Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/c2mL12kdRJv1WvTXeOWApZDJ2rQ.roa
File: c2mL12kdRJv1WvTXeOWApZDJ2rQ.roa (raw, json)
Hash identifier: 5uCGNb2X+bHIJBlB2PHoFokoSfpPaJ0/8Q+fiw/Bjh4=
Subject key identifier: 73:69:8B:D7:69:1D:44:9B:F5:5A:F4:D7:78:E5:80:A5:90:C9:DA:B4
Certificate issuer: /CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Certificate serial: 019421446CAE876F06B94D670B1BE3758004
Authority key identifier: F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/c2mL12kdRJv1WvTXeOWApZDJ2rQ.roa
Signing time: Wed 01 Jan 2025 09:48:39 +0000
ROA not before: Wed 01 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 185.24.172.0/23 maxlen: 23
185.24.174.0/24 maxlen: 24
185.24.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 12:43:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:6c:ae:87:6f:06:b9:4d:67:0b:1b:e3:75:80:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Validity
Not Before: Jan 1 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73698bd7691d449bf55af4d778e580a590c9dab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:37:79:34:3b:53:6b:8c:e6:f6:0f:a3:b3:37:
31:89:eb:ec:c1:d3:ad:28:e9:e4:f9:e5:67:f7:93:
ea:35:d6:25:ba:6a:ca:b7:57:c8:42:a0:6d:e7:10:
bc:b0:12:6a:00:f3:3a:86:ca:5b:36:ed:3f:95:8b:
ec:1f:e6:7a:80:10:8f:dd:ce:82:18:08:60:00:f2:
c2:16:c2:b7:97:ce:b8:47:99:df:1d:3f:8b:b0:f4:
70:20:b7:78:cc:9a:a0:a0:1b:e5:19:3a:cc:84:97:
28:51:48:7f:b7:16:49:a3:29:4c:b3:ea:eb:ea:45:
78:4a:c8:f2:e4:01:6b:12:68:4b:23:85:85:e6:49:
fb:1d:a9:54:d7:4d:67:61:09:06:01:cb:a9:44:e7:
0e:48:fd:01:22:78:7e:f5:53:a3:5e:09:a9:16:5f:
5d:71:8d:f5:15:97:bc:52:9f:5f:85:4b:28:51:8f:
68:5e:b6:22:d1:a7:eb:02:e3:71:99:a7:db:d9:63:
8a:60:bd:0c:09:0d:6d:cf:8d:82:1e:c9:7f:89:2c:
1c:25:94:65:56:21:3d:c0:58:7d:f3:4c:ea:4a:75:
d9:86:88:17:6d:9e:ba:ca:22:e8:8f:50:7a:4f:e1:
34:ca:c7:a4:3c:2b:b9:a9:3f:17:c8:83:48:5e:49:
fc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:69:8B:D7:69:1D:44:9B:F5:5A:F4:D7:78:E5:80:A5:90:C9:DA:B4
X509v3 Authority Key Identifier:
keyid:F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/c2mL12kdRJv1WvTXeOWApZDJ2rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.172.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:a4:7d:61:2b:4f:c6:d9:c8:73:82:ec:90:c8:14:32:0f:83:
8f:1a:24:a3:85:dc:ea:d4:23:34:de:0b:98:95:f0:51:c9:38:
a4:8a:74:6a:7d:6e:9b:3b:e3:34:db:1f:26:c4:b9:b0:c6:9f:
3d:d9:39:c3:f9:0e:c6:f6:4d:77:d8:53:6e:95:15:df:c7:94:
ad:86:a4:b4:63:1b:6d:7a:35:2e:ec:e9:00:e8:90:b7:44:0f:
7f:dc:3e:75:9b:23:1f:bd:71:46:02:df:99:32:5b:3e:9f:2d:
e2:a8:f4:73:28:fd:e4:fa:b1:ab:69:1c:16:33:c7:f7:d4:4d:
a4:f2:81:6d:1d:e0:4e:a2:23:6e:e3:27:92:2b:b7:cb:70:c6:
95:a4:d9:7d:a2:8d:55:9b:e0:b2:bd:b8:e9:5e:ee:3a:4d:b2:
f5:e5:0f:eb:e3:86:8a:8c:ee:98:c0:7c:f2:85:bc:13:30:7b:
35:81:a1:fb:63:ac:00:ca:d7:5a:19:b4:35:77:40:e9:aa:12:
a2:8c:e6:db:37:c6:19:b5:ae:46:73:4f:e8:7d:ef:45:40:bf:
f8:0d:3e:73:da:ea:97:a3:80:4d:9d:39:f0:f6:fc:e1:d9:fc:
82:f7:2e:6a:25:d3:59:8a:74:ac:53:90:50:ee:ed:f2:a5:85:
40:20:c5:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRGyuh28GuU1nCxvjdYAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MmIwODRmOWI5Yzk4Y2ZkOTA0MTBiODMwNWNjNmNiNDZk
Y2NlZDgwHhcNMjUwMTAxMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY5OGJkNzY5MWQ0NDliZjU1YWY0ZDc3OGU1ODBhNTkwYzlkYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjd5NDtTa4zm9g+jszcxievswdOt
KOnk+eVn95PqNdYlumrKt1fIQqBt5xC8sBJqAPM6hspbNu0/lYvsH+Z6gBCP3c6C
GAhgAPLCFsK3l864R5nfHT+LsPRwILd4zJqgoBvlGTrMhJcoUUh/txZJoylMs+rr
6kV4Ssjy5AFrEmhLI4WF5kn7HalU101nYQkGAcupROcOSP0BInh+9VOjXgmpFl9d
cY31FZe8Up9fhUsoUY9oXrYi0afrAuNxmafb2WOKYL0MCQ1tz42CHsl/iSwcJZRl
ViE9wFh980zqSnXZhogXbZ66yiLoj1B6T+E0ysekPCu5qT8XyINIXkn8gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNpi9dpHUSb9Vr013jlgKWQydq0MB8GA1UdIwQY
MBaAFPQrCE+bnJjP2QQQuDBcxstG3M7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAt
NmE5Y2Q5NDIwMmZmLzEvYzJtTDEya2RSSnYxV3ZUWGVPV0FwWkRKMnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAtNmE5Y2Q5NDIwMmZm
LzEvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRisMA0G
CSqGSIb3DQEBCwUAA4IBAQALpH1hK0/G2chzguyQyBQyD4OPGiSjhdzq1CM03guY
lfBRyTikinRqfW6bO+M02x8mxLmwxp892TnD+Q7G9k132FNulRXfx5SthqS0Yxtt
ejUu7OkA6JC3RA9/3D51myMfvXFGAt+ZMls+ny3iqPRzKP3k+rGraRwWM8f31E2k
8oFtHeBOoiNu4yeSK7fLcMaVpNl9oo1Vm+CyvbjpXu46TbL15Q/r44aKjO6YwHzy
hbwTMHs1gaH7Y6wAytdaGbQ1d0DpqhKijObbN8YZta5Gc0/ofe9FQL/4DT5z2uqX
o4BNnTnw9vzh2fyC9y5qJdNZinSsU5BQ7u3ypYVAIMUi
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:34:30 2025 by rpki-client