Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/b9A1aS-a9jMKQ_D2AmhYxxBG3D0.roa
File: b9A1aS-a9jMKQ_D2AmhYxxBG3D0.roa (raw, json)
Hash identifier: Xy/Uy06LeGJ7TzbyDZy3UBAdg1u3VsUVIq2EwebEc5g=
Subject key identifier: 6F:D0:35:69:2F:9A:F6:33:0A:43:F0:F6:02:68:58:C7:10:46:DC:3D
Certificate issuer: /CN=7938dfb9eb924079bb706cb616eda572864a9e13
Certificate serial: 0194221FAB56A84692294F11BB7D433E323E
Authority key identifier: 79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/b9A1aS-a9jMKQ_D2AmhYxxBG3D0.roa
Signing time: Wed 01 Jan 2025 13:48:08 +0000
ROA not before: Wed 01 Jan 2025 13:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44400
IP address blocks: 185.51.40.0/24 maxlen: 24
185.51.41.0/24 maxlen: 24
2a04:c140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Mar 2025 09:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ab:56:a8:46:92:29:4f:11:bb:7d:43:3e:32:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7938dfb9eb924079bb706cb616eda572864a9e13
Validity
Not Before: Jan 1 13:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fd035692f9af6330a43f0f6026858c71046dc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:03:ac:4f:4b:66:71:8c:74:20:b4:64:5b:
9d:f7:54:45:38:81:c3:f5:6d:56:1c:73:0f:70:f8:
9c:eb:d2:e9:0a:6a:90:78:1f:2d:a2:fd:eb:ec:f5:
b8:23:31:0e:4f:93:fd:11:8c:d3:a3:b5:88:a9:bd:
34:40:5a:f4:90:c2:08:cb:83:9a:4f:c1:0b:02:ec:
5d:14:7c:f2:de:29:17:d6:e2:f7:46:3b:f5:d8:23:
09:d7:a3:cd:76:1c:97:8d:19:e5:15:2c:dd:0e:73:
50:0f:4e:11:cb:05:13:d8:a2:a3:b4:f3:6c:c9:64:
85:0f:ea:ca:19:1a:30:7f:5f:30:59:72:ae:be:6f:
d8:38:1d:8a:df:50:51:d5:36:90:b9:c5:2f:81:10:
60:16:94:7a:57:a4:b8:eb:98:56:65:5f:d4:93:73:
e3:88:4f:84:b0:d0:f7:ce:80:fd:ad:88:48:7f:de:
b1:d5:44:56:07:09:68:fd:c3:4e:8f:03:fd:34:b0:
38:05:ed:4b:96:24:37:31:cd:8b:76:6f:2d:1f:81:
af:e7:31:a0:46:19:4c:d2:7e:f8:8c:21:80:40:f2:
db:66:ef:fb:09:a0:7d:b9:1e:c4:16:be:99:ec:a6:
1d:0a:cc:e2:2c:f5:3b:a0:cd:a4:87:c0:41:c9:5e:
49:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D0:35:69:2F:9A:F6:33:0A:43:F0:F6:02:68:58:C7:10:46:DC:3D
X509v3 Authority Key Identifier:
keyid:79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/b9A1aS-a9jMKQ_D2AmhYxxBG3D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.40.0/23
IPv6:
2a04:c140::/29
Signature Algorithm: sha256WithRSAEncryption
07:14:67:b1:35:1d:68:32:15:5e:5a:1f:84:9e:7f:8c:45:0c:
f3:0a:bf:74:50:3b:37:9f:a4:b5:78:6c:cc:7c:75:c4:76:6c:
f5:c6:c3:40:ca:d9:83:7c:d8:1e:f7:ba:64:d1:0c:4a:91:a5:
4b:df:cb:c5:c2:f6:29:5d:56:53:b2:63:d0:b3:ed:d6:e3:97:
82:50:eb:ef:44:10:71:0c:2c:2c:cf:de:f6:78:14:5f:9a:df:
85:d3:8e:90:52:f6:32:64:75:f0:8a:84:9e:e5:13:7f:e0:fc:
11:e0:bb:86:47:6d:59:8e:64:00:89:5e:a4:dd:0b:54:2b:24:
ba:6a:59:5c:8f:c3:d0:af:ca:96:51:e9:f6:54:0f:15:43:9e:
db:ce:0f:50:f2:ac:b5:8b:6e:85:a5:25:e6:4a:df:26:c7:d4:
b5:f8:69:aa:e2:32:34:da:56:f5:84:f6:e8:19:49:29:57:6c:
44:8f:75:dc:0c:1f:75:75:13:e6:92:b4:43:83:fa:84:8a:0f:
e5:f6:15:95:1c:0a:85:36:f8:ed:7a:d2:24:71:72:65:e0:9c:
c4:3d:1d:6a:ff:cf:f5:70:90:46:a5:12:02:e0:a9:7b:3c:f5:
36:2f:00:84:14:dd:26:7f:18:d0:19:35:85:a5:f3:35:7d:a6:
d8:83:c1:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH6tWqEaSKU8Ru31DPjI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzhkZmI5ZWI5MjQwNzliYjcwNmNiNjE2ZWRhNTcyODY0
YTllMTMwHhcNMjUwMTAxMTM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQwMzU2OTJmOWFmNjMzMGE0M2YwZjYwMjY4NThjNzEwNDZkYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2cDrE9LZnGMdCC0ZFud91RFOIHD
9W1WHHMPcPic69LpCmqQeB8tov3r7PW4IzEOT5P9EYzTo7WIqb00QFr0kMIIy4Oa
T8ELAuxdFHzy3ikX1uL3Rjv12CMJ16PNdhyXjRnlFSzdDnNQD04RywUT2KKjtPNs
yWSFD+rKGRowf18wWXKuvm/YOB2K31BR1TaQucUvgRBgFpR6V6S465hWZV/Uk3Pj
iE+EsND3zoD9rYhIf96x1URWBwlo/cNOjwP9NLA4Be1LliQ3Mc2Ldm8tH4Gv5zGg
RhlM0n74jCGAQPLbZu/7CaB9uR7EFr6Z7KYdCsziLPU7oM2kh8BByV5JLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/QNWkvmvYzCkPw9gJoWMcQRtw9MB8GA1UdIwQY
MBaAFHk437nrkkB5u3BsthbtpXKGSp4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQt
MDZkYTJiYjA2MDcxLzEvYjlBMWFTLWE5ak1LUV9EMkFtaFl4eEJHM0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQtMDZkYTJiYjA2MDcx
LzEvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTMoMA0E
AgACMAcDBQMqBMFAMA0GCSqGSIb3DQEBCwUAA4IBAQAHFGexNR1oMhVeWh+Enn+M
RQzzCr90UDs3n6S1eGzMfHXEdmz1xsNAytmDfNge97pk0QxKkaVL38vFwvYpXVZT
smPQs+3W45eCUOvvRBBxDCwsz972eBRfmt+F046QUvYyZHXwioSe5RN/4PwR4LuG
R21ZjmQAiV6k3QtUKyS6allcj8PQr8qWUen2VA8VQ57bzg9Q8qy1i26FpSXmSt8m
x9S1+Gmq4jI02lb1hPboGUkpV2xEj3XcDB91dRPmkrRDg/qEig/l9hWVHAqFNvjt
etIkcXJl4JzEPR1q/8/1cJBGpRIC4Kl7PPU2LwCEFN0mfxjQGTWFpfM1fabYg8G8
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:21 2025 by rpki-client