Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/MEaSq7qzsvPxYFefW_5rpR6YcOI.roa
File: MEaSq7qzsvPxYFefW_5rpR6YcOI.roa (raw, json)
Hash identifier: dE3454MgWcstxWm9JTV3P70lF/Suj78coMKIuR/Uln0=
Subject key identifier: 30:46:92:AB:BA:B3:B2:F3:F1:60:57:9F:5B:FE:6B:A5:1E:98:70:E2
Certificate issuer: /CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131
Certificate serial: 019421442B838712B3113A681D43F2146FC5
Authority key identifier: 29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/MEaSq7qzsvPxYFefW_5rpR6YcOI.roa
Signing time: Wed 01 Jan 2025 09:48:23 +0000
ROA not before: Wed 01 Jan 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205940
IP address blocks: 185.201.140.0/23 maxlen: 23
185.201.142.0/24 maxlen: 24
2a0a:c540::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 02 Apr 2025 06:28:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2b:83:87:12:b3:11:3a:68:1d:43:f2:14:6f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131
Validity
Not Before: Jan 1 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=304692abbab3b2f3f160579f5bfe6ba51e9870e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b6:2b:75:a0:a3:e8:d9:39:bf:97:60:83:df:
7b:6f:c8:fe:70:79:d8:4b:c3:ff:02:6d:4f:ad:15:
64:90:f0:f0:3f:8f:85:b5:56:9b:4f:cf:bf:a2:88:
ed:de:ca:2e:a9:3e:e4:bd:15:85:16:f3:cc:73:5a:
e4:9a:c0:90:a5:1e:cb:d1:f8:d6:73:c3:d7:30:12:
c6:ed:cb:4b:c3:f2:4a:f1:2b:09:3e:eb:65:91:6b:
a1:ca:15:72:6f:ac:4b:31:17:79:a2:a4:f2:14:46:
96:86:0c:90:43:51:ee:4f:ab:07:b2:38:46:db:30:
65:d9:9d:9f:0f:1c:f4:1b:45:c7:4c:5f:85:a3:e5:
46:7e:13:14:d2:fc:14:93:1d:44:5d:c5:1d:41:64:
17:9a:de:bf:85:c2:b2:e7:28:36:69:bf:6c:ae:70:
a5:16:31:f6:42:86:93:4b:a8:06:a0:39:96:6e:7f:
7b:57:8c:b7:37:b5:aa:d2:7d:0c:75:1c:a3:90:51:
3d:f0:c4:12:f9:72:0d:83:6f:6a:6a:88:f1:d7:b7:
8d:4d:82:7e:e3:fb:17:aa:64:aa:e3:12:77:fa:55:
72:4f:14:37:5e:76:dc:d9:0b:50:3b:10:fc:08:b8:
8d:2d:b4:f2:13:bd:8e:58:a5:00:66:d8:51:01:f8:
24:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:46:92:AB:BA:B3:B2:F3:F1:60:57:9F:5B:FE:6B:A5:1E:98:70:E2
X509v3 Authority Key Identifier:
keyid:29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/MEaSq7qzsvPxYFefW_5rpR6YcOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.140.0-185.201.142.255
IPv6:
2a0a:c540::/29
Signature Algorithm: sha256WithRSAEncryption
ad:5d:79:06:2a:d2:ed:f6:5e:5f:28:22:06:59:88:08:12:d2:
90:c9:7c:f0:23:6c:56:58:19:3c:3d:07:11:ce:f1:9d:99:d1:
9e:03:8e:5a:cf:53:4e:6f:ae:bd:d5:a5:0f:6e:0e:3a:bf:aa:
d8:c9:66:84:c7:da:d9:40:f1:f5:2b:76:79:33:86:6b:0a:67:
97:82:7c:94:aa:7f:d1:37:4e:30:6f:39:a1:41:b8:38:95:cf:
e4:19:97:ed:45:73:c4:26:eb:69:c3:70:d2:6c:7b:ea:0d:25:
fc:b8:50:20:e5:bd:1c:c1:9e:ee:ae:b1:93:1c:d6:c2:47:b1:
2f:2d:88:37:8c:64:c3:02:ab:30:fe:37:d4:a5:34:b2:eb:b5:
3e:46:7b:9c:b4:be:b7:09:28:17:9b:3c:09:27:67:b0:a3:93:
a4:4d:12:d7:95:60:3d:3c:dd:6f:d5:bb:a5:26:58:7d:f7:56:
fa:0a:7a:30:88:1a:12:6c:f9:b3:82:0e:10:4d:9e:13:68:9a:
d8:68:a9:86:db:0a:e3:ac:83:ae:84:67:c9:b7:97:0d:0d:c2:
2d:bc:a8:0d:f7:6b:d0:a1:8e:d1:10:dd:e8:bc:76:42:74:ba:
99:92:f0:71:07:8d:93:25:e6:1e:e4:82:91:49:50:f6:9c:44:
61:65:f8:2d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhRCuDhxKzETpoHUPyFG/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzE5NGY0YjUyYjlmZjQzM2YyYmYwZDE2YjU4YzExYzdj
ZjExMzEwHhcNMjUwMTAxMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDQ2OTJhYmJhYjNiMmYzZjE2MDU3OWY1YmZlNmJhNTFlOTg3MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LYrdaCj6Nk5v5dgg997b8j+cHnY
S8P/Am1PrRVkkPDwP4+FtVabT8+/oojt3souqT7kvRWFFvPMc1rkmsCQpR7L0fjW
c8PXMBLG7ctLw/JK8SsJPutlkWuhyhVyb6xLMRd5oqTyFEaWhgyQQ1HuT6sHsjhG
2zBl2Z2fDxz0G0XHTF+Fo+VGfhMU0vwUkx1EXcUdQWQXmt6/hcKy5yg2ab9srnCl
FjH2QoaTS6gGoDmWbn97V4y3N7Wq0n0MdRyjkFE98MQS+XINg29qaojx17eNTYJ+
4/sXqmSq4xJ3+lVyTxQ3Xnbc2QtQOxD8CLiNLbTyE72OWKUAZthRAfgkDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDBGkqu6s7Lz8WBXn1v+a6UemHDiMB8GA1UdIwQY
MBaAFClxlPS1K5/0M/K/DRa1jBHHzxExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84MGI0YzAtMDZjYi00NDI0LTlkZDUt
NWE5ODg5MzFlYTMzLzEvTUVhU3E3cXpzdlB4WUZlZldfNXJwUjZZY09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS84MGI0YzAtMDZjYi00NDI0LTlkZDUtNWE5ODg5MzFlYTMz
LzEvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5yYwD
BAC5yY4wDQQCAAIwBwMFAyoKxUAwDQYJKoZIhvcNAQELBQADggEBAK1deQYq0u32
Xl8oIgZZiAgS0pDJfPAjbFZYGTw9BxHO8Z2Z0Z4DjlrPU05vrr3VpQ9uDjq/qtjJ
ZoTH2tlA8fUrdnkzhmsKZ5eCfJSqf9E3TjBvOaFBuDiVz+QZl+1Fc8Qm62nDcNJs
e+oNJfy4UCDlvRzBnu6usZMc1sJHsS8tiDeMZMMCqzD+N9SlNLLrtT5Ge5y0vrcJ
KBebPAknZ7Cjk6RNEteVYD083W/Vu6UmWH33VvoKejCIGhJs+bOCDhBNnhNomtho
qYbbCuOsg66EZ8m3lw0Nwi28qA33a9ChjtEQ3ei8dkJ0upmS8HEHjZMl5h7kgpFJ
UPacRGFl+C0=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:29:32 2025 by rpki-client