Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/1-izewmuGO8dq8BDhJKZDZLmUf58.roa
File: 1-izewmuGO8dq8BDhJKZDZLmUf58.roa (raw, json)
Hash identifier: pKB2KkNW6MgzpQf0Po1aMo2fomGGYDN/KLqRgPyHgBo=
Subject key identifier: FA:2C:DE:C2:6B:86:3B:C7:6A:F0:10:E1:24:A6:43:64:B9:94:7F:9F
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 0194221FAF9B672279B07C2AF36971C97391
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/1-izewmuGO8dq8BDhJKZDZLmUf58.roa
Signing time: Wed 01 Jan 2025 13:48:09 +0000
ROA not before: Wed 01 Jan 2025 13:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.189.244.0/23 maxlen: 24
185.189.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:af:9b:67:22:79:b0:7c:2a:f3:69:71:c9:73:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Jan 1 13:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa2cdec26b863bc76af010e124a64364b9947f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:de:64:11:63:b1:9c:0f:f3:ff:55:ad:d0:
d5:17:ee:3d:59:6c:e4:c2:dd:d7:19:d4:50:f3:80:
63:e3:bc:6c:64:52:a1:76:4e:75:1f:46:f6:68:fb:
d4:16:81:5a:78:f2:1d:fa:a1:45:90:a5:35:b6:a4:
29:ce:4f:c2:40:81:26:aa:37:cd:7d:4b:95:a1:4f:
e7:0e:f2:df:cf:02:5d:76:c4:de:04:c5:db:91:b7:
a3:99:e9:7d:0b:67:e5:8d:c1:cc:48:27:e4:f9:50:
b9:2d:a1:ae:40:02:79:96:7d:a4:a6:7f:4a:97:19:
0e:63:b7:86:d8:cc:8a:1e:af:a6:56:db:2a:a7:ed:
d6:53:fe:ae:0c:c5:91:41:81:68:c3:74:71:54:b5:
79:70:24:9b:02:40:30:e8:fc:c0:3f:a9:bf:1d:78:
c4:07:6e:d8:fc:71:58:84:d2:b0:54:c4:27:49:7d:
0e:10:36:75:2e:64:2b:a9:ad:2a:66:8f:56:98:0f:
3b:36:db:90:b7:0c:8f:55:c7:e9:95:ed:f4:b1:1e:
56:d0:eb:46:a4:49:6c:28:08:eb:a3:fd:c9:48:66:
f4:e1:d3:46:23:ee:cb:12:2a:5c:56:ad:04:6b:e5:
3b:a1:54:69:0e:a7:11:0f:01:33:61:9f:fc:6c:c7:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2C:DE:C2:6B:86:3B:C7:6A:F0:10:E1:24:A6:43:64:B9:94:7F:9F
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/1-izewmuGO8dq8BDhJKZDZLmUf58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/22
Signature Algorithm: sha256WithRSAEncryption
07:db:45:b6:bb:2c:c3:76:9b:75:19:45:a3:41:79:fc:3d:eb:
53:ae:23:ef:b7:7c:d5:bb:28:75:67:91:7d:f7:a7:35:4c:e3:
41:c5:c8:08:24:31:60:24:9d:8e:0f:63:8a:31:e9:47:f0:66:
5e:35:f7:20:8e:b5:f2:0b:89:ed:61:34:da:15:15:28:3f:fa:
6a:c4:f5:44:71:c2:6f:ce:8a:ec:bb:f6:b3:92:5b:47:61:19:
35:71:09:b8:35:c8:59:7c:50:f9:1e:26:86:cb:8f:e4:ff:cc:
de:d6:a8:51:57:72:5e:cc:ae:58:a7:f9:94:16:9b:ae:a9:58:
b6:10:f3:20:27:f5:43:6b:73:1e:3a:0f:16:b6:c7:6d:7d:e7:
65:b3:2a:fb:7d:49:03:59:32:ab:38:df:cc:4f:f0:79:f5:da:
5d:1e:f2:25:e5:44:1e:1c:06:d9:bd:4d:0f:22:44:07:e3:5e:
62:05:66:72:56:d0:b2:6d:de:a1:dd:0b:06:09:35:5a:0f:5e:
27:63:a6:c9:76:66:6d:02:0b:8e:c7:5d:f5:1b:21:db:fa:b8:
9e:0f:b0:58:d7:59:4b:31:61:4f:5b:98:8b:2f:5a:ed:cd:a0:
3a:4d:92:9e:cc:8b:d5:a2:b5:ad:d4:9e:a6:58:15:ca:2c:91:
8a:86:f4:57
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH6+bZyJ5sHwq82lxyXORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjUwMTAxMTM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJjZGVjMjZiODYzYmM3NmFmMDEwZTEyNGE2NDM2NGI5OTQ3ZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBveZBFjsZwP8/9VrdDVF+49WWzk
wt3XGdRQ84Bj47xsZFKhdk51H0b2aPvUFoFaePId+qFFkKU1tqQpzk/CQIEmqjfN
fUuVoU/nDvLfzwJddsTeBMXbkbejmel9C2fljcHMSCfk+VC5LaGuQAJ5ln2kpn9K
lxkOY7eG2MyKHq+mVtsqp+3WU/6uDMWRQYFow3RxVLV5cCSbAkAw6PzAP6m/HXjE
B27Y/HFYhNKwVMQnSX0OEDZ1LmQrqa0qZo9WmA87NtuQtwyPVcfple30sR5W0OtG
pElsKAjro/3JSGb04dNGI+7LEipcVq0Ea+U7oVRpDqcRDwEzYZ/8bMeUfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPos3sJrhjvHavAQ4SSmQ2S5lH+fMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvMS1pemV3bXVHTzhkcThCRGhKS1pEWkxtVWY1OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvM2I5YWZmLWYwMGQtNDE4Ny1hZjk0LTU3MTdiNDU0NDIz
Ny8xL0pidnRDXzlfX3F0bjh3SzBFYUFIQVlWS2JEQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm99DAN
BgkqhkiG9w0BAQsFAAOCAQEAB9tFtrssw3abdRlFo0F5/D3rU64j77d81bsodWeR
ffenNUzjQcXICCQxYCSdjg9jijHpR/BmXjX3II618guJ7WE02hUVKD/6asT1RHHC
b86K7Lv2s5JbR2EZNXEJuDXIWXxQ+R4mhsuP5P/M3taoUVdyXsyuWKf5lBabrqlY
thDzICf1Q2tzHjoPFrbHbX3nZbMq+31JA1kyqzjfzE/wefXaXR7yJeVEHhwG2b1N
DyJEB+NeYgVmclbQsm3eod0LBgk1Wg9eJ2OmyXZmbQILjsdd9Rsh2/q4ng+wWNdZ
SzFhT1uYiy9a7c2gOk2SnsyL1aK1rdSeplgVyiyRiob0Vw==
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:54:27 2025 by rpki-client