Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/Fj53jLP9zOpYluf9R4XohXwgsyU.roa
File: Fj53jLP9zOpYluf9R4XohXwgsyU.roa (raw, json)
Hash identifier: r6sld5qeIn6DYJ+s/y0Ngs+xZDKtnV7gkgtbRt0aaa4=
Subject key identifier: 16:3E:77:8C:B3:FD:CC:EA:58:96:E7:FD:47:85:E8:85:7C:20:B3:25
Certificate issuer: /CN=0f9ba06b6d22673f7f7b3d0f889f4720441b6e0c
Certificate serial: 01942746D3993A2D98277AB4E7518D66E4B5
Authority key identifier: 0F:9B:A0:6B:6D:22:67:3F:7F:7B:3D:0F:88:9F:47:20:44:1B:6E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/Fj53jLP9zOpYluf9R4XohXwgsyU.roa
Signing time: Thu 02 Jan 2025 13:49:00 +0000
ROA not before: Thu 02 Jan 2025 13:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200249
IP address blocks: 185.252.140.0/22 maxlen: 22
185.252.140.0/24 maxlen: 24
185.252.143.0/24 maxlen: 24
2a13:7840::/29 maxlen: 29
2a13:7840::/32 maxlen: 32
2a13:7847::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 31 Jan 2025 13:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:d3:99:3a:2d:98:27:7a:b4:e7:51:8d:66:e4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9ba06b6d22673f7f7b3d0f889f4720441b6e0c
Validity
Not Before: Jan 2 13:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=163e778cb3fdccea5896e7fd4785e8857c20b325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9a:f8:83:10:f0:17:89:db:a4:30:3b:d5:82:
8f:68:8c:6b:35:58:9e:67:2d:ae:5e:03:72:8b:2b:
08:71:f7:54:bf:e3:cc:58:ee:fd:98:72:6c:f2:fc:
09:4a:f9:1d:b2:05:b3:dc:c4:8c:d7:c6:8a:6c:a2:
ec:8b:f2:17:ff:0c:a9:ff:06:46:6a:38:61:34:9e:
30:a2:1e:37:d3:22:43:c1:2e:de:bc:a8:b1:ff:60:
ac:24:e1:70:d3:5f:3c:b1:49:4e:b1:60:a6:fb:4e:
b3:fa:5d:b3:91:1f:d9:8a:4e:28:c7:69:dc:2a:1c:
30:b6:f8:6c:b0:28:41:46:f6:83:c6:c1:96:2d:f0:
6a:39:8e:01:ac:9e:43:50:e5:d8:77:0e:2c:ab:ea:
f8:9a:31:7f:88:a2:fc:b0:af:1a:e9:5f:a9:fe:42:
2a:29:75:1b:82:ba:a8:22:44:8e:ab:e3:29:54:a1:
3c:a3:91:2e:f9:90:ef:05:38:b8:d2:4e:42:a6:00:
6f:e5:6c:78:cb:e2:79:65:0f:24:4f:20:ab:fd:f0:
84:a2:0e:1e:a7:e8:1c:c1:89:c3:c8:f0:59:ee:70:
50:e4:d2:47:59:ae:c0:bf:04:e5:f5:e0:9c:db:af:
60:b3:e3:eb:5c:f5:47:5c:8d:fe:b0:fb:86:93:e7:
1d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3E:77:8C:B3:FD:CC:EA:58:96:E7:FD:47:85:E8:85:7C:20:B3:25
X509v3 Authority Key Identifier:
keyid:0F:9B:A0:6B:6D:22:67:3F:7F:7B:3D:0F:88:9F:47:20:44:1B:6E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5uga20iZz9_ez0PiJ9HIEQbbgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/Fj53jLP9zOpYluf9R4XohXwgsyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/37c8ff-187f-4d91-b4d6-136656a3ede7/1/D5uga20iZz9_ez0PiJ9HIEQbbgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.140.0/22
IPv6:
2a13:7840::/29
Signature Algorithm: sha256WithRSAEncryption
9c:af:37:4b:02:7c:68:94:b0:4e:a0:33:63:ed:88:da:4a:b7:
92:7f:a1:c5:95:11:63:78:93:c9:e4:17:6e:01:c4:48:b6:e8:
70:9f:99:30:ad:a2:60:b3:48:4d:7c:a4:46:c9:35:02:59:f3:
66:fc:09:7e:b8:0c:d5:d6:9e:df:51:7d:84:67:16:01:2a:01:
8f:38:51:f8:f0:b1:c0:86:6c:f8:16:e7:00:44:71:ee:d9:b9:
f9:b6:bf:c0:f6:94:9b:a9:26:5f:3b:6d:89:f9:1c:d4:91:c1:
bf:83:e1:ff:ed:d9:7e:cb:7a:9c:00:bf:7a:d4:11:77:b6:85:
c3:fd:43:3c:56:f0:76:2c:83:ed:fc:3b:fe:29:95:cf:5e:64:
de:71:fb:d0:e3:6a:25:2d:7b:57:55:7a:16:39:7e:cf:e4:1c:
cb:01:2a:0a:ef:18:d7:63:f7:a4:ca:3b:9f:2a:a8:94:23:75:
9d:0b:0a:66:a8:ef:ea:a2:b7:b7:d9:c1:b1:56:ca:61:aa:a4:
c4:0c:35:d2:56:26:fa:28:3d:1c:3c:db:df:fb:5a:55:6e:bf:
17:1b:ce:aa:d5:9c:7b:38:20:65:d3:9b:7a:18:c5:6f:58:c0:
d7:77:93:d9:d1:a0:bc:b1:5f:82:dd:64:7e:70:68:1b:a5:40:
9d:b1:9c:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnRtOZOi2YJ3q051GNZuS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWJhMDZiNmQyMjY3M2Y3ZjdiM2QwZjg4OWY0NzIwNDQx
YjZlMGMwHhcNMjUwMTAyMTM0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjNlNzc4Y2IzZmRjY2VhNTg5NmU3ZmQ0Nzg1ZTg4NTdjMjBiMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Zr4gxDwF4nbpDA71YKPaIxrNVie
Zy2uXgNyiysIcfdUv+PMWO79mHJs8vwJSvkdsgWz3MSM18aKbKLsi/IX/wyp/wZG
ajhhNJ4woh430yJDwS7evKix/2CsJOFw0188sUlOsWCm+06z+l2zkR/Zik4ox2nc
KhwwtvhssChBRvaDxsGWLfBqOY4BrJ5DUOXYdw4sq+r4mjF/iKL8sK8a6V+p/kIq
KXUbgrqoIkSOq+MpVKE8o5Eu+ZDvBTi40k5CpgBv5Wx4y+J5ZQ8kTyCr/fCEog4e
p+gcwYnDyPBZ7nBQ5NJHWa7AvwTl9eCc269gs+PrXPVHXI3+sPuGk+cdcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBY+d4yz/czqWJbn/UeF6IV8ILMlMB8GA1UdIwQY
MBaAFA+boGttImc/f3s9D4ifRyBEG24MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV1Z2EyMGlaejlfZXowUGlKOUhJRVFiYmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zN2M4ZmYtMTg3Zi00ZDkxLWI0ZDYt
MTM2NjU2YTNlZGU3LzEvRmo1M2pMUDl6T3BZbHVmOVI0WG9oWHdnc3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zN2M4ZmYtMTg3Zi00ZDkxLWI0ZDYtMTM2NjU2YTNlZGU3
LzEvRDV1Z2EyMGlaejlfZXowUGlKOUhJRVFiYmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufyMMA0E
AgACMAcDBQMqE3hAMA0GCSqGSIb3DQEBCwUAA4IBAQCcrzdLAnxolLBOoDNj7Yja
SreSf6HFlRFjeJPJ5BduAcRItuhwn5kwraJgs0hNfKRGyTUCWfNm/Al+uAzV1p7f
UX2EZxYBKgGPOFH48LHAhmz4FucARHHu2bn5tr/A9pSbqSZfO22J+RzUkcG/g+H/
7dl+y3qcAL961BF3toXD/UM8VvB2LIPt/Dv+KZXPXmTecfvQ42olLXtXVXoWOX7P
5BzLASoK7xjXY/ekyjufKqiUI3WdCwpmqO/qore32cGxVsphqqTEDDXSVib6KD0c
PNvf+1pVbr8XG86q1Zx7OCBl05t6GMVvWMDXd5PZ0aC8sV+C3WR+cGgbpUCdsZzU
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:10:17 2025 by rpki-client