Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/PO6oz1uGbx1GoL8qBuXkgPf71p0.roa
File: PO6oz1uGbx1GoL8qBuXkgPf71p0.roa (raw, json)
Hash identifier: meuthU+Ti6/0jkt5KlBTXBi7dTboryNHyjmML99AQLI=
Subject key identifier: 3C:EE:A8:CF:5B:86:6F:1D:46:A0:BF:2A:06:E5:E4:80:F7:FB:D6:9D
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 019422FB8A4DDA05A25F0A28AE648B038126
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/PO6oz1uGbx1GoL8qBuXkgPf71p0.roa
Signing time: Wed 01 Jan 2025 17:48:17 +0000
ROA not before: Wed 01 Jan 2025 17:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200994
IP address blocks: 185.89.120.0/22 maxlen: 24
185.93.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 09:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:8a:4d:da:05:a2:5f:0a:28:ae:64:8b:03:81:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Jan 1 17:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ceea8cf5b866f1d46a0bf2a06e5e480f7fbd69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ea:20:8d:20:27:ec:02:b4:8a:a8:22:41:98:
01:55:f0:f7:06:e1:e8:c1:f8:d0:c4:f1:f8:14:83:
f6:2d:dc:97:fd:39:75:c0:38:34:28:0b:f1:09:b0:
b7:f9:cd:26:da:d1:d4:81:d4:9b:44:2c:25:de:a4:
c8:ec:6a:b4:2b:ca:10:c5:ae:f1:36:bc:6f:97:14:
a7:82:16:f5:ba:43:ca:11:be:19:76:f7:16:21:d9:
94:d1:c9:52:de:5a:f2:cb:82:d1:49:51:92:20:c9:
33:c3:ca:f2:68:f6:f1:49:ee:28:2c:e5:63:b5:98:
da:d4:64:eb:ae:d1:2d:ad:f6:a7:f8:2b:af:4d:fb:
09:f4:26:9e:66:38:a7:34:5d:6b:9e:c5:79:8d:45:
ce:03:76:a0:f4:4c:20:fd:27:a5:7c:5b:da:96:1d:
3b:bf:b3:1a:f0:4a:e5:00:43:bd:dd:20:9c:83:3f:
df:ea:79:2b:8b:38:5f:45:71:f0:37:44:94:76:e2:
41:99:76:ea:6c:bc:44:ee:cc:32:41:80:c6:23:94:
19:5d:01:19:2e:25:e7:8d:a5:de:b4:5b:91:30:11:
d4:d0:46:9f:45:b9:fa:44:19:73:d0:47:c8:4f:47:
5e:35:95:9a:66:46:ac:75:d9:1b:2b:73:19:91:f0:
bd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:EE:A8:CF:5B:86:6F:1D:46:A0:BF:2A:06:E5:E4:80:F7:FB:D6:9D
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/PO6oz1uGbx1GoL8qBuXkgPf71p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.120.0/22
185.93.5.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:08:a6:8b:31:dc:03:7a:e9:6c:3d:21:f7:91:57:e5:df:37:
e4:1b:34:0a:d7:ed:f5:02:ae:65:69:16:b4:34:8a:0b:f5:70:
6a:96:65:00:88:84:af:0c:bb:73:2d:a0:18:7c:d7:6c:57:ef:
d4:76:16:12:fc:54:ad:22:df:57:af:58:37:5e:f9:70:58:e2:
5f:07:54:fa:13:b5:b4:8d:b0:67:54:28:f5:ef:6e:87:2b:87:
89:5a:3c:6e:3a:ff:2e:c7:16:49:68:db:17:bd:b1:01:dd:27:
dd:92:45:d1:1c:0e:d8:07:30:23:17:c7:f5:98:29:70:9b:70:
91:dc:6c:6d:98:7c:3e:36:24:ea:18:50:0e:e1:64:37:28:6b:
8b:7d:59:46:b8:cb:cf:60:20:00:f5:a8:45:e7:4d:aa:04:77:
62:e6:3c:bf:f4:dd:f7:8f:70:fa:6d:17:d7:32:04:0f:e0:42:
67:14:77:c8:97:bd:3f:8a:5e:78:26:51:b8:1e:e2:7b:55:22:
c4:46:71:1f:41:a0:53:91:e9:98:92:5c:a1:45:70:0a:f4:b6:
42:52:85:60:38:1d:0f:57:2f:30:14:cf:53:ea:76:3a:0c:fb:
fc:bf:a4:c0:2c:14:8b:64:f6:77:61:48:5d:42:ae:b0:e7:1e:
b9:0b:af:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi+4pN2gWiXwoormSLA4EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjUwMTAxMTc0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2VlYThjZjViODY2ZjFkNDZhMGJmMmEwNmU1ZTQ4MGY3ZmJkNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruogjSAn7AK0iqgiQZgBVfD3BuHo
wfjQxPH4FIP2LdyX/Tl1wDg0KAvxCbC3+c0m2tHUgdSbRCwl3qTI7Gq0K8oQxa7x
NrxvlxSnghb1ukPKEb4ZdvcWIdmU0clS3lryy4LRSVGSIMkzw8ryaPbxSe4oLOVj
tZja1GTrrtEtrfan+CuvTfsJ9CaeZjinNF1rnsV5jUXOA3ag9Ewg/SelfFvalh07
v7Ma8ErlAEO93SCcgz/f6nkrizhfRXHwN0SUduJBmXbqbLxE7swyQYDGI5QZXQEZ
LiXnjaXetFuRMBHU0EafRbn6RBlz0EfIT0deNZWaZkasddkbK3MZkfC9hQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDzuqM9bhm8dRqC/Kgbl5ID3+9adMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvUE82b3oxdUdieDFHb0w4cUJ1WGtnUGY3MXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVl4AwQA
uV0FMA0GCSqGSIb3DQEBCwUAA4IBAQDCCKaLMdwDeulsPSH3kVfl3zfkGzQK1+31
Aq5laRa0NIoL9XBqlmUAiISvDLtzLaAYfNdsV+/UdhYS/FStIt9Xr1g3XvlwWOJf
B1T6E7W0jbBnVCj1726HK4eJWjxuOv8uxxZJaNsXvbEB3SfdkkXRHA7YBzAjF8f1
mClwm3CR3GxtmHw+NiTqGFAO4WQ3KGuLfVlGuMvPYCAA9ahF502qBHdi5jy/9N33
j3D6bRfXMgQP4EJnFHfIl70/il54JlG4HuJ7VSLERnEfQaBTkemYklyhRXAK9LZC
UoVgOB0PVy8wFM9T6nY6DPv8v6TALBSLZPZ3YUhdQq6w5x65C6+s
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:56:07 2025 by rpki-client