Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/Avp2knKX1acHNxa8OJ3x9KDhZXQ.roa
File: Avp2knKX1acHNxa8OJ3x9KDhZXQ.roa (raw, json)
Hash identifier: ru4b6pGrZh8AdEJ3UQOiFRdojdxenNbBuaHfm5lTFYg=
Subject key identifier: 02:FA:76:92:72:97:D5:A7:07:37:16:BC:38:9D:F1:F4:A0:E1:65:74
Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39
Certificate serial: 018CCA2A459146D818EF245D43B4EDE172D1
Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/Avp2knKX1acHNxa8OJ3x9KDhZXQ.roa
Signing time: Tue 02 Jan 2024 12:33:37 +0000
ROA not before: Tue 02 Jan 2024 12:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209505
IP address blocks: 185.250.10.0/23 maxlen: 23
185.250.9.0/24 maxlen: 24
2a0b:9401::/32 maxlen: 32
2a0b:9400:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:45:91:46:d8:18:ef:24:5d:43:b4:ed:e1:72:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39
Validity
Not Before: Jan 2 12:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02fa76927297d5a7073716bc389df1f4a0e16574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b7:86:90:18:98:68:c9:6e:e3:4a:86:df:68:
2a:8d:e1:6b:1f:4f:1d:f6:d4:02:01:e5:31:40:0c:
b6:7a:63:48:ba:b0:51:0a:b6:0c:51:c0:42:f1:98:
c6:69:30:5f:41:f3:54:df:f6:cd:fa:90:1b:f1:3b:
b0:93:ff:7b:6d:40:16:87:09:0c:63:9d:b3:b4:c0:
f9:c7:92:25:41:d7:b6:65:7a:29:11:5a:b6:a4:9d:
9f:3c:07:09:c6:04:3e:3c:79:15:4c:5b:ad:07:be:
51:77:0c:1e:8c:3c:76:df:be:29:b9:95:93:79:fa:
fb:0f:d8:12:bf:22:22:e5:71:86:51:48:ec:39:aa:
63:12:9a:e3:55:12:0b:34:24:e1:d8:dd:a1:7d:28:
14:52:36:1c:24:f6:43:fc:5f:33:ab:41:5c:08:2a:
28:63:14:7d:f1:8e:1b:3e:35:a6:e8:d6:24:aa:ed:
49:b8:d9:0b:30:d2:65:82:8b:55:05:7f:d6:4b:08:
98:bf:e9:d0:92:62:4f:91:22:bb:99:21:26:2f:9d:
f6:c6:b6:ed:e0:79:07:27:8f:b6:8d:59:66:dd:f9:
ab:4a:fa:81:f1:19:b1:46:dc:cb:de:2c:98:3e:33:
93:a8:2a:77:2c:36:b8:6e:4a:3f:76:4d:30:d8:46:
ba:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:76:92:72:97:D5:A7:07:37:16:BC:38:9D:F1:F4:A0:E1:65:74
X509v3 Authority Key Identifier:
keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/Avp2knKX1acHNxa8OJ3x9KDhZXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.9.0-185.250.11.255
IPv6:
2a0b:9400:1000::/48
2a0b:9401::/32
Signature Algorithm: sha256WithRSAEncryption
91:24:9b:78:37:9b:15:28:3f:6d:5f:ef:83:02:c0:e5:50:f4:
31:a7:54:6c:62:d5:a8:15:fc:3a:62:8e:b7:ed:dd:9f:06:a5:
b4:e1:c4:31:21:35:38:6c:8c:ca:60:91:b0:9d:fe:8b:c6:c4:
22:a0:6f:56:4e:de:e1:cf:6d:2c:81:8a:3e:33:a8:59:08:b8:
04:53:98:ae:45:b1:4e:cc:e8:ab:20:0e:0b:ad:23:77:af:06:
bc:1d:3c:88:e5:f5:f1:13:b2:b9:a7:e0:6a:a3:83:3a:32:9b:
57:74:64:17:3e:e5:f7:7e:5b:d0:cf:5d:58:55:e5:ca:b4:31:
97:ce:65:50:df:94:9b:7e:98:20:5d:8d:59:b4:71:72:24:39:
b8:cb:c8:ba:2c:b7:a8:a0:1a:c2:ec:0f:cb:73:be:79:ac:5b:
38:0e:bc:50:0a:32:9e:f8:60:e2:59:8a:8f:03:b9:e8:34:a1:
26:3e:b7:4d:8c:bc:f0:4a:bf:f4:e1:f9:ca:a0:ad:af:8f:fc:
4b:26:c0:58:35:d9:59:6a:79:c0:ce:5f:e1:80:af:c4:90:aa:
11:48:5d:45:c6:c4:23:c7:87:b9:2d:81:d2:45:b8:23:f6:2c:
17:2d:62:ae:40:ff:96:64:6f:a6:96:e0:cb:14:d1:fd:ba:2d:
ac:bf:04:93
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzKKkWRRtgY7yRdQ7Tt4XLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi
MGNlMzkwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhNzY5MjcyOTdkNWE3MDczNzE2YmMzODlkZjFmNGEwZTE2NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LeGkBiYaMlu40qG32gqjeFrH08d
9tQCAeUxQAy2emNIurBRCrYMUcBC8ZjGaTBfQfNU3/bN+pAb8Tuwk/97bUAWhwkM
Y52ztMD5x5IlQde2ZXopEVq2pJ2fPAcJxgQ+PHkVTFutB75RdwwejDx2374puZWT
efr7D9gSvyIi5XGGUUjsOapjEprjVRILNCTh2N2hfSgUUjYcJPZD/F8zq0FcCCoo
YxR98Y4bPjWm6NYkqu1JuNkLMNJlgotVBX/WSwiYv+nQkmJPkSK7mSEmL532xrbt
4HkHJ4+2jVlm3fmrSvqB8RmxRtzL3iyYPjOTqCp3LDa4bko/dk0w2Ea6pQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAL6dpJyl9WnBzcWvDid8fSg4WV0MB8GA1UdIwQY
MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt
NTFkNzU1NjhhOWUzLzEvQXZwMmtuS1gxYWNITnhhOE9KM3g5S0RoWlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz
LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAC5+gkD
BAK5+ggwFgQCAAIwEAMHACoLlAAQAAMFACoLlAEwDQYJKoZIhvcNAQELBQADggEB
AJEkm3g3mxUoP21f74MCwOVQ9DGnVGxi1agV/Dpijrft3Z8GpbThxDEhNThsjMpg
kbCd/ovGxCKgb1ZO3uHPbSyBij4zqFkIuARTmK5FsU7M6KsgDgutI3evBrwdPIjl
9fETsrmn4Gqjgzoym1d0ZBc+5fd+W9DPXVhV5cq0MZfOZVDflJt+mCBdjVm0cXIk
ObjLyLost6igGsLsD8tzvnmsWzgOvFAKMp74YOJZio8Dueg0oSY+t02MvPBKv/Th
+cqgra+P/EsmwFg12VlqecDOX+GAr8SQqhFIXUXGxCPHh7ktgdJFuCP2LBctYq5A
/5Zkb6aW4MsU0f26Lay/BJM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:34 2025 by rpki-client