Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/As00NYOrHlvv2-_ZFaAOsuoZDhA.roa
File: As00NYOrHlvv2-_ZFaAOsuoZDhA.roa (raw, json)
Hash identifier: YtAfv5GSqga1E684f+iaTenjmndd0G88/BA78uZYw9A=
Subject key identifier: 02:CD:34:35:83:AB:1E:5B:EF:DB:EF:D9:15:A0:0E:B2:EA:19:0E:10
Certificate issuer: /CN=fc83525d142fbf4b94b3d169445365c66ddfddfd
Certificate serial: 019431006CD095AFE412894ECA8FC5650BBC
Authority key identifier: FC:83:52:5D:14:2F:BF:4B:94:B3:D1:69:44:53:65:C6:6D:DF:DD:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_INSXRQvv0uUs9FpRFNlxm3f3f0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/As00NYOrHlvv2-_ZFaAOsuoZDhA.roa
Signing time: Sat 04 Jan 2025 11:08:18 +0000
ROA not before: Sat 04 Jan 2025 11:08:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47603
IP address blocks: 185.84.226.0/24 maxlen: 27
Validation: Failed, certificate revoked on Sat 04 Jan 2025 13:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:31:00:6c:d0:95:af:e4:12:89:4e:ca:8f:c5:65:0b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc83525d142fbf4b94b3d169445365c66ddfddfd
Validity
Not Before: Jan 4 11:08:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02cd343583ab1e5befdbefd915a00eb2ea190e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:62:67:6e:24:7f:82:8e:c6:6d:45:17:ca:6e:
54:c3:64:40:fe:47:4f:58:75:0b:ad:10:b3:14:9c:
b7:9c:ba:4b:bc:99:97:2c:db:68:d1:65:44:a7:fa:
a5:4d:b6:ce:f0:63:b4:82:46:a2:8b:aa:6a:46:dd:
8f:db:ce:5b:f5:17:61:2c:51:0b:51:29:de:a1:3c:
9f:43:17:b5:92:1e:11:40:61:4b:bb:d7:bf:f6:fb:
de:14:3c:5f:4a:38:e7:fa:13:01:64:1d:c5:11:fa:
a7:90:ff:e0:e0:61:c6:13:6c:7e:5a:42:56:23:2c:
50:eb:1d:0e:1f:e9:37:88:e2:d0:fd:2e:0b:4a:2a:
1a:09:8d:3f:7c:f0:37:60:e9:1a:f7:41:00:4d:eb:
fd:ff:9a:4b:be:97:47:c7:95:a4:4c:69:79:5b:3a:
48:d2:94:15:f3:4e:7a:8b:d8:c5:ea:81:b5:f5:af:
bd:fb:dd:20:29:76:0b:25:5e:1a:ec:74:b7:87:51:
2e:23:02:39:47:1a:49:28:b1:f6:94:64:b9:c4:b9:
b9:0b:fb:89:2b:a2:2c:59:c2:73:31:82:4d:5c:14:
2f:04:5d:14:a6:0a:35:20:1c:82:d9:40:ad:5f:34:
93:8b:06:e5:b8:55:27:cf:cd:ba:18:b1:11:f2:fa:
6a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CD:34:35:83:AB:1E:5B:EF:DB:EF:D9:15:A0:0E:B2:EA:19:0E:10
X509v3 Authority Key Identifier:
keyid:FC:83:52:5D:14:2F:BF:4B:94:B3:D1:69:44:53:65:C6:6D:DF:DD:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_INSXRQvv0uUs9FpRFNlxm3f3f0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/As00NYOrHlvv2-_ZFaAOsuoZDhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/_INSXRQvv0uUs9FpRFNlxm3f3f0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.226.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:81:bf:29:62:c1:30:3e:93:29:b7:41:eb:c6:b2:d8:50:e2:
b8:18:a2:3b:f7:90:f7:36:be:c1:3b:82:97:a0:0a:98:23:b7:
77:a3:4d:d3:d9:a8:7b:89:09:1a:26:84:44:a8:91:65:fe:42:
70:a0:f2:44:e8:7e:49:ba:2a:4c:c3:f9:1f:48:bf:a7:e0:30:
df:0c:bf:9e:38:3f:d4:8d:11:88:52:cf:af:18:01:cf:26:57:
aa:4f:f5:59:73:13:09:e9:be:3b:28:cc:e6:99:9a:b7:cd:3b:
e7:6b:b4:f2:86:df:7f:1a:e0:29:25:01:15:c9:af:be:d9:3f:
85:69:e3:f5:e6:5d:8a:67:0d:43:50:4d:4d:cd:fa:1e:97:80:
dc:bf:dd:0b:d5:89:d5:ca:70:e9:2d:4f:c3:5f:0b:fc:19:bc:
5b:4f:15:ce:9b:32:14:15:55:c8:d4:3b:ad:5b:ef:0b:c3:c1:
32:3c:8d:b5:38:ab:8a:c6:e7:75:06:98:93:80:da:65:e0:5c:
e5:cc:8f:e0:4c:b3:56:1a:c2:6b:97:c6:cb:e5:d7:1b:29:c3:
79:7f:93:fe:e8:c7:74:d1:7d:37:29:7d:6c:f8:17:7d:43:94:
3d:5a:8b:63:91:5f:68:79:2e:f9:46:c1:5d:0e:aa:89:91:2d:
ff:eb:a2:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQxAGzQla/kEolOyo/FZQu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjODM1MjVkMTQyZmJmNGI5NGIzZDE2OTQ0NTM2NWM2NmRk
ZmRkZmQwHhcNMjUwMTA0MTEwODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNkMzQzNTgzYWIxZTViZWZkYmVmZDkxNWEwMGViMmVhMTkwZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWJnbiR/go7GbUUXym5Uw2RA/kdP
WHULrRCzFJy3nLpLvJmXLNto0WVEp/qlTbbO8GO0gkaii6pqRt2P285b9RdhLFEL
USneoTyfQxe1kh4RQGFLu9e/9vveFDxfSjjn+hMBZB3FEfqnkP/g4GHGE2x+WkJW
IyxQ6x0OH+k3iOLQ/S4LSioaCY0/fPA3YOka90EATev9/5pLvpdHx5WkTGl5WzpI
0pQV8056i9jF6oG19a+9+90gKXYLJV4a7HS3h1EuIwI5RxpJKLH2lGS5xLm5C/uJ
K6IsWcJzMYJNXBQvBF0Upgo1IByC2UCtXzSTiwbluFUnz826GLER8vpqwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALNNDWDqx5b79vv2RWgDrLqGQ4QMB8GA1UdIwQY
MBaAFPyDUl0UL79LlLPRaURTZcZt3939MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0lOU1hSUXZ2MHVVczlGcFJGTmx4bTNmM2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84NTRlODYtNTFiYi00NThjLWEwMTQt
NjkyM2E3ZTYxYTZiLzEvQXMwME5ZT3JIbHZ2Mi1fWkZhQU9zdW9aRGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84NTRlODYtNTFiYi00NThjLWEwMTQtNjkyM2E3ZTYxYTZi
LzEvX0lOU1hSUXZ2MHVVczlGcFJGTmx4bTNmM2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVTiMA0G
CSqGSIb3DQEBCwUAA4IBAQAdgb8pYsEwPpMpt0HrxrLYUOK4GKI795D3Nr7BO4KX
oAqYI7d3o03T2ah7iQkaJoREqJFl/kJwoPJE6H5JuipMw/kfSL+n4DDfDL+eOD/U
jRGIUs+vGAHPJleqT/VZcxMJ6b47KMzmmZq3zTvna7Tyht9/GuApJQEVya++2T+F
aeP15l2KZw1DUE1Nzfoel4Dcv90L1YnVynDpLU/DXwv8GbxbTxXOmzIUFVXI1Dut
W+8Lw8EyPI21OKuKxud1BpiTgNpl4FzlzI/gTLNWGsJrl8bL5dcbKcN5f5P+6Md0
0X03KX1s+Bd9Q5Q9WotjkV9oeS75RsFdDqqJkS3/66Jz
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:08 2025 by rpki-client