Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/syPCsuDZRJcq2pRXWyn9suM1GzY.roa
File: syPCsuDZRJcq2pRXWyn9suM1GzY.roa (raw, json)
Hash identifier: 3BY493lIJyJ41G2UWn3g/DIi4N6T8Ffn7W2B7015juQ=
Subject key identifier: B3:23:C2:B2:E0:D9:44:97:2A:DA:94:57:5B:29:FD:B2:E3:35:1B:36
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 0194450A20BD3A7E89550D59E03CD82335E1
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/syPCsuDZRJcq2pRXWyn9suM1GzY.roa
Signing time: Wed 08 Jan 2025 08:31:19 +0000
ROA not before: Wed 08 Jan 2025 08:31:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206947
IP address blocks: 185.198.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 15:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:0a:20:bd:3a:7e:89:55:0d:59:e0:3c:d8:23:35:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 8 08:31:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b323c2b2e0d944972ada94575b29fdb2e3351b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7c:40:0c:8b:73:01:61:90:90:a6:67:aa:82:
12:bf:45:b6:b7:22:ba:93:87:87:43:b7:8f:72:51:
36:65:84:92:b0:dd:bc:d2:33:68:a2:82:8a:0d:cb:
3e:66:36:75:fe:fe:1c:c6:21:ba:1a:0d:3a:16:d0:
a1:68:d8:1b:a0:60:3a:75:df:36:eb:24:20:f2:aa:
e2:5e:c6:e5:1e:ae:91:27:98:0a:1d:cf:bc:2c:3a:
0d:ef:2c:4f:6d:85:b6:7d:c4:a4:c3:40:6c:c8:b4:
f0:94:95:65:12:f8:f6:f1:5a:fa:83:ee:fa:69:05:
7f:57:ff:a8:dd:8d:67:cb:22:49:88:6d:b9:06:01:
c8:ca:89:37:7c:1c:87:cd:1b:a6:46:1c:36:38:1a:
40:0b:0c:72:09:37:6f:10:1b:12:14:0c:0f:c3:f3:
38:e8:93:23:34:15:0e:ac:b4:aa:9b:e8:88:be:b3:
55:03:91:49:90:56:3d:88:dc:08:e7:d2:48:30:10:
32:07:1e:d8:96:82:df:c5:32:94:5a:d2:54:1a:9d:
ea:2c:cb:19:73:0a:75:4c:f0:6d:e5:ce:4f:b2:0c:
33:08:a6:05:64:21:d5:ca:50:8c:02:52:c8:8e:89:
fd:48:9a:fa:01:70:d6:22:26:eb:46:99:61:8c:a7:
7f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:23:C2:B2:E0:D9:44:97:2A:DA:94:57:5B:29:FD:B2:E3:35:1B:36
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/syPCsuDZRJcq2pRXWyn9suM1GzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.210.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:74:b7:ab:c7:a6:02:93:af:0e:34:05:33:68:c5:dc:6e:a3:
8e:1d:cb:da:88:50:ea:d6:cc:03:7f:d6:1d:c5:4b:43:fb:ec:
09:ea:d0:81:ec:d9:a4:d9:85:04:82:bf:34:aa:26:3f:14:0d:
9b:fd:51:86:77:76:fb:2c:2f:c0:93:ef:0a:5b:97:e3:21:1d:
5e:7c:bd:cd:e4:af:78:47:cc:26:74:fa:e7:dc:8b:4a:22:65:
d5:e7:74:0f:41:e5:34:c0:5a:c7:03:65:0a:10:8b:e7:cb:63:
c1:51:e7:59:e9:2f:22:e8:85:f2:4b:1f:95:32:5b:d6:fd:31:
ba:15:06:de:55:9c:3a:2b:f6:f5:05:da:79:29:42:63:96:3d:
66:c0:b6:8d:7c:8a:2b:43:b6:3f:a9:e4:09:74:e4:bb:ff:e4:
16:a9:2d:93:85:3d:eb:fa:8c:3e:1c:b4:1d:c6:c3:aa:ad:1e:
7c:c3:5b:8e:d1:38:a5:06:53:15:61:7e:3e:b7:6a:18:d3:36:
41:55:a7:4b:0b:d2:64:6e:6f:5d:aa:86:17:bd:98:08:b4:d2:
77:18:40:ea:8e:5f:97:d9:8f:26:ea:bb:fa:ed:92:26:8b:11:
55:b6:38:14:20:4e:48:d5:61:e6:31:db:74:88:78:16:0b:bd:
49:7f:2b:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRFCiC9On6JVQ1Z4DzYIzXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjUwMTA4MDgzMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzIzYzJiMmUwZDk0NDk3MmFkYTk0NTc1YjI5ZmRiMmUzMzUxYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHxADItzAWGQkKZnqoISv0W2tyK6
k4eHQ7ePclE2ZYSSsN280jNoooKKDcs+ZjZ1/v4cxiG6Gg06FtChaNgboGA6dd82
6yQg8qriXsblHq6RJ5gKHc+8LDoN7yxPbYW2fcSkw0BsyLTwlJVlEvj28Vr6g+76
aQV/V/+o3Y1nyyJJiG25BgHIyok3fByHzRumRhw2OBpACwxyCTdvEBsSFAwPw/M4
6JMjNBUOrLSqm+iIvrNVA5FJkFY9iNwI59JIMBAyBx7YloLfxTKUWtJUGp3qLMsZ
cwp1TPBt5c5PsgwzCKYFZCHVylCMAlLIjon9SJr6AXDWIibrRplhjKd/BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMjwrLg2USXKtqUV1sp/bLjNRs2MB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvc3lQQ3N1RFpSSmNxMnBSWFd5bjlzdU0xR3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucbSMA0G
CSqGSIb3DQEBCwUAA4IBAQB6dLerx6YCk68ONAUzaMXcbqOOHcvaiFDq1swDf9Yd
xUtD++wJ6tCB7Nmk2YUEgr80qiY/FA2b/VGGd3b7LC/Ak+8KW5fjIR1efL3N5K94
R8wmdPrn3ItKImXV53QPQeU0wFrHA2UKEIvny2PBUedZ6S8i6IXySx+VMlvW/TG6
FQbeVZw6K/b1Bdp5KUJjlj1mwLaNfIorQ7Y/qeQJdOS7/+QWqS2ThT3r+ow+HLQd
xsOqrR58w1uO0TilBlMVYX4+t2oY0zZBVadLC9Jkbm9dqoYXvZgItNJ3GEDqjl+X
2Y8m6rv67ZImixFVtjgUIE5I1WHmMdt0iHgWC71Jfys5
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:13 2025 by rpki-client