Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/1mxisQ6L08ZQuxTypOKBVCO7czM.roa
File: 1mxisQ6L08ZQuxTypOKBVCO7czM.roa (raw, json)
Hash identifier: o/pwUFnynNOG5PwVDRq1HCZ3Epmeo1ph+jqSC/SlM5c=
Subject key identifier: D6:6C:62:B1:0E:8B:D3:C6:50:BB:14:F2:A4:E2:81:54:23:BB:73:33
Certificate issuer: /CN=641c78fc1748bdcc6a6c88c67d283e1d02d9dcc8
Certificate serial: 01956B1123EA13FB50A507517A8D485A7951
Authority key identifier: 64:1C:78:FC:17:48:BD:CC:6A:6C:88:C6:7D:28:3E:1D:02:D9:DC:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBx4_BdIvcxqbIjGfSg-HQLZ3Mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/1mxisQ6L08ZQuxTypOKBVCO7czM.roa
Signing time: Thu 06 Mar 2025 10:47:20 +0000
ROA not before: Thu 06 Mar 2025 10:47:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47719
IP address blocks: 185.61.48.0/24 maxlen: 24
185.61.49.0/24 maxlen: 24
185.61.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 06:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:11:23:ea:13:fb:50:a5:07:51:7a:8d:48:5a:79:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641c78fc1748bdcc6a6c88c67d283e1d02d9dcc8
Validity
Not Before: Mar 6 10:47:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d66c62b10e8bd3c650bb14f2a4e2815423bb7333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:75:52:68:3d:c4:b0:a7:f1:b4:9d:91:52:b8:
37:6d:a8:aa:84:1c:f5:83:f1:3b:fc:f8:98:48:82:
5a:09:d9:ca:84:5a:3e:44:87:ef:4c:53:56:ce:9a:
45:02:71:e9:8c:74:1f:9e:eb:ff:f4:e7:42:74:8d:
14:73:56:fe:e2:18:13:e0:d9:e1:fc:71:14:bd:ca:
85:74:e1:5d:ff:14:c2:68:a0:81:10:46:9a:b6:dd:
a2:16:12:dc:03:d7:67:e5:44:75:88:a9:01:50:ec:
30:0f:91:5e:18:7a:23:05:11:5a:b3:1e:2c:08:2f:
ee:cc:69:40:fe:ea:20:1d:e5:da:3a:2c:7c:8f:0b:
85:29:12:6e:b4:d7:74:23:74:b5:e4:8b:f6:39:97:
91:67:4a:6d:29:73:9d:15:66:15:01:90:d1:ae:ef:
da:fa:4d:12:2d:c9:ab:4f:58:dd:04:2d:6a:ab:d9:
0e:af:b7:36:0f:9f:e1:f0:10:26:04:08:2b:9c:6d:
e8:14:da:ae:8b:dd:9f:89:cf:bc:f3:fb:63:3a:62:
ab:5f:fe:ec:99:08:9a:7c:ee:cb:52:19:12:2b:55:
5a:27:a6:4e:15:eb:69:8f:90:02:c4:90:d1:94:b0:
8a:d6:49:21:2b:e9:d7:ba:ff:62:db:22:9b:b2:5b:
25:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6C:62:B1:0E:8B:D3:C6:50:BB:14:F2:A4:E2:81:54:23:BB:73:33
X509v3 Authority Key Identifier:
keyid:64:1C:78:FC:17:48:BD:CC:6A:6C:88:C6:7D:28:3E:1D:02:D9:DC:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBx4_BdIvcxqbIjGfSg-HQLZ3Mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/1mxisQ6L08ZQuxTypOKBVCO7czM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/e72a9d-9ea5-47db-a67e-6d2e11fe08cd/1/ZBx4_BdIvcxqbIjGfSg-HQLZ3Mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.48.0/23
185.61.51.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:57:bc:22:4e:b2:cd:3d:aa:d8:e8:bb:ac:f0:b6:17:93:0f:
b8:4a:f3:b2:06:a7:c3:f4:ba:76:00:54:a9:03:99:0a:9a:17:
9b:be:e9:30:6d:48:c4:18:00:92:5b:83:a3:82:b8:9e:7c:36:
0d:ba:8a:46:aa:bc:c8:63:e0:ef:0b:25:36:18:bb:49:0e:d1:
88:96:05:a6:d7:21:aa:a3:44:90:1f:c7:83:0c:be:79:67:25:
27:bd:fc:fa:e8:1a:32:2a:4c:c2:84:b9:07:08:1c:da:4b:76:
9f:32:18:02:23:ad:49:e8:80:fc:77:95:57:d5:9f:28:12:62:
08:0b:bf:eb:7e:6c:83:de:ef:64:fc:5d:4a:33:74:61:ea:b0:
57:3b:e2:1e:06:62:d9:24:89:d4:74:b2:0d:33:24:33:31:34:
0b:4f:ae:c0:9b:c5:7b:ac:0f:3d:90:4c:43:1d:ab:bc:52:99:
16:86:f3:0a:ff:13:11:a7:c4:22:c6:47:13:af:6d:31:de:34:
0d:ca:6a:92:31:53:b3:64:4a:9a:52:6a:7f:6e:3f:f8:15:38:
f6:64:21:d6:ac:a7:b8:7f:db:a5:00:f1:f8:2c:6b:c3:02:75:
00:ec:0e:69:77:a4:8d:e8:f0:56:81:9e:b4:b8:37:58:ac:3c:
17:85:ba:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVrESPqE/tQpQdReo1IWnlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MWM3OGZjMTc0OGJkY2M2YTZjODhjNjdkMjgzZTFkMDJk
OWRjYzgwHhcNMjUwMzA2MTA0NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZjNjJiMTBlOGJkM2M2NTBiYjE0ZjJhNGUyODE1NDIzYmI3MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23VSaD3EsKfxtJ2RUrg3baiqhBz1
g/E7/PiYSIJaCdnKhFo+RIfvTFNWzppFAnHpjHQfnuv/9OdCdI0Uc1b+4hgT4Nnh
/HEUvcqFdOFd/xTCaKCBEEaatt2iFhLcA9dn5UR1iKkBUOwwD5FeGHojBRFasx4s
CC/uzGlA/uogHeXaOix8jwuFKRJutNd0I3S15Iv2OZeRZ0ptKXOdFWYVAZDRru/a
+k0SLcmrT1jdBC1qq9kOr7c2D5/h8BAmBAgrnG3oFNqui92fic+88/tjOmKrX/7s
mQiafO7LUhkSK1VaJ6ZOFetpj5ACxJDRlLCK1kkhK+nXuv9i2yKbslslQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZsYrEOi9PGULsU8qTigVQju3MzMB8GA1UdIwQY
MBaAFGQcePwXSL3MamyIxn0oPh0C2dzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJ4NF9CZEl2Y3hxYklqR2ZTZy1IUUxaM01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lNzJhOWQtOWVhNS00N2RiLWE2N2Ut
NmQyZTExZmUwOGNkLzEvMW14aXNRNkwwOFpRdXhUeXBPS0JWQ083Y3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lNzJhOWQtOWVhNS00N2RiLWE2N2UtNmQyZTExZmUwOGNk
LzEvWkJ4NF9CZEl2Y3hxYklqR2ZTZy1IUUxaM01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuT0wAwQA
uT0zMA0GCSqGSIb3DQEBCwUAA4IBAQDAV7wiTrLNParY6Lus8LYXkw+4SvOyBqfD
9Lp2AFSpA5kKmhebvukwbUjEGACSW4OjgriefDYNuopGqrzIY+DvCyU2GLtJDtGI
lgWm1yGqo0SQH8eDDL55ZyUnvfz66BoyKkzChLkHCBzaS3afMhgCI61J6ID8d5VX
1Z8oEmIIC7/rfmyD3u9k/F1KM3Rh6rBXO+IeBmLZJInUdLINMyQzMTQLT67Am8V7
rA89kExDHau8UpkWhvMK/xMRp8QixkcTr20x3jQNymqSMVOzZEqaUmp/bj/4FTj2
ZCHWrKe4f9ulAPH4LGvDAnUA7A5pd6SN6PBWgZ60uDdYrDwXhbos
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:05 2025 by rpki-client