Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/kAwxKrDV15qO3moCZwbAv710e8c.roa
File: kAwxKrDV15qO3moCZwbAv710e8c.roa (raw, json)
Hash identifier: 9hyD89Mz8Mobt4CsbLY6kCrwDS3jPZ4cazfsEUyba9o=
Subject key identifier: 90:0C:31:2A:B0:D5:D7:9A:8E:DE:6A:02:67:06:C0:BF:BD:74:7B:C7
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 0194266A3F82EEA580A600DA06632D3B429F
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/kAwxKrDV15qO3moCZwbAv710e8c.roa
Signing time: Thu 02 Jan 2025 09:48:04 +0000
ROA not before: Thu 02 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197075
IP address blocks: 185.25.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 10:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:3f:82:ee:a5:80:a6:00:da:06:63:2d:3b:42:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 2 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=900c312ab0d5d79a8ede6a026706c0bfbd747bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dc:4e:2d:da:f2:d3:df:4c:22:26:61:f3:55:
8f:c2:6a:12:6c:ca:ee:8b:e1:48:9e:fd:3d:a5:45:
95:dc:b2:ef:9d:12:58:00:40:2b:8f:d1:d9:ed:33:
82:3d:ba:90:02:78:2b:86:66:55:26:ec:6b:64:0f:
4e:1b:aa:bb:26:77:c6:24:6a:bc:3b:bc:b1:47:7e:
a3:b7:89:58:c0:99:fe:ba:de:eb:9d:a4:0b:c9:8a:
55:ca:ee:91:96:38:92:20:4d:32:f7:ff:8d:84:be:
59:60:b4:e3:9f:87:90:5d:72:39:d2:70:bb:b7:66:
8f:88:20:5e:62:15:f8:71:00:66:9f:40:00:c4:9c:
66:3a:76:20:94:1d:ca:6a:2a:0c:e6:78:32:f4:0d:
e5:32:46:93:73:92:ce:7b:a4:29:7e:6c:34:e1:f6:
9f:20:37:d3:50:21:2c:1c:65:18:a4:25:ed:d4:56:
c9:c3:40:5d:1a:5f:38:ae:c1:c8:76:05:9a:1d:de:
7d:40:40:b3:49:4e:b4:be:99:53:7e:02:59:26:c7:
25:cd:f9:74:1a:0a:4f:d2:83:e3:bd:0b:2a:f9:29:
85:65:3a:e1:d5:fd:ac:41:69:f0:11:5a:bc:56:ce:
19:4c:6f:95:89:12:a7:7e:39:4d:f4:c2:1c:85:39:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0C:31:2A:B0:D5:D7:9A:8E:DE:6A:02:67:06:C0:BF:BD:74:7B:C7
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/kAwxKrDV15qO3moCZwbAv710e8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:7b:cb:d3:38:a9:34:8c:37:9d:94:dd:3d:2a:d9:4a:cb:a0:
27:f5:fb:97:3b:5a:6a:8d:77:e9:4a:5a:a7:25:0a:2b:12:96:
34:12:d0:3d:31:c5:4d:15:60:c1:4e:81:84:0d:4b:21:21:41:
7a:13:e5:b4:2c:69:0b:21:49:03:4f:d3:a4:cf:f5:88:be:81:
52:aa:98:9e:4a:95:26:9a:2b:58:69:1c:f2:eb:a0:59:c3:13:
a8:93:80:a2:07:db:31:10:30:8b:e9:1c:67:09:40:d4:fb:45:
b5:97:f8:8c:ee:d5:9d:d9:ec:c5:6b:e0:e1:58:62:a5:83:91:
e9:a5:a3:92:f2:1e:9a:29:0f:ba:35:dd:ca:b5:a8:c4:ac:15:
32:57:03:4c:2a:4c:58:2f:f3:c5:40:28:f4:61:4c:fd:86:d7:
12:23:e2:05:40:1b:11:d3:34:c8:be:67:9c:de:a4:e2:d5:0e:
98:42:27:7b:02:b9:47:89:ff:c1:b3:82:a9:b5:33:7a:3f:61:
e5:e8:46:28:63:66:52:74:a3:fc:69:31:2d:76:f2:b6:7e:7d:
e6:e5:3f:43:82:ed:0a:2e:48:0e:0f:3c:ac:84:d0:a8:23:0b:
88:95:cf:ff:03:0f:17:23:a9:21:78:c5:ed:04:25:57:79:5c:
8d:99:40:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmaj+C7qWApgDaBmMtO0KfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjUwMTAyMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBjMzEyYWIwZDVkNzlhOGVkZTZhMDI2NzA2YzBiZmJkNzQ3YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdxOLdry099MIiZh81WPwmoSbMru
i+FInv09pUWV3LLvnRJYAEArj9HZ7TOCPbqQAngrhmZVJuxrZA9OG6q7JnfGJGq8
O7yxR36jt4lYwJn+ut7rnaQLyYpVyu6RljiSIE0y9/+NhL5ZYLTjn4eQXXI50nC7
t2aPiCBeYhX4cQBmn0AAxJxmOnYglB3KaioM5ngy9A3lMkaTc5LOe6Qpfmw04faf
IDfTUCEsHGUYpCXt1FbJw0BdGl84rsHIdgWaHd59QECzSU60vplTfgJZJsclzfl0
GgpP0oPjvQsq+SmFZTrh1f2sQWnwEVq8Vs4ZTG+ViRKnfjlN9MIchTkZywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAMMSqw1deajt5qAmcGwL+9dHvHMB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEva0F3eEtyRFYxNXFPM21vQ1p3YkF2NzEwZThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRnpMA0G
CSqGSIb3DQEBCwUAA4IBAQBfe8vTOKk0jDedlN09KtlKy6An9fuXO1pqjXfpSlqn
JQorEpY0EtA9McVNFWDBToGEDUshIUF6E+W0LGkLIUkDT9Okz/WIvoFSqpieSpUm
mitYaRzy66BZwxOok4CiB9sxEDCL6RxnCUDU+0W1l/iM7tWd2ezFa+DhWGKlg5Hp
paOS8h6aKQ+6Nd3KtajErBUyVwNMKkxYL/PFQCj0YUz9htcSI+IFQBsR0zTIvmec
3qTi1Q6YQid7ArlHif/Bs4KptTN6P2Hl6EYoY2ZSdKP8aTEtdvK2fn3m5T9Dgu0K
LkgODzyshNCoIwuIlc//Aw8XI6kheMXtBCVXeVyNmUDr
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:14 2025 by rpki-client