Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/f-aK3lfa-UR4nytxi7y8u4V1Oh4.roa
File: f-aK3lfa-UR4nytxi7y8u4V1Oh4.roa (raw, json)
Hash identifier: Uo01SR0rkQjHhmn1cbPkD2ri+4fn/LW6PhKJ7bRZtEY=
Subject key identifier: 7F:E6:8A:DE:57:DA:F9:44:78:9F:2B:71:8B:BC:BC:BB:85:75:3A:1E
Certificate issuer: /CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Certificate serial: 018F1074EA5C07115D623068AA26F8790537
Authority key identifier: 0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/f-aK3lfa-UR4nytxi7y8u4V1Oh4.roa
Signing time: Wed 24 Apr 2024 14:14:08 +0000
ROA not before: Wed 24 Apr 2024 14:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.97.224.0/24 maxlen: 24
185.97.225.0/24 maxlen: 24
185.97.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:74:ea:5c:07:11:5d:62:30:68:aa:26:f8:79:05:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Validity
Not Before: Apr 24 14:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fe68ade57daf944789f2b718bbcbcbb85753a1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bc:5e:e6:60:18:15:d8:b0:37:26:d8:24:67:
61:8f:09:3b:19:2f:b2:29:e4:5b:a8:45:54:1f:6f:
13:c1:7b:8f:3b:92:e7:40:e4:f7:cf:d1:18:e7:cf:
88:2f:18:03:09:24:e7:b2:42:66:37:b2:6c:29:65:
d5:c0:33:d0:13:29:d5:db:aa:5a:de:3d:55:70:3d:
88:84:1f:4a:80:65:53:6d:64:19:32:95:17:bc:c2:
1e:6f:30:4e:3c:24:8c:06:9c:13:42:dd:e7:c3:25:
5d:d7:84:5d:90:d2:88:b4:59:9d:33:0e:d1:98:29:
83:23:8c:e4:aa:af:57:d5:5d:ad:f5:27:53:be:fa:
0d:83:6c:85:37:a8:d0:8d:ed:96:6f:e8:6a:a8:93:
1b:0d:f0:26:7f:b5:56:1b:42:06:ea:08:78:40:79:
e3:fe:1c:91:32:9f:71:2a:69:c4:68:59:31:92:75:
6e:e8:de:37:ea:ce:8f:72:45:a7:5e:d9:cc:21:a0:
0a:17:a0:ac:5f:fc:ff:35:9f:f8:7b:3f:d6:49:d8:
f8:5d:e4:76:1a:e5:e2:75:ca:91:6c:6b:25:30:52:
33:3a:68:03:ca:64:12:f1:b6:53:e0:23:49:db:cf:
a0:ca:76:1f:11:9f:b4:b1:6b:60:ae:10:60:0c:cb:
f0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E6:8A:DE:57:DA:F9:44:78:9F:2B:71:8B:BC:BC:BB:85:75:3A:1E
X509v3 Authority Key Identifier:
keyid:0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/f-aK3lfa-UR4nytxi7y8u4V1Oh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/DZMC1UbgaML9dnfZ1SAK3TbIvNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.224.0-185.97.226.255
Signature Algorithm: sha256WithRSAEncryption
3c:bc:f5:ec:32:83:d3:c5:7a:77:e8:2a:09:10:dd:88:9a:07:
55:fb:11:e9:e2:4f:23:32:80:82:89:fa:c1:ca:a6:e0:fa:22:
04:84:ff:0a:6c:e0:3d:b7:9c:f9:52:33:dd:02:2f:d7:d6:a3:
6c:bf:82:bc:d1:cd:dd:d2:90:bf:55:77:a7:86:48:16:d8:b5:
c1:4c:16:32:ea:b6:d5:bb:94:3f:76:8b:17:e2:e5:c9:c6:5c:
48:0f:0e:90:33:8a:9f:ff:2e:fb:f3:2f:17:c5:b1:0e:b2:21:
a4:05:4d:88:28:7f:ce:ae:f7:02:ee:70:99:fb:0c:ab:0e:b1:
7e:d9:ea:8c:9c:a6:cf:f4:91:b6:87:e8:9d:9d:ba:00:14:a0:
3b:f4:8c:93:06:e0:9b:12:21:20:32:d8:89:6a:ab:97:43:f4:
36:83:b0:c8:ee:63:d8:2f:2a:90:cf:75:fb:5b:26:32:80:17:
1c:74:b4:76:92:7c:5a:84:9e:92:bc:b6:1d:3e:26:af:4d:e0:
70:20:53:39:4b:91:c6:f5:23:2c:c9:c6:55:c5:78:9f:96:bb:
51:dd:f5:17:65:53:66:eb:b1:3c:52:b8:5e:3b:38:db:bd:6e:
74:6f:68:40:21:db:b0:3b:02:05:e8:32:1e:51:d4:fd:30:0a:
9f:6d:f2:a7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8QdOpcBxFdYjBoqib4eQU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTMwMmQ1NDZlMDY4YzJmZDc2NzdkOWQ1MjAwYWRkMzZj
OGJjZDUwHhcNMjQwNDI0MTQxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmU2OGFkZTU3ZGFmOTQ0Nzg5ZjJiNzE4YmJjYmNiYjg1NzUzYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrxe5mAYFdiwNybYJGdhjwk7GS+y
KeRbqEVUH28TwXuPO5LnQOT3z9EY58+ILxgDCSTnskJmN7JsKWXVwDPQEynV26pa
3j1VcD2IhB9KgGVTbWQZMpUXvMIebzBOPCSMBpwTQt3nwyVd14RdkNKItFmdMw7R
mCmDI4zkqq9X1V2t9SdTvvoNg2yFN6jQje2Wb+hqqJMbDfAmf7VWG0IG6gh4QHnj
/hyRMp9xKmnEaFkxknVu6N436s6PckWnXtnMIaAKF6CsX/z/NZ/4ez/WSdj4XeR2
GuXidcqRbGslMFIzOmgDymQS8bZT4CNJ28+gynYfEZ+0sWtgrhBgDMvwPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH/mit5X2vlEeJ8rcYu8vLuFdToeMB8GA1UdIwQY
MBaAFA2TAtVG4GjC/XZ32dUgCt02yLzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUt
NGJlZjQzZDNmYjE3LzEvZi1hSzNsZmEtVVI0bnl0eGk3eTh1NFYxT2g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUtNGJlZjQzZDNmYjE3
LzEvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW5YeAD
BAC5YeIwDQYJKoZIhvcNAQELBQADggEBADy89ewyg9PFenfoKgkQ3YiaB1X7Eeni
TyMygIKJ+sHKpuD6IgSE/wps4D23nPlSM90CL9fWo2y/grzRzd3SkL9Vd6eGSBbY
tcFMFjLqttW7lD92ixfi5cnGXEgPDpAzip//LvvzLxfFsQ6yIaQFTYgof86u9wLu
cJn7DKsOsX7Z6oycps/0kbaH6J2dugAUoDv0jJMG4JsSISAy2Ilqq5dD9DaDsMju
Y9gvKpDPdftbJjKAFxx0tHaSfFqEnpK8th0+Jq9N4HAgUzlLkcb1IyzJxlXFeJ+W
u1Hd9RdlU2brsTxSuF47ONu9bnRvaEAh27A7AgXoMh5R1P0wCp9t8qc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:08:02 2025 by rpki-client