Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/grTXuofPixn6xRm0cfAo_IU0-vw.roa
File: grTXuofPixn6xRm0cfAo_IU0-vw.roa (raw, json)
Hash identifier: pEDlXByv8i5l6MBv45d5Zz8GtQAK/sVMSFR6YB3YvYs=
Subject key identifier: 82:B4:D7:BA:87:CF:8B:19:FA:C5:19:B4:71:F0:28:FC:85:34:FA:FC
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 01942521EAA29A129317E9A079B4398CF899
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/grTXuofPixn6xRm0cfAo_IU0-vw.roa
Signing time: Thu 02 Jan 2025 03:49:27 +0000
ROA not before: Thu 02 Jan 2025 03:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60672
IP address blocks: 185.137.220.0/24 maxlen: 24
185.137.222.0/24 maxlen: 24
2a0a:a500::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Feb 2025 15:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ea:a2:9a:12:93:17:e9:a0:79:b4:39:8c:f8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Jan 2 03:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82b4d7ba87cf8b19fac519b471f028fc8534fafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:05:4e:10:33:f3:b7:b9:b6:35:d1:98:8b:
9d:5a:fc:e1:06:06:f0:e0:a9:4b:2a:2f:d5:f7:c8:
ab:34:95:39:c4:ab:6b:c4:03:78:08:7a:f5:08:9d:
1a:1e:73:aa:c5:cf:f0:bb:1c:4b:c7:ec:01:a0:2e:
40:8f:bf:1d:2d:e9:56:29:78:79:17:ea:51:58:17:
a8:95:45:49:20:d5:9b:b3:83:a8:92:16:7a:8f:c9:
52:d8:08:72:28:33:22:c8:bc:9e:e4:dc:a7:c7:dd:
20:45:d9:b2:65:09:86:12:7c:b5:ca:80:b8:75:57:
20:88:65:48:82:d0:28:a4:e4:3d:6a:8b:5f:25:a0:
3f:69:59:7f:a5:e0:69:f0:5d:24:6b:d4:c1:5b:e1:
0f:be:5a:3e:e6:30:f3:bb:0d:29:2d:cc:d7:6e:32:
e1:05:44:c2:5b:a3:be:59:a9:8a:08:04:cf:f1:40:
a1:2c:03:28:74:1b:9e:46:07:e4:98:67:18:e1:2b:
39:c1:46:8f:78:fe:65:30:99:a4:e9:6a:31:5e:b9:
7d:5e:7d:49:db:b1:21:ea:ae:a0:32:f5:9d:92:3b:
c8:00:51:e0:29:08:61:b0:59:cf:cf:32:dd:74:99:
17:6d:5d:1d:3b:11:c7:ae:74:8b:3a:84:68:e8:de:
f5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B4:D7:BA:87:CF:8B:19:FA:C5:19:B4:71:F0:28:FC:85:34:FA:FC
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/grTXuofPixn6xRm0cfAo_IU0-vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.220.0/24
185.137.222.0/24
IPv6:
2a0a:a500::/48
Signature Algorithm: sha256WithRSAEncryption
a3:9e:45:51:3b:5d:48:0f:7e:90:a9:cb:09:44:da:7b:0a:2d:
e4:01:4d:01:92:26:f8:8c:b6:2f:c5:bc:f5:ee:e0:37:c6:da:
6c:1a:fe:73:9a:41:01:79:db:62:fe:63:af:d2:0e:c7:98:5f:
c2:0e:18:69:c8:e0:d3:cd:1f:63:f5:69:4d:cb:ca:74:0b:23:
20:3a:c3:c2:09:a0:06:60:31:c7:42:5b:ef:b3:36:b3:44:6b:
9e:c1:ef:b8:af:c6:d0:66:58:84:9f:ff:37:2c:88:02:0d:b3:
f7:bb:ff:f7:34:3b:ac:9b:b2:a1:9c:88:1f:87:f4:48:81:fe:
3a:a0:71:52:e8:13:8a:0a:c4:a9:56:96:9a:06:c5:87:dd:ac:
ed:40:4c:a2:7e:66:37:a0:18:87:a0:68:da:fd:99:b7:b7:c8:
a2:97:1a:44:e4:7b:d3:09:fc:7e:e5:9a:7d:a6:58:2b:48:12:
8e:2f:8e:2d:be:f5:63:62:1f:4e:ed:e7:8c:d6:88:cf:48:e0:
6c:7a:5a:42:8c:dc:53:d1:62:8e:ac:6e:39:71:32:e5:42:6e:
30:98:42:d8:a4:a9:b0:8c:6e:8c:e4:f5:ca:cc:e5:fe:f4:44:
f1:15:4b:9d:62:5e:15:f7:61:9b:3f:ec:fc:99:97:c5:9c:5f:
d4:03:02:bc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIeqimhKTF+mgebQ5jPiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjUwMTAyMDM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI0ZDdiYTg3Y2Y4YjE5ZmFjNTE5YjQ3MWYwMjhmYzg1MzRmYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT8FThAz87e5tjXRmIudWvzhBgbw
4KlLKi/V98irNJU5xKtrxAN4CHr1CJ0aHnOqxc/wuxxLx+wBoC5Aj78dLelWKXh5
F+pRWBeolUVJINWbs4OokhZ6j8lS2AhyKDMiyLye5Nynx90gRdmyZQmGEny1yoC4
dVcgiGVIgtAopOQ9aotfJaA/aVl/peBp8F0ka9TBW+EPvlo+5jDzuw0pLczXbjLh
BUTCW6O+WamKCATP8UChLAModBueRgfkmGcY4Ss5wUaPeP5lMJmk6WoxXrl9Xn1J
27Eh6q6gMvWdkjvIAFHgKQhhsFnPzzLddJkXbV0dOxHHrnSLOoRo6N71JwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIK017qHz4sZ+sUZtHHwKPyFNPr8MB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvZ3JUWHVvZlBpeG42eFJtMGNmQW9fSVUwLXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuYncAwQA
uYneMA8EAgACMAkDBwAqCqUAAAAwDQYJKoZIhvcNAQELBQADggEBAKOeRVE7XUgP
fpCpywlE2nsKLeQBTQGSJviMti/FvPXu4DfG2mwa/nOaQQF522L+Y6/SDseYX8IO
GGnI4NPNH2P1aU3LynQLIyA6w8IJoAZgMcdCW++zNrNEa57B77ivxtBmWISf/zcs
iAINs/e7//c0O6ybsqGciB+H9EiB/jqgcVLoE4oKxKlWlpoGxYfdrO1ATKJ+Zjeg
GIegaNr9mbe3yKKXGkTke9MJ/H7lmn2mWCtIEo4vji2+9WNiH07t54zWiM9I4Gx6
WkKM3FPRYo6sbjlxMuVCbjCYQtikqbCMbozk9crM5f70RPEVS51iXhX3YZs/7PyZ
l8WcX9QDArw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:41:42 2025 by rpki-client