Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/38qwOchGJ_A-9FTGlrpJJL-yZxA.roa
File: 38qwOchGJ_A-9FTGlrpJJL-yZxA.roa (raw, json)
Hash identifier: yoh81RGXEUS06sBHWHeNKK9lZEYPXQYPgqR5celg/x8=
Subject key identifier: DF:CA:B0:39:C8:46:27:F0:3E:F4:54:C6:96:BA:49:24:BF:B2:67:10
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 01942445181B0504B215DF0C63375AA63FB8
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/38qwOchGJ_A-9FTGlrpJJL-yZxA.roa
Signing time: Wed 01 Jan 2025 23:48:15 +0000
ROA not before: Wed 01 Jan 2025 23:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57536
IP address blocks: 185.107.65.0/24 maxlen: 24
212.7.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 09:04:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:18:1b:05:04:b2:15:df:0c:63:37:5a:a6:3f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Jan 1 23:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfcab039c84627f03ef454c696ba4924bfb26710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:70:8e:3a:3f:8f:69:a5:10:2b:13:82:02:
5a:2f:ed:0b:3e:e6:f6:79:0f:c8:7f:8a:9a:20:e4:
cf:5d:66:37:92:22:7a:41:99:2c:7d:5e:de:f8:f1:
65:5e:1e:6f:82:cf:64:43:1b:10:a5:0f:f4:bb:18:
44:23:95:0b:2f:fe:ad:f8:08:74:19:f4:89:fc:5c:
35:7e:09:12:69:84:09:bb:3e:c9:75:7a:d3:fa:cb:
ce:66:03:c5:e6:f1:fb:d2:89:98:52:77:91:3b:3f:
6f:d2:65:02:3a:99:48:97:f1:ec:0b:d5:40:55:67:
1a:f9:1c:c8:93:62:b2:c0:fa:6d:b4:a2:fc:e9:5d:
3a:c6:e2:b2:28:9a:94:f9:d5:b1:9c:e3:7e:b5:c6:
94:9d:8c:b5:d8:19:a0:cc:c1:63:e4:84:72:10:90:
a4:53:58:80:79:fb:49:4c:e0:45:44:8e:13:85:84:
43:d6:ba:65:bb:a2:ba:35:65:4e:db:9a:2e:77:30:
3c:1e:d8:5e:6f:54:e2:6f:39:d4:89:2b:54:66:3d:
97:ea:55:7c:a4:53:94:62:23:bd:78:eb:39:e3:52:
4b:66:6a:6c:d7:99:1c:43:18:8f:95:82:e6:78:9e:
f0:c0:2e:71:d2:3c:bb:c3:a7:e5:e5:04:63:5b:60:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CA:B0:39:C8:46:27:F0:3E:F4:54:C6:96:BA:49:24:BF:B2:67:10
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/38qwOchGJ_A-9FTGlrpJJL-yZxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.65.0/24
212.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
14:71:b5:1e:e1:31:1f:3b:64:e5:b7:54:e8:dc:68:da:2a:f5:
fa:2c:23:fc:f0:8d:bf:91:54:30:1c:84:16:07:60:f3:f2:61:
59:f0:55:b2:f8:8a:de:03:b2:cd:a1:14:b5:49:b5:57:c6:28:
dc:c0:20:2a:64:b4:b6:82:59:90:0d:de:c6:eb:27:25:29:55:
09:e0:13:77:d2:88:01:23:9b:36:fc:36:5e:c3:6f:3e:84:12:
e2:58:63:81:7f:09:e6:68:44:bb:41:28:60:80:9b:cd:f4:ed:
bc:9d:e7:23:f8:eb:b1:c2:8f:1b:a8:08:f4:15:9b:9b:f7:b1:
8d:f9:66:59:f9:c3:9a:e8:8f:ac:73:4d:3e:05:b7:f5:55:53:
7e:a1:5e:e2:e4:c6:55:31:db:ec:45:8a:2d:1e:d1:11:31:87:
aa:b2:b9:6f:24:ff:5d:33:a0:ae:c2:10:9c:91:3a:57:3c:e2:
13:22:09:4d:cd:ed:e3:95:ab:59:92:4d:98:78:12:ec:50:f0:
d1:fd:a7:5d:f8:bd:d5:4e:8d:a6:0a:53:68:72:b5:d4:f6:9c:
13:d0:cc:76:6b:8a:37:14:c0:f5:dc:85:3b:c8:c8:f6:56:0b:
01:16:b2:95:55:96:a5:7f:0f:89:ae:56:b5:94:aa:6d:de:0b:
7f:93:f6:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRRgbBQSyFd8MYzdapj+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjUwMTAxMjM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmNhYjAzOWM4NDYyN2YwM2VmNDU0YzY5NmJhNDkyNGJmYjI2NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6Rwjjo/j2mlECsTggJaL+0LPub2
eQ/If4qaIOTPXWY3kiJ6QZksfV7e+PFlXh5vgs9kQxsQpQ/0uxhEI5ULL/6t+Ah0
GfSJ/Fw1fgkSaYQJuz7JdXrT+svOZgPF5vH70omYUneROz9v0mUCOplIl/HsC9VA
VWca+RzIk2KywPpttKL86V06xuKyKJqU+dWxnON+tcaUnYy12BmgzMFj5IRyEJCk
U1iAeftJTOBFRI4ThYRD1rplu6K6NWVO25oudzA8Htheb1TibznUiStUZj2X6lV8
pFOUYiO9eOs541JLZmps15kcQxiPlYLmeJ7wwC5x0jy7w6fl5QRjW2CE5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/KsDnIRifwPvRUxpa6SSS/smcQMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvMzhxd09jaEdKX0EtOUZUR2xycEpKTC15WnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWtBAwQA
1AfUMA0GCSqGSIb3DQEBCwUAA4IBAQAUcbUe4TEfO2Tlt1To3GjaKvX6LCP88I2/
kVQwHIQWB2Dz8mFZ8FWy+IreA7LNoRS1SbVXxijcwCAqZLS2glmQDd7G6yclKVUJ
4BN30ogBI5s2/DZew28+hBLiWGOBfwnmaES7QShggJvN9O28necj+Ouxwo8bqAj0
FZub97GN+WZZ+cOa6I+sc00+Bbf1VVN+oV7i5MZVMdvsRYotHtERMYeqsrlvJP9d
M6CuwhCckTpXPOITIglNze3jlatZkk2YeBLsUPDR/add+L3VTo2mClNocrXU9pwT
0Mx2a4o3FMD13IU7yMj2VgsBFrKVVZalfw+Jrla1lKpt3gt/k/aG
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:43:36 2025 by rpki-client