Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/LD62e0g5rnk8pWML0IZZAEqrVuc.roa
File: LD62e0g5rnk8pWML0IZZAEqrVuc.roa (raw, json)
Hash identifier: FLY1871wd/WxJg9B3RvO7ls83aw1PP+IZJs0xS289kc=
Subject key identifier: 2C:3E:B6:7B:48:39:AE:79:3C:A5:63:0B:D0:86:59:00:4A:AB:56:E7
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194222007B44F6AC9ED85DE919565B96CEF
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/LD62e0g5rnk8pWML0IZZAEqrVuc.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215826
IP address blocks: 185.100.157.0/24 maxlen: 24
185.177.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 18:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:07:b4:4f:6a:c9:ed:85:de:91:95:65:b9:6c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c3eb67b4839ae793ca5630bd08659004aab56e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1e:2f:bb:c4:14:81:6c:a8:b5:3c:6c:6d:4c:
c0:d9:3f:83:51:43:a9:71:ce:95:4f:bb:f0:07:d5:
5a:91:b4:40:93:cf:7a:57:e6:31:57:4a:79:9c:c4:
c3:38:ba:7c:54:1e:8f:7d:af:23:a1:1e:e0:f9:b7:
c4:0f:fa:79:55:0e:35:6b:4a:41:43:59:d6:f8:de:
f2:cd:cf:74:d7:af:cc:94:07:47:19:28:42:ed:24:
d2:0b:08:6c:ce:dd:63:f0:d1:5d:54:ce:ef:d1:83:
b1:ac:b9:85:16:25:1b:83:30:b2:07:7f:1a:13:94:
72:29:8f:d5:59:f1:d8:99:3b:10:e7:ab:57:f5:fc:
e5:d9:45:62:81:2d:54:37:0b:00:24:11:5f:31:9e:
45:5b:19:89:d5:a8:f7:01:4b:3c:05:43:2b:76:54:
38:56:0f:12:a6:7e:3c:e4:0e:0f:6b:3c:fd:ab:32:
36:c0:da:7a:0e:c4:e7:48:f4:2f:75:0b:6e:8e:d7:
58:8c:c6:91:97:c7:a1:5b:a5:fe:e4:35:07:2d:cc:
38:5c:62:f7:a4:c5:cf:2b:62:48:56:1f:c6:e8:1d:
ed:ec:31:d5:84:87:29:e5:28:3e:98:fd:8e:e0:f4:
53:44:5d:7a:ac:f2:5d:fc:92:da:05:4b:8a:80:b8:
9d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3E:B6:7B:48:39:AE:79:3C:A5:63:0B:D0:86:59:00:4A:AB:56:E7
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/LD62e0g5rnk8pWML0IZZAEqrVuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.157.0/24
185.177.239.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ba:44:8f:0c:50:b1:9d:7b:30:99:ae:b3:e0:d5:61:20:03:
04:52:dd:37:b4:f1:55:23:1e:51:12:e7:f1:47:9f:c7:b1:90:
70:02:a9:9e:af:53:b1:f2:d8:c7:4b:40:d6:11:1a:9d:b9:b3:
cf:cf:3d:4a:6a:95:b7:9b:5d:a0:19:0a:b3:92:5a:7b:37:9c:
d0:c0:46:dc:dc:55:53:c4:68:51:50:2e:8c:0f:61:38:cb:58:
99:16:8a:6a:97:e3:7b:03:12:29:01:0d:99:93:f4:be:17:64:
48:15:fb:23:80:58:ee:c7:f4:2e:0f:ff:1f:0f:df:39:2c:30:
a7:03:04:81:f8:83:d4:60:05:b1:c1:00:62:70:61:f8:e6:c5:
94:01:fa:73:60:db:35:d4:25:f8:f9:5d:96:37:ff:75:00:6d:
d6:fd:62:6a:bc:89:a1:2f:e6:b6:b6:36:00:44:36:15:13:83:
d2:54:94:ec:5f:dd:ec:49:47:b9:f5:1e:05:14:64:41:66:11:
9e:56:48:89:68:b3:bb:de:f8:7a:ac:d6:db:b9:5d:02:cf:5a:
98:18:4e:44:76:2a:6a:d8:dc:6f:39:0e:86:80:87:b0:d2:a0:
67:e4:4f:98:0f:ec:43:39:4b:f1:57:af:81:d3:82:23:f3:49:
f3:72:9d:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiIAe0T2rJ7YXekZVluWzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzNlYjY3YjQ4MzlhZTc5M2NhNTYzMGJkMDg2NTkwMDRhYWI1NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+R4vu8QUgWyotTxsbUzA2T+DUUOp
cc6VT7vwB9VakbRAk896V+YxV0p5nMTDOLp8VB6Pfa8joR7g+bfED/p5VQ41a0pB
Q1nW+N7yzc9016/MlAdHGShC7STSCwhszt1j8NFdVM7v0YOxrLmFFiUbgzCyB38a
E5RyKY/VWfHYmTsQ56tX9fzl2UVigS1UNwsAJBFfMZ5FWxmJ1aj3AUs8BUMrdlQ4
Vg8Spn485A4Pazz9qzI2wNp6DsTnSPQvdQtujtdYjMaRl8ehW6X+5DUHLcw4XGL3
pMXPK2JIVh/G6B3t7DHVhIcp5Sg+mP2O4PRTRF16rPJd/JLaBUuKgLidkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCw+tntIOa55PKVjC9CGWQBKq1bnMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvTEQ2MmUwZzVybms4cFdNTDBJWlpBRXFyVnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWSdAwQA
ubHvMA0GCSqGSIb3DQEBCwUAA4IBAQAUukSPDFCxnXswma6z4NVhIAMEUt03tPFV
Ix5REufxR5/HsZBwAqmer1Ox8tjHS0DWERqdubPPzz1KapW3m12gGQqzklp7N5zQ
wEbc3FVTxGhRUC6MD2E4y1iZFopql+N7AxIpAQ2Zk/S+F2RIFfsjgFjux/QuD/8f
D985LDCnAwSB+IPUYAWxwQBicGH45sWUAfpzYNs11CX4+V2WN/91AG3W/WJqvImh
L+a2tjYARDYVE4PSVJTsX93sSUe59R4FFGRBZhGeVkiJaLO73vh6rNbbuV0Cz1qY
GE5Edipq2NxvOQ6GgIew0qBn5E+YD+xDOUvxV6+B04Ij80nzcp3i
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:34:45 2025 by rpki-client