Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/cF90IHI-9aggqzJvpGv3cAZxwTo.roa
File: cF90IHI-9aggqzJvpGv3cAZxwTo.roa (raw, json)
Hash identifier: DGo2WmrrQUfNpc4jUhVTldC1vQwCObSd/Eq1X2LLvQ8=
Subject key identifier: 70:5F:74:20:72:3E:F5:A8:20:AB:32:6F:A4:6B:F7:70:06:71:C1:3A
Certificate issuer: /CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Certificate serial: 0194258F407CD2CDE259EFD80068BB711A8C
Authority key identifier: BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/cF90IHI-9aggqzJvpGv3cAZxwTo.roa
Signing time: Thu 02 Jan 2025 05:48:52 +0000
ROA not before: Thu 02 Jan 2025 05:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204149
IP address blocks: 185.112.188.0/24 maxlen: 24
185.112.189.0/24 maxlen: 24
185.112.190.0/24 maxlen: 24
185.112.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 14:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:40:7c:d2:cd:e2:59:ef:d8:00:68:bb:71:1a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Validity
Not Before: Jan 2 05:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=705f7420723ef5a820ab326fa46bf7700671c13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:25:76:34:3e:d2:15:87:ef:e3:68:24:a5:63:
0e:05:5b:2c:fb:44:d2:c3:bf:a4:05:88:02:ef:7a:
cf:86:64:28:5a:d2:ae:1e:bb:61:77:41:e0:0c:d8:
c5:97:2e:58:d7:9e:fe:1f:d2:9c:89:fc:ee:0d:6c:
96:a7:17:09:0a:28:6d:dd:3c:dc:84:a4:ae:84:a4:
1b:7a:e6:fb:7b:c1:3f:02:a5:f3:7e:44:e8:38:59:
5a:b4:47:57:22:86:e2:71:c8:6b:5e:a2:92:9c:df:
66:f1:2d:99:63:43:a1:1d:9f:c9:19:e4:34:25:12:
91:a8:67:84:30:83:bf:7d:b1:e3:12:b2:48:ed:4b:
4b:bb:4e:4a:f8:51:29:c4:aa:0b:82:fc:43:73:56:
37:47:c6:da:10:b7:a5:89:99:b9:83:4a:ec:7b:1a:
21:a2:a3:6e:31:e6:a0:8a:ee:c0:65:a8:e5:6c:8e:
5f:3d:eb:98:b4:1f:cb:21:e0:77:47:e1:f2:5e:98:
02:f1:40:5e:91:3c:67:98:37:bc:99:18:0f:46:f0:
64:e4:cf:3e:be:c6:48:6e:b7:56:8f:e5:39:93:f0:
7d:a8:44:0a:57:ea:b8:5a:51:9b:db:eb:63:4c:6d:
e0:e3:c4:9b:e8:5d:02:a5:1a:d7:54:2f:f8:a9:f8:
c5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5F:74:20:72:3E:F5:A8:20:AB:32:6F:A4:6B:F7:70:06:71:C1:3A
X509v3 Authority Key Identifier:
keyid:BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/cF90IHI-9aggqzJvpGv3cAZxwTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.188.0/22
Signature Algorithm: sha256WithRSAEncryption
08:4f:5f:fd:da:f6:10:49:33:5f:e8:42:9a:04:d9:c2:59:6f:
e3:4e:0b:3f:96:69:48:32:2c:4d:4e:98:ff:3a:e5:3a:5c:ea:
91:d4:d6:82:b3:2b:e6:40:f7:b0:3a:69:d0:c2:69:2b:e7:f7:
9e:4a:b8:98:c9:4e:90:8f:0d:d7:9b:3c:2d:5a:55:70:0c:8b:
2d:d0:6c:f0:32:cd:b1:17:05:b2:fb:7f:c6:51:b8:4b:72:48:
aa:45:8c:a9:4d:64:10:1b:8a:4d:0e:3c:f0:fc:86:da:b0:eb:
08:2f:fb:d9:60:0d:c4:a3:b3:20:74:c8:a8:de:73:17:8e:56:
3f:b2:42:d7:bb:8d:61:9b:c3:1f:20:19:bf:88:34:e5:0c:7f:
8e:9c:e6:8e:1d:0a:46:a4:92:e7:c2:7f:07:82:f5:30:54:22:
f0:51:e0:04:ab:dc:fb:82:5e:1e:a3:32:58:2d:3f:b8:b5:9f:
d8:3e:27:86:33:3b:13:11:1a:8b:fa:2a:59:74:59:09:5d:55:
7a:2a:36:35:d8:f8:a0:8c:3d:d9:73:79:7b:92:3b:55:15:50:
28:06:d3:95:5b:8a:a3:9c:35:2a:c5:57:ac:02:74:8c:14:01:
9b:1b:e5:fb:8a:46:6d:bb:d1:40:28:98:a2:bf:de:ce:c4:73:
39:d6:ac:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj0B80s3iWe/YAGi7cRqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDNhZDAwN2UyYTI0MmE2YjA5MDYxYTNjMWEzNjBh
NjRkNWEwHhcNMjUwMTAyMDU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVmNzQyMDcyM2VmNWE4MjBhYjMyNmZhNDZiZjc3MDA2NzFjMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CV2ND7SFYfv42gkpWMOBVss+0TS
w7+kBYgC73rPhmQoWtKuHrthd0HgDNjFly5Y157+H9KcifzuDWyWpxcJCiht3Tzc
hKSuhKQbeub7e8E/AqXzfkToOFlatEdXIobicchrXqKSnN9m8S2ZY0OhHZ/JGeQ0
JRKRqGeEMIO/fbHjErJI7UtLu05K+FEpxKoLgvxDc1Y3R8baELeliZm5g0rsexoh
oqNuMeagiu7AZajlbI5fPeuYtB/LIeB3R+HyXpgC8UBekTxnmDe8mRgPRvBk5M8+
vsZIbrdWj+U5k/B9qEQKV+q4WlGb2+tjTG3g48Sb6F0CpRrXVC/4qfjFGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBfdCByPvWoIKsyb6Rr93AGccE6MB8GA1UdIwQY
MBaAFLycQDrQB+KiQqawkGGjwaNgpk1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQt
ODhlNjgxNjI3MWY3LzEvY0Y5MElISS05YWdncXpKdnBHdjNjQVp4d1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQtODhlNjgxNjI3MWY3
LzEvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXC8MA0G
CSqGSIb3DQEBCwUAA4IBAQAIT1/92vYQSTNf6EKaBNnCWW/jTgs/lmlIMixNTpj/
OuU6XOqR1NaCsyvmQPewOmnQwmkr5/eeSriYyU6Qjw3XmzwtWlVwDIst0GzwMs2x
FwWy+3/GUbhLckiqRYypTWQQG4pNDjzw/IbasOsIL/vZYA3Eo7MgdMio3nMXjlY/
skLXu41hm8MfIBm/iDTlDH+OnOaOHQpGpJLnwn8HgvUwVCLwUeAEq9z7gl4eozJY
LT+4tZ/YPieGMzsTERqL+ipZdFkJXVV6KjY12PigjD3Zc3l7kjtVFVAoBtOVW4qj
nDUqxVesAnSMFAGbG+X7ikZtu9FAKJiiv97OxHM51qzo
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:16:00 2025 by rpki-client