Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/131a77-c8c8-4bb7-9aee-5a665655eb57/1/4wYF0nJtcOM-MDac4yNSNU2lwPk.roa
File: 4wYF0nJtcOM-MDac4yNSNU2lwPk.roa (raw, json)
Hash identifier: oZcHkfJY1isiF8xYx2BR54/M7ZCiyV9KhcltJsEhoZw=
Subject key identifier: E3:06:05:D2:72:6D:70:E3:3E:30:36:9C:E3:23:52:35:4D:A5:C0:F9
Certificate issuer: /CN=e8964e4e8ffe31f692f71318c2b7282028d0f3a4
Certificate serial: 018CC4247369365985371CD38F9A982FE083
Authority key identifier: E8:96:4E:4E:8F:FE:31:F6:92:F7:13:18:C2:B7:28:20:28:D0:F3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6JZOTo_-MfaS9xMYwrcoICjQ86Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/131a77-c8c8-4bb7-9aee-5a665655eb57/1/4wYF0nJtcOM-MDac4yNSNU2lwPk.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211510
IP address blocks: 185.251.12.0/24 maxlen: 24
2a10:a740::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:73:69:36:59:85:37:1c:d3:8f:9a:98:2f:e0:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8964e4e8ffe31f692f71318c2b7282028d0f3a4
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e30605d2726d70e33e30369ce32352354da5c0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:90:57:09:76:58:ff:aa:dd:ff:91:5b:5c:86:
d9:92:9e:9c:a6:16:a1:02:f6:3d:d1:8e:43:39:1f:
18:89:8f:80:b0:ad:61:bd:d9:cd:2a:6e:01:b9:a0:
3a:b0:48:36:3a:a9:99:b3:c7:c9:74:23:cf:0b:3a:
ca:02:d1:ea:bc:e9:46:88:13:e5:20:31:d9:e3:15:
d1:f2:29:1d:d4:40:ef:d1:fb:06:b5:14:b7:54:89:
03:a0:3d:73:2e:95:50:f2:3b:cb:9b:b5:a3:8e:6c:
1c:1e:30:89:8d:10:17:e8:73:7d:a4:a4:ec:75:e2:
ee:6e:5f:8b:ac:1f:cb:79:46:40:be:14:d5:94:4b:
22:77:f6:fb:ec:9c:e4:c7:b0:04:58:da:78:dc:9b:
bb:9a:54:da:5e:cf:ae:09:25:f0:12:02:00:b7:1e:
2c:a1:4f:8f:3e:ba:f0:65:c1:58:71:d3:0b:08:66:
be:ee:7c:08:80:1c:0a:f2:18:3e:70:97:f0:cd:f2:
84:9f:05:69:0a:20:be:c8:91:15:98:4b:36:2c:53:
d7:49:b9:d1:b2:a4:bc:e0:ca:4e:64:67:c3:b9:64:
df:2a:87:8e:ab:f6:5c:e0:f1:5d:d7:e4:0a:aa:ab:
2e:c6:74:db:0d:7f:d7:6b:18:38:61:54:fc:30:ae:
54:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:06:05:D2:72:6D:70:E3:3E:30:36:9C:E3:23:52:35:4D:A5:C0:F9
X509v3 Authority Key Identifier:
keyid:E8:96:4E:4E:8F:FE:31:F6:92:F7:13:18:C2:B7:28:20:28:D0:F3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6JZOTo_-MfaS9xMYwrcoICjQ86Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/131a77-c8c8-4bb7-9aee-5a665655eb57/1/4wYF0nJtcOM-MDac4yNSNU2lwPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/131a77-c8c8-4bb7-9aee-5a665655eb57/1/6JZOTo_-MfaS9xMYwrcoICjQ86Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.12.0/24
IPv6:
2a10:a740::/29
Signature Algorithm: sha256WithRSAEncryption
0d:b9:03:b5:13:aa:e3:16:7d:75:58:51:a2:57:7b:6d:79:01:
fd:ad:03:26:f8:a9:0a:a5:db:3a:68:98:b1:29:ac:2e:9d:c3:
6c:80:93:48:da:db:e7:47:24:fa:96:25:dc:4a:3a:b7:8b:83:
07:f8:fb:c2:df:21:81:30:f7:65:84:ff:70:6a:b4:8b:f1:86:
87:f6:a4:67:c9:e6:a7:21:2b:ce:81:4d:04:c9:85:d1:e3:82:
55:c4:78:55:5c:0b:1f:56:3f:eb:87:89:fd:37:02:da:c3:f6:
4f:90:fb:74:38:1b:22:08:49:4a:f8:a8:f5:45:08:34:d5:b0:
2e:c4:0d:5e:8d:ea:f4:71:be:e7:ed:aa:5e:53:58:aa:ae:4d:
25:85:2b:75:d2:d5:e5:84:14:1e:45:ef:03:41:f2:a8:cc:33:
bd:38:e5:d0:53:02:64:7f:a2:15:a1:72:48:67:55:3b:0d:d3:
56:7d:00:98:90:11:e6:f8:ec:5b:7d:95:f1:75:38:11:49:a2:
c6:98:cc:11:98:52:e5:b3:91:08:c4:e7:7d:08:4b:66:c3:39:
de:5f:55:17:6a:1b:a0:b8:11:a9:ed:77:71:bf:68:73:64:33:
51:97:ca:82:81:2a:10:57:69:e0:ab:0c:5a:4a:92:97:85:dd:
44:21:4a:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJHNpNlmFNxzTj5qYL+CDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4OTY0ZTRlOGZmZTMxZjY5MmY3MTMxOGMyYjcyODIwMjhk
MGYzYTQwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzA2MDVkMjcyNmQ3MGUzM2UzMDM2OWNlMzIzNTIzNTRkYTVjMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65BXCXZY/6rd/5FbXIbZkp6cphah
AvY90Y5DOR8YiY+AsK1hvdnNKm4BuaA6sEg2OqmZs8fJdCPPCzrKAtHqvOlGiBPl
IDHZ4xXR8ikd1EDv0fsGtRS3VIkDoD1zLpVQ8jvLm7WjjmwcHjCJjRAX6HN9pKTs
deLubl+LrB/LeUZAvhTVlEsid/b77Jzkx7AEWNp43Ju7mlTaXs+uCSXwEgIAtx4s
oU+PPrrwZcFYcdMLCGa+7nwIgBwK8hg+cJfwzfKEnwVpCiC+yJEVmEs2LFPXSbnR
sqS84MpOZGfDuWTfKoeOq/Zc4PFd1+QKqqsuxnTbDX/Xaxg4YVT8MK5UEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOMGBdJybXDjPjA2nOMjUjVNpcD5MB8GA1UdIwQY
MBaAFOiWTk6P/jH2kvcTGMK3KCAo0POkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkpaT1RvXy1NZmFTOXhNWXdyY29JQ2pRODZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8xMzFhNzctYzhjOC00YmI3LTlhZWUt
NWE2NjU2NTVlYjU3LzEvNHdZRjBuSnRjT00tTURhYzR5TlNOVTJsd1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8xMzFhNzctYzhjOC00YmI3LTlhZWUtNWE2NjU2NTVlYjU3
LzEvNkpaT1RvXy1NZmFTOXhNWXdyY29JQ2pRODZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufsMMA0E
AgACMAcDBQMqEKdAMA0GCSqGSIb3DQEBCwUAA4IBAQANuQO1E6rjFn11WFGiV3tt
eQH9rQMm+KkKpds6aJixKawuncNsgJNI2tvnRyT6liXcSjq3i4MH+PvC3yGBMPdl
hP9warSL8YaH9qRnyeanISvOgU0EyYXR44JVxHhVXAsfVj/rh4n9NwLaw/ZPkPt0
OBsiCElK+Kj1RQg01bAuxA1ejer0cb7n7apeU1iqrk0lhSt10tXlhBQeRe8DQfKo
zDO9OOXQUwJkf6IVoXJIZ1U7DdNWfQCYkBHm+OxbfZXxdTgRSaLGmMwRmFLls5EI
xOd9CEtmwzneX1UXahuguBGp7Xdxv2hzZDNRl8qCgSoQV2ngqwxaSpKXhd1EIUqW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:43 2025 by rpki-client