Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/iMC3jZESEJ_BZYRkQpPtybZN3ck.roa
File: iMC3jZESEJ_BZYRkQpPtybZN3ck.roa (raw, json)
Hash identifier: nNWl7jcfymwNyWvS2qU2sHVDj8frN+ClvcxilvpEC2U=
Subject key identifier: 88:C0:B7:8D:91:12:10:9F:C1:65:84:64:42:93:ED:C9:B6:4D:DD:C9
Certificate issuer: /CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Certificate serial: 019426D94315238715CBD87E6AD1F2EFD1CA
Authority key identifier: CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/iMC3jZESEJ_BZYRkQpPtybZN3ck.roa
Signing time: Thu 02 Jan 2025 11:49:20 +0000
ROA not before: Thu 02 Jan 2025 11:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206804
IP address blocks: 185.51.134.0/24 maxlen: 24
2001:1548:206::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Jan 2025 08:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:43:15:23:87:15:cb:d8:7e:6a:d1:f2:ef:d1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40fdd82a0fdf3b70be18221eeba60d801ed7bf
Validity
Not Before: Jan 2 11:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88c0b78d9112109fc16584644293edc9b64dddc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:af:23:a6:76:c4:df:4a:48:54:d4:b5:93:e0:
5d:16:54:3a:18:9d:a9:41:0a:27:21:19:75:9c:00:
ba:44:d1:4f:c8:f6:37:26:da:fa:45:5c:4f:cf:a2:
2e:a0:ea:56:f0:e5:64:38:aa:54:b4:f3:31:cb:f5:
a6:61:c3:7d:d8:9a:f3:05:65:a4:58:9d:1c:f6:0f:
48:e0:eb:9c:fd:c1:0b:9d:75:ac:c9:62:be:5e:5c:
ae:03:1b:b8:9b:50:c8:60:55:19:4e:8c:31:48:f9:
0f:77:b1:e1:3e:1b:0b:7e:30:18:12:de:75:9b:84:
a4:dd:23:5f:8e:61:3f:78:52:9c:9e:84:52:c5:3b:
aa:76:3a:99:ee:3d:70:97:ba:53:9c:a7:b4:ca:55:
82:2a:79:66:85:0e:4f:23:1f:d2:7c:ec:c9:9c:51:
d0:1b:ea:f5:4a:b6:1d:8c:ee:3d:92:62:d6:50:b9:
24:54:98:16:39:d4:42:85:a1:2b:02:f7:5d:33:40:
25:12:8a:7d:9e:c5:66:14:27:36:a6:10:45:53:a3:
c6:3c:d2:b6:f3:b8:07:9a:4b:09:3f:5d:f7:6e:df:
06:d7:ec:17:27:e5:02:5f:98:d6:08:85:9f:fa:ec:
cb:88:83:24:16:09:6d:7a:ee:24:12:b1:50:f5:bf:
a7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C0:B7:8D:91:12:10:9F:C1:65:84:64:42:93:ED:C9:B6:4D:DD:C9
X509v3 Authority Key Identifier:
keyid:CF:40:FD:D8:2A:0F:DF:3B:70:BE:18:22:1E:EB:A6:0D:80:1E:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0D92CoP3ztwvhgiHuumDYAe178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/iMC3jZESEJ_BZYRkQpPtybZN3ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/792737-6a02-424b-82cb-a29ce7da10fd/1/z0D92CoP3ztwvhgiHuumDYAe178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.134.0/24
IPv6:
2001:1548:206::/48
Signature Algorithm: sha256WithRSAEncryption
07:94:84:1c:d7:73:5a:04:72:91:1d:c6:6c:c7:83:e1:6c:ac:
0b:44:40:45:db:d1:4f:5b:3e:2d:2a:df:85:25:b7:77:87:ba:
75:07:ac:07:01:30:82:99:20:b0:1d:ff:27:7b:5b:17:4d:ca:
09:e9:5c:17:57:d5:24:22:25:88:5e:bb:85:74:93:be:1f:7d:
e8:d8:78:49:5f:1a:59:28:26:16:9d:5b:ba:ac:5d:d7:ad:25:
db:ea:80:6c:12:ae:ea:12:fc:02:ac:9f:ba:ce:cf:36:03:76:
94:47:87:d9:bf:f9:d1:f6:15:95:2e:e9:9f:8e:e0:9a:40:43:
d1:ee:13:4b:53:46:af:76:48:56:a8:5d:d5:4b:fb:dd:61:0c:
4b:d5:5b:25:b6:13:21:1a:66:35:89:a6:74:78:f2:0d:96:cb:
5d:db:ed:e1:c1:fb:d6:71:2a:3f:2e:74:86:95:65:47:5b:37:
16:1a:d7:ec:4d:66:e2:eb:9b:e1:63:e9:be:fa:54:1c:a0:fe:
0d:33:47:ce:af:86:a6:6d:40:d7:a8:56:14:88:aa:5f:fa:2c:
15:8e:33:cb:1e:1e:4a:45:6e:fe:c8:02:e7:94:19:c6:60:d2:
d3:c6:e9:62:8b:c8:b2:b8:5f:de:33:9a:b2:d2:97:e3:31:63:
c0:39:59:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2UMVI4cVy9h+atHy79HKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBmZGQ4MmEwZmRmM2I3MGJlMTgyMjFlZWJhNjBkODAx
ZWQ3YmYwHhcNMjUwMTAyMTE0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMwYjc4ZDkxMTIxMDlmYzE2NTg0NjQ0MjkzZWRjOWI2NGRkZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a8jpnbE30pIVNS1k+BdFlQ6GJ2p
QQonIRl1nAC6RNFPyPY3Jtr6RVxPz6IuoOpW8OVkOKpUtPMxy/WmYcN92JrzBWWk
WJ0c9g9I4Ouc/cELnXWsyWK+XlyuAxu4m1DIYFUZTowxSPkPd7HhPhsLfjAYEt51
m4Sk3SNfjmE/eFKcnoRSxTuqdjqZ7j1wl7pTnKe0ylWCKnlmhQ5PIx/SfOzJnFHQ
G+r1SrYdjO49kmLWULkkVJgWOdRChaErAvddM0AlEop9nsVmFCc2phBFU6PGPNK2
87gHmksJP133bt8G1+wXJ+UCX5jWCIWf+uzLiIMkFglteu4kErFQ9b+nnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIjAt42REhCfwWWEZEKT7cm2Td3JMB8GA1UdIwQY
MBaAFM9A/dgqD987cL4YIh7rpg2AHte/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2It
YTI5Y2U3ZGExMGZkLzEvaU1DM2paRVNFSl9CWllSa1FwUHR5YlpOM2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83OTI3MzctNmEwMi00MjRiLTgyY2ItYTI5Y2U3ZGExMGZk
LzEvejBEOTJDb1AzenR3dmhnaUh1dW1EWUFlMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuTOGMA8E
AgACMAkDBwAgARVIAgYwDQYJKoZIhvcNAQELBQADggEBAAeUhBzXc1oEcpEdxmzH
g+FsrAtEQEXb0U9bPi0q34Ult3eHunUHrAcBMIKZILAd/yd7WxdNygnpXBdX1SQi
JYheu4V0k74ffejYeElfGlkoJhadW7qsXdetJdvqgGwSruoS/AKsn7rOzzYDdpRH
h9m/+dH2FZUu6Z+O4JpAQ9HuE0tTRq92SFaoXdVL+91hDEvVWyW2EyEaZjWJpnR4
8g2Wy13b7eHB+9ZxKj8udIaVZUdbNxYa1+xNZuLrm+Fj6b76VByg/g0zR86vhqZt
QNeoVhSIql/6LBWOM8seHkpFbv7IAueUGcZg0tPG6WKLyLK4X94zmrLSl+MxY8A5
WRo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:22:33 2025 by rpki-client