Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/bFmoZfdy7zWDK-L91lIBr6St4BI.roa
File: bFmoZfdy7zWDK-L91lIBr6St4BI.roa (raw, json)
Hash identifier: eMkbHeROf164LS2cH/hzG0LzKqpUXZbNkzB1Kmiqfio=
Subject key identifier: 6C:59:A8:65:F7:72:EF:35:83:2B:E2:FD:D6:52:01:AF:A4:AD:E0:12
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 01972B549CDE61D9E5230DE17CF00B69574E
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/bFmoZfdy7zWDK-L91lIBr6St4BI.roa
Signing time: Sun 01 Jun 2025 11:50:54 +0000
ROA not before: Sun 01 Jun 2025 11:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.20.255.0/24 maxlen: 24
185.138.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 13:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2b:54:9c:de:61:d9:e5:23:0d:e1:7c:f0:0b:69:57:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Jun 1 11:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c59a865f772ef35832be2fdd65201afa4ade012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:42:08:ff:65:f3:49:5e:b1:09:02:7d:48:3a:
eb:73:e5:9f:c1:10:ea:2a:cf:f4:2a:14:68:7d:4b:
3b:a0:80:0b:66:1f:60:d2:f0:10:98:2a:b0:72:93:
2d:66:90:55:4b:14:60:79:86:23:64:1e:47:d4:40:
b4:32:bf:22:97:44:33:93:b9:30:cf:06:0f:8e:86:
b4:0c:19:2c:ff:b8:75:4d:7d:c1:26:6a:7e:59:86:
c3:a7:90:9e:62:47:b8:6a:5b:06:34:50:0e:c6:4d:
4c:d1:67:5f:d1:43:54:3f:47:4e:38:73:1c:73:09:
c1:f3:3c:7d:22:4c:b3:e5:af:9e:a9:01:3f:98:54:
b5:79:a3:91:98:97:6c:a1:45:11:ab:a9:4f:69:89:
14:e8:73:24:c0:35:38:9b:0b:15:4a:b2:ef:03:0a:
fa:ab:ad:32:74:03:7a:7a:cf:50:47:b7:6c:7b:99:
c1:7f:c6:d9:7e:a5:6c:b0:09:92:b4:ab:9b:bd:2a:
9c:0f:b7:2c:90:1a:94:7d:91:6a:9e:9a:f2:11:ea:
1e:26:58:f9:76:d6:34:54:c5:cc:5f:57:8e:33:4a:
6c:50:b1:ca:38:23:95:ae:41:8c:f7:73:40:e1:1a:
52:a4:5e:67:b2:38:a8:cc:60:eb:c4:c1:29:eb:17:
35:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:59:A8:65:F7:72:EF:35:83:2B:E2:FD:D6:52:01:AF:A4:AD:E0:12
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/bFmoZfdy7zWDK-L91lIBr6St4BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.255.0/24
185.138.234.0/24
Signature Algorithm: sha256WithRSAEncryption
54:dd:9b:1e:33:3b:3b:ab:51:a7:7b:34:5a:fe:18:e7:cd:f0:
dc:01:3f:24:bd:94:b0:52:0a:e3:87:6f:7b:b5:83:01:5c:48:
5c:13:90:ca:98:70:db:b8:13:bb:c1:88:4a:da:ee:6f:ba:ac:
84:37:16:54:5f:a2:27:60:17:d4:ee:e0:28:48:ae:55:a5:35:
32:6e:7c:b0:74:3c:59:17:8d:9e:64:4f:55:dd:a2:89:b3:9a:
0a:8e:fc:fd:0f:bc:c7:01:12:d6:8a:38:5a:03:b0:f3:3d:01:
f9:9e:93:7c:08:8f:b9:1a:da:64:5c:06:25:42:f1:dd:96:6e:
5b:6d:76:9f:8a:e4:19:ac:0b:04:39:9e:2e:31:6b:df:c7:2a:
22:00:0b:ed:86:5b:5a:af:ec:9c:40:01:35:61:83:25:4e:f3:
09:57:ff:1a:79:e0:de:55:2e:55:3f:57:00:78:94:e3:bf:f9:
98:72:42:09:9e:a7:c0:e3:fb:84:05:d0:94:1e:5f:b7:97:1d:
a6:7e:a2:7f:2c:ba:75:df:ed:6d:c4:0e:a0:2d:ae:de:19:de:
f4:54:25:42:22:33:1f:18:c0:85:56:4c:9f:2e:6a:98:4a:74:
ff:83:b7:01:99:d9:32:c7:98:90:4b:21:25:9b:5a:60:0d:27:
03:8e:2f:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcrVJzeYdnlIw3hfPALaVdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjUwNjAxMTE1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU5YTg2NWY3NzJlZjM1ODMyYmUyZmRkNjUyMDFhZmE0YWRlMDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkII/2XzSV6xCQJ9SDrrc+WfwRDq
Ks/0KhRofUs7oIALZh9g0vAQmCqwcpMtZpBVSxRgeYYjZB5H1EC0Mr8il0Qzk7kw
zwYPjoa0DBks/7h1TX3BJmp+WYbDp5CeYke4alsGNFAOxk1M0Wdf0UNUP0dOOHMc
cwnB8zx9Ikyz5a+eqQE/mFS1eaORmJdsoUURq6lPaYkU6HMkwDU4mwsVSrLvAwr6
q60ydAN6es9QR7dse5nBf8bZfqVssAmStKubvSqcD7cskBqUfZFqnpryEeoeJlj5
dtY0VMXMX1eOM0psULHKOCOVrkGM93NA4RpSpF5nsjiozGDrxMEp6xc1ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGxZqGX3cu81gyvi/dZSAa+kreASMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvYkZtb1pmZHk3eldESy1MOTFsSUJyNlN0NEJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRT/AwQA
uYrqMA0GCSqGSIb3DQEBCwUAA4IBAQBU3ZseMzs7q1GnezRa/hjnzfDcAT8kvZSw
Ugrjh297tYMBXEhcE5DKmHDbuBO7wYhK2u5vuqyENxZUX6InYBfU7uAoSK5VpTUy
bnywdDxZF42eZE9V3aKJs5oKjvz9D7zHARLWijhaA7DzPQH5npN8CI+5GtpkXAYl
QvHdlm5bbXafiuQZrAsEOZ4uMWvfxyoiAAvthltar+ycQAE1YYMlTvMJV/8aeeDe
VS5VP1cAeJTjv/mYckIJnqfA4/uEBdCUHl+3lx2mfqJ/LLp13+1txA6gLa7eGd70
VCVCIjMfGMCFVkyfLmqYSnT/g7cBmdkyx5iQSyElm1pgDScDji/B
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:00:17 2025 by rpki-client