Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/9cwdRxJ99JxTy66TIwGIYe6-Ch8.roa
File: 9cwdRxJ99JxTy66TIwGIYe6-Ch8.roa (raw, json)
Hash identifier: Wy1/fnb98UQWDy8qGK9Ft/bSH+6o4l9znSltYTAQsuw=
Subject key identifier: F5:CC:1D:47:12:7D:F4:9C:53:CB:AE:93:23:01:88:61:EE:BE:0A:1F
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 01942746D2D20FD0ACC26C9BB9724412FC16
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/9cwdRxJ99JxTy66TIwGIYe6-Ch8.roa
Signing time: Thu 02 Jan 2025 13:49:00 +0000
ROA not before: Thu 02 Jan 2025 13:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201653
IP address blocks: 185.73.208.0/24 maxlen: 24
185.73.209.0/24 maxlen: 24
2a00:8dc0:1900::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 20 Jan 2025 13:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:d2:d2:0f:d0:ac:c2:6c:9b:b9:72:44:12:fc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Jan 2 13:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5cc1d47127df49c53cbae9323018861eebe0a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:06:14:f6:ae:f0:e6:00:c7:bf:0e:20:10:b4:
f2:5c:aa:88:56:dc:0f:17:fc:0c:cb:c4:42:6e:36:
46:5b:6f:d6:a0:58:f7:6f:e7:5c:02:38:4d:de:ec:
d4:67:8c:94:c1:13:0e:c3:f0:13:28:8b:8e:87:96:
31:97:ba:43:8e:b5:61:29:43:1b:5c:71:5e:d5:b5:
c4:fc:c7:2c:41:0f:ee:b3:20:ba:a8:4d:c3:d8:79:
93:df:1d:77:7b:bc:91:86:2f:c9:da:c2:71:6e:19:
ca:e4:8a:49:ad:93:64:14:04:37:f3:f9:32:e2:86:
91:6f:3e:83:fd:88:80:68:ba:c6:b8:1a:6c:02:be:
40:bd:0f:3f:c4:13:48:f5:1c:e0:22:a3:00:62:76:
26:53:53:ca:09:8e:80:12:e9:fe:d9:48:77:1c:9a:
ad:0e:78:81:2c:61:32:27:5f:5a:f8:64:6c:c2:2d:
9f:9b:65:f1:4d:33:fa:86:6c:a6:ce:56:b6:2c:0b:
42:15:f7:1e:c7:c5:df:53:95:5c:66:e4:6b:20:2a:
ef:0a:c2:8e:5c:49:2c:35:f0:49:d0:3a:20:c1:f8:
12:88:e3:7f:bb:13:a2:15:a4:4a:e2:4b:3e:70:8b:
67:0d:97:c8:6a:b8:de:b9:3c:fa:76:5e:20:0d:13:
b4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CC:1D:47:12:7D:F4:9C:53:CB:AE:93:23:01:88:61:EE:BE:0A:1F
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/9cwdRxJ99JxTy66TIwGIYe6-Ch8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.208.0/23
IPv6:
2a00:8dc0:1900::/40
Signature Algorithm: sha256WithRSAEncryption
56:b2:bd:b8:b5:c2:67:ac:19:6a:0f:6d:f0:41:fe:6f:76:66:
90:15:29:44:89:e5:d6:67:ff:ad:ca:7b:26:93:6e:06:55:07:
90:03:fd:eb:bd:bf:b6:b9:88:f2:a5:39:71:69:71:50:24:79:
33:79:09:28:cf:d6:aa:04:8c:15:2d:13:69:3b:86:e5:5b:b3:
50:bf:d8:dc:52:0d:df:44:8f:70:c9:14:d5:e9:ec:6b:fa:6d:
c7:e2:94:4a:da:aa:e8:90:99:d3:18:5e:69:83:0a:c8:7d:9a:
59:6a:d4:85:97:6f:55:ac:4e:0b:a0:88:49:e9:5e:24:08:d2:
f0:5d:3f:6c:1e:a2:13:33:8f:df:5d:6b:91:26:4d:bd:22:58:
e0:64:4f:a3:f6:18:67:3f:b9:8f:00:91:20:a1:48:62:d4:c8:
e9:25:fb:6b:94:8d:ae:cb:80:c3:03:1f:f1:91:b0:f6:cf:56:
f1:8d:6d:64:e1:c0:29:a1:b1:db:da:07:0c:9d:b4:5b:92:b3:
3e:b2:29:db:ae:9f:ae:c4:43:ad:96:35:41:27:27:01:7d:cf:
dc:26:8b:44:d5:dd:aa:5b:5b:93:f7:5b:0a:ad:e1:74:58:00:
b8:2a:b9:fe:80:6c:a2:84:db:7d:f1:37:7c:43:ec:3f:27:81:
db:d4:9e:52
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQnRtLSD9CswmybuXJEEvwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjUwMTAyMTM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNjMWQ0NzEyN2RmNDljNTNjYmFlOTMyMzAxODg2MWVlYmUwYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AYU9q7w5gDHvw4gELTyXKqIVtwP
F/wMy8RCbjZGW2/WoFj3b+dcAjhN3uzUZ4yUwRMOw/ATKIuOh5Yxl7pDjrVhKUMb
XHFe1bXE/McsQQ/usyC6qE3D2HmT3x13e7yRhi/J2sJxbhnK5IpJrZNkFAQ38/ky
4oaRbz6D/YiAaLrGuBpsAr5AvQ8/xBNI9RzgIqMAYnYmU1PKCY6AEun+2Uh3HJqt
DniBLGEyJ19a+GRswi2fm2XxTTP6hmymzla2LAtCFfcex8XfU5VcZuRrICrvCsKO
XEksNfBJ0DogwfgSiON/uxOiFaRK4ks+cItnDZfIarjeuTz6dl4gDRO0XQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPXMHUcSffScU8uukyMBiGHuvgofMB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvOWN3ZFJ4Sjk5SnhUeTY2VEl3R0lZZTYtQ2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuUnQMA4E
AgACMAgDBgAqAI3AGTANBgkqhkiG9w0BAQsFAAOCAQEAVrK9uLXCZ6wZag9t8EH+
b3ZmkBUpRInl1mf/rcp7JpNuBlUHkAP9672/trmI8qU5cWlxUCR5M3kJKM/WqgSM
FS0TaTuG5VuzUL/Y3FIN30SPcMkU1ensa/ptx+KUStqq6JCZ0xheaYMKyH2aWWrU
hZdvVaxOC6CISeleJAjS8F0/bB6iEzOP311rkSZNvSJY4GRPo/YYZz+5jwCRIKFI
YtTI6SX7a5SNrsuAwwMf8ZGw9s9W8Y1tZOHAKaGx29oHDJ20W5KzPrIp266frsRD
rZY1QScnAX3P3CaLRNXdqltbk/dbCq3hdFgAuCq5/oBsooTbffE3fEPsPyeB29Se
Ug==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:47:22 2025 by rpki-client