtpBrl5
kmyym3lujumICRO87WzLiRZyVRdh+sRko/woIv9p5Ipg1elzKaPOnSzOIfB+2cUd
ej9Ip+sVeG/NBGCG9KpJfY4vNQp5TzLScP83IxuS/6AsG5tjDhlGWrA72Vl77x2S
bUy51g5E0xwwh6En47tPDHuiQvXHIn291nn2ZLweybaWytcGeGfLQcY0E38fWkJB
258O2D+zCHQG0QotMlL+5HzxXgiqZYQcgoaj2bKZ5sSUHD5J0nt+bBbIZZSYXh6n
WLf3i2nHPG/9NJ2uAh6EO90fNRjwda1GgHe2JGnXBNtMz0sTCkK4Oo63KwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoXtrqD2D46MPKp553RIYNGFTx4MB8GA1UdIwQY
MBaAFJWZs+eCNw3CgU9SXB1uzoTY9w82MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFptejU0STNEY0tCVDFKY0hXN09oTmozRHpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80MGExMDItZWZjZC00ZmQyLTkzNzMt
ZDA2YWE1MThhYTZkLzEvMmhlMnVvUFlQam93OHFubm5kRWhnMFlWUEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80MGExMDItZWZjZC00ZmQyLTkzNzMtZDA2YWE1MThhYTZk
LzEvbFptejU0STNEY0tCVDFKY0hXN09oTmozRHpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueIUMA0G
CSqGSIb3DQEBCwUAA4IBAQBvjAJmuWb+v8Xo8GH02rvkS05x9Y+XZPXvnWbAWDGI
2Pn4J15DreY/qZPBdY5xhcK7Xntqkk1/ZA96UEbTkGqd3cEyj9QO+Mz7hgdYfZby
GVmYz55zpGaKnF6de5YAp1vqOU828HCYHeN72pPlg9nY+MDJdvE+cAos3JO/ajIB
s0bbkCTJ+v9IxyGvJ3BWOVLWRC971QDYjnenNR5W4ORLJ6MWpe+HKE1vx7m3u04g
+wsLavVcTE7Ws/2q/f1ukCe8A+zYg6Iuh5r3Ip0oJMvdRcqKLpVFVX64L7TSmCsg
Z8YaSSLmdh8ZJdSZdE3ZslGUHNPWI322CbED6+QEZCJG
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:54:22 2025 by rpki-client