Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/rIybKkmlWhHPjVcClrZc9fQ-iPQ.roa
File: rIybKkmlWhHPjVcClrZc9fQ-iPQ.roa (raw, json)
Hash identifier: 1LpLC9d7Sx9oczWewZyLAKQ1gxp6T9cp102mWecY+dY=
Subject key identifier: AC:8C:9B:2A:49:A5:5A:11:CF:8D:57:02:96:B6:5C:F5:F4:3E:88:F4
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 0194C29A193DEA23A511BC81E53E62DE9104
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/rIybKkmlWhHPjVcClrZc9fQ-iPQ.roa
Signing time: Sat 01 Feb 2025 17:41:06 +0000
ROA not before: Sat 01 Feb 2025 17:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 185.73.200.0/22 maxlen: 24
185.73.201.0/24 maxlen: 32
185.165.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 01:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c2:9a:19:3d:ea:23:a5:11:bc:81:e5:3e:62:de:91:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: Feb 1 17:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac8c9b2a49a55a11cf8d570296b65cf5f43e88f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8a:7b:21:7a:94:be:1b:13:96:5a:60:3c:3e:
4e:00:be:31:1f:aa:9a:d4:53:d3:73:77:c6:42:04:
d8:65:fd:fe:c0:70:a9:25:ad:38:ad:90:de:58:d7:
ba:6b:ea:b7:60:76:ee:2e:72:59:36:94:a5:68:c2:
67:8f:2f:fd:e2:01:2c:1a:5c:1e:7d:21:b9:e1:8a:
f4:00:79:e7:d8:5d:2d:0f:d3:f1:9c:c1:2e:a7:6b:
31:b9:33:e0:8b:66:03:3d:a8:73:4c:3f:d7:25:6b:
45:49:bc:bc:a0:48:fa:34:cc:13:63:67:5b:12:14:
58:69:29:84:4f:26:ea:43:24:d0:1e:f5:f6:d0:25:
27:aa:07:d9:76:02:6d:95:aa:04:6a:1d:b2:bf:0a:
f8:b5:df:6e:1c:8a:7e:5f:8b:56:96:c6:e0:4f:27:
dc:31:a0:6c:3d:7b:ba:c8:ae:ec:a7:15:e8:06:7c:
b5:fd:e3:08:cb:c5:3d:c9:dc:f1:88:c0:32:1d:4e:
e6:c4:14:39:4c:aa:0a:b0:0c:63:4f:a3:52:4d:89:
9e:70:8b:02:b2:d9:ca:5d:04:fe:26:3e:cb:03:e4:
5c:11:12:61:b8:59:30:4b:18:d2:31:6e:65:d1:f7:
dd:b2:6a:99:c6:01:4d:98:e9:d9:33:b3:71:e2:96:
79:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8C:9B:2A:49:A5:5A:11:CF:8D:57:02:96:B6:5C:F5:F4:3E:88:F4
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/rIybKkmlWhHPjVcClrZc9fQ-iPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.200.0/22
185.165.77.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:4d:77:53:ce:e6:fa:5c:f5:64:69:23:30:1b:6a:79:5d:65:
21:8a:d3:af:f8:2b:52:76:27:19:91:33:1d:48:d1:cb:a2:69:
7c:7b:72:5f:bb:29:55:33:6e:5b:92:8c:df:39:aa:a9:91:64:
03:43:30:bf:41:42:bb:3d:2e:17:15:24:db:b8:d4:4b:d3:d3:
f4:7f:ed:fb:7f:3c:06:b4:19:fd:86:f3:d1:8b:e5:0b:34:36:
bc:2f:0b:c1:d6:d9:07:08:ce:89:85:c5:ed:e3:a6:8a:d2:d2:
c5:6b:40:82:28:e7:91:6a:44:7b:05:fc:67:5d:24:3e:2e:a0:
8f:df:7c:c2:df:65:54:4f:19:3d:f1:e2:a8:79:88:75:cf:5f:
7e:4c:87:a4:18:60:a0:cb:9e:dc:9b:83:64:3d:e2:77:7d:af:
b0:f9:7e:3d:2f:9d:14:39:db:fb:22:e4:4f:20:05:48:2d:bc:
f3:cd:79:79:a5:fe:7f:88:5d:5d:b4:aa:00:91:2b:e9:b9:1f:
a9:90:f6:e6:0f:dc:01:9b:d1:30:4e:a6:a4:67:0d:5a:1c:ff:
20:62:a3:2d:70:ce:31:1f:b8:af:cc:da:08:b2:65:50:3a:f8:
8a:0d:54:55:ad:7b:0f:8a:aa:80:4f:73:6c:9a:60:4d:d4:84:
41:07:cb:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTCmhk96iOlEbyB5T5i3pEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjUwMjAxMTc0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhjOWIyYTQ5YTU1YTExY2Y4ZDU3MDI5NmI2NWNmNWY0M2U4OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6op7IXqUvhsTllpgPD5OAL4xH6qa
1FPTc3fGQgTYZf3+wHCpJa04rZDeWNe6a+q3YHbuLnJZNpSlaMJnjy/94gEsGlwe
fSG54Yr0AHnn2F0tD9PxnMEup2sxuTPgi2YDPahzTD/XJWtFSby8oEj6NMwTY2db
EhRYaSmETybqQyTQHvX20CUnqgfZdgJtlaoEah2yvwr4td9uHIp+X4tWlsbgTyfc
MaBsPXu6yK7spxXoBny1/eMIy8U9ydzxiMAyHU7mxBQ5TKoKsAxjT6NSTYmecIsC
stnKXQT+Jj7LA+RcERJhuFkwSxjSMW5l0ffdsmqZxgFNmOnZM7Nx4pZ5XQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKyMmypJpVoRz41XApa2XPX0Poj0MB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvckl5YktrbWxXaEhQalZjQ2xyWmM5ZlEtaVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUnIAwQA
uaVNMA0GCSqGSIb3DQEBCwUAA4IBAQBMTXdTzub6XPVkaSMwG2p5XWUhitOv+CtS
dicZkTMdSNHLoml8e3JfuylVM25bkozfOaqpkWQDQzC/QUK7PS4XFSTbuNRL09P0
f+37fzwGtBn9hvPRi+ULNDa8LwvB1tkHCM6JhcXt46aK0tLFa0CCKOeRakR7Bfxn
XSQ+LqCP33zC32VUTxk98eKoeYh1z19+TIekGGCgy57cm4NkPeJ3fa+w+X49L50U
Odv7IuRPIAVILbzzzXl5pf5/iF1dtKoAkSvpuR+pkPbmD9wBm9EwTqakZw1aHP8g
YqMtcM4xH7ivzNoIsmVQOviKDVRVrXsPiqqAT3NsmmBN1IRBB8uN
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:24:48 2025 by rpki-client