Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/86e9cc-36a0-46f5-ba1e-c559e0971ee0/1/2tQO4gcOfCRROw0iAhE7tExtS-w.roa
File: 2tQO4gcOfCRROw0iAhE7tExtS-w.roa (raw, json)
Hash identifier: te1MRNKiuVhxYElA7TNkhrWTh5lRMbkZQIq7cIIggvs=
Subject key identifier: DA:D4:0E:E2:07:0E:7C:24:51:3B:0D:22:02:11:3B:B4:4C:6D:4B:EC
Certificate issuer: /CN=a2e4556a9579e202f54c159345458bc9245f90e4
Certificate serial: 018DCF28B6F60A3A4D05B3DBC924CFCA9BFA
Authority key identifier: A2:E4:55:6A:95:79:E2:02:F5:4C:15:93:45:45:8B:C9:24:5F:90:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouRVapV54gL1TBWTRUWLySRfkOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/86e9cc-36a0-46f5-ba1e-c559e0971ee0/1/2tQO4gcOfCRROw0iAhE7tExtS-w.roa
Signing time: Thu 22 Feb 2024 04:52:48 +0000
ROA not before: Thu 22 Feb 2024 04:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211007
IP address blocks: 185.249.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cf:28:b6:f6:0a:3a:4d:05:b3:db:c9:24:cf:ca:9b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2e4556a9579e202f54c159345458bc9245f90e4
Validity
Not Before: Feb 22 04:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dad40ee2070e7c24513b0d2202113bb44c6d4bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:26:16:39:9c:a8:2a:93:d8:c3:3b:3f:50:62:
b5:6b:23:8c:63:7e:da:6c:e5:ed:d2:ef:40:ce:77:
42:84:65:58:1f:12:20:bb:b8:f3:62:96:89:fd:c0:
6d:c7:d4:b9:e2:ad:e0:97:29:91:aa:38:6d:3d:6b:
1d:27:e7:70:37:07:9f:9f:9d:fb:36:c0:37:5f:9a:
ed:d8:c5:b8:9c:c6:06:f5:cb:b1:26:57:29:ea:c3:
85:48:18:13:1d:0c:21:e2:c0:e9:b9:57:44:e8:7b:
af:1a:7f:b3:14:12:f6:1a:7b:06:be:e4:08:fc:96:
b1:37:d8:f7:5d:9f:89:a3:0d:3e:f3:fd:79:8d:86:
97:6d:53:ef:0f:54:ca:80:e4:41:27:d8:01:7e:e8:
d5:77:be:e3:49:5e:78:7d:e7:bf:9a:47:d7:6d:20:
c3:66:87:a1:56:a4:cf:63:e6:95:39:cd:4e:6b:19:
33:1b:11:78:eb:dc:18:da:82:57:3e:a4:1c:81:a0:
a1:49:55:fa:b8:b9:57:7d:d1:2d:bf:24:c2:b6:ca:
4e:62:91:a9:03:d2:ef:a7:c7:f7:f1:37:8a:f3:ed:
18:06:f3:6f:4e:b3:b5:0a:6e:6a:ce:b9:08:43:fd:
28:76:9c:ac:44:08:31:2a:5b:41:d9:f6:18:cd:a5:
3e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D4:0E:E2:07:0E:7C:24:51:3B:0D:22:02:11:3B:B4:4C:6D:4B:EC
X509v3 Authority Key Identifier:
keyid:A2:E4:55:6A:95:79:E2:02:F5:4C:15:93:45:45:8B:C9:24:5F:90:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouRVapV54gL1TBWTRUWLySRfkOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/86e9cc-36a0-46f5-ba1e-c559e0971ee0/1/2tQO4gcOfCRROw0iAhE7tExtS-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/86e9cc-36a0-46f5-ba1e-c559e0971ee0/1/ouRVapV54gL1TBWTRUWLySRfkOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.156.0/24
Signature Algorithm: sha256WithRSAEncryption
87:42:86:b7:fc:7f:61:9c:99:ad:74:38:0a:36:0f:8f:37:ca:
c5:a4:be:65:66:78:11:6b:e6:c3:f3:c4:7a:83:a7:09:ee:8d:
ae:08:20:a2:01:fe:ac:57:42:b2:fc:db:86:32:36:a7:d4:ab:
e6:56:02:63:bf:28:ab:b0:9d:de:e0:c2:a5:c6:bb:26:f4:01:
25:a7:37:55:1e:07:fa:37:29:15:41:cf:20:2e:7f:da:3a:bc:
97:0b:65:4c:0a:2f:20:29:23:b2:94:e1:9f:9e:a6:cc:36:e4:
ff:03:16:49:80:a0:e3:85:9a:aa:74:27:33:37:66:7e:0e:8a:
71:39:a3:89:9a:85:71:f8:3d:f7:f3:a1:87:86:d0:d6:43:35:
97:47:f8:ff:2b:71:4c:60:dc:2f:80:2e:26:ba:c8:83:e6:6d:
77:f2:38:b4:be:17:ee:ac:86:76:0a:20:74:13:31:75:68:0b:
43:c4:d2:6e:0f:36:c0:0b:50:15:5c:a2:6b:11:25:79:97:24:
f0:72:0b:3d:8f:6d:27:af:a4:06:f8:d3:51:24:56:8a:10:87:
76:3a:03:47:bb:ae:fb:d9:22:0b:ac:a0:15:e0:61:a5:46:43:
93:eb:54:64:b7:8b:25:d8:30:d6:cd:19:17:c9:dc:46:f6:be:
ec:b9:da:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3PKLb2CjpNBbPbySTPypv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZTQ1NTZhOTU3OWUyMDJmNTRjMTU5MzQ1NDU4YmM5MjQ1
ZjkwZTQwHhcNMjQwMjIyMDQ1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQ0MGVlMjA3MGU3YzI0NTEzYjBkMjIwMjExM2JiNDRjNmQ0YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyYWOZyoKpPYwzs/UGK1ayOMY37a
bOXt0u9AzndChGVYHxIgu7jzYpaJ/cBtx9S54q3glymRqjhtPWsdJ+dwNwefn537
NsA3X5rt2MW4nMYG9cuxJlcp6sOFSBgTHQwh4sDpuVdE6HuvGn+zFBL2GnsGvuQI
/JaxN9j3XZ+Jow0+8/15jYaXbVPvD1TKgORBJ9gBfujVd77jSV54fee/mkfXbSDD
ZoehVqTPY+aVOc1OaxkzGxF469wY2oJXPqQcgaChSVX6uLlXfdEtvyTCtspOYpGp
A9Lvp8f38TeK8+0YBvNvTrO1Cm5qzrkIQ/0odpysRAgxKltB2fYYzaU++QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrUDuIHDnwkUTsNIgIRO7RMbUvsMB8GA1UdIwQY
MBaAFKLkVWqVeeIC9UwVk0VFi8kkX5DkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3VSVmFwVjU0Z0wxVEJXVFJVV0x5U1Jma09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84NmU5Y2MtMzZhMC00NmY1LWJhMWUt
YzU1OWUwOTcxZWUwLzEvMnRRTzRnY09mQ1JST3cwaUFoRTd0RXh0Uy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84NmU5Y2MtMzZhMC00NmY1LWJhMWUtYzU1OWUwOTcxZWUw
LzEvb3VSVmFwVjU0Z0wxVEJXVFJVV0x5U1Jma09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufmcMA0G
CSqGSIb3DQEBCwUAA4IBAQCHQoa3/H9hnJmtdDgKNg+PN8rFpL5lZngRa+bD88R6
g6cJ7o2uCCCiAf6sV0Ky/NuGMjan1KvmVgJjvyirsJ3e4MKlxrsm9AElpzdVHgf6
NykVQc8gLn/aOryXC2VMCi8gKSOylOGfnqbMNuT/AxZJgKDjhZqqdCczN2Z+Dopx
OaOJmoVx+D3386GHhtDWQzWXR/j/K3FMYNwvgC4musiD5m138ji0vhfurIZ2CiB0
EzF1aAtDxNJuDzbAC1AVXKJrESV5lyTwcgs9j20nr6QG+NNRJFaKEId2OgNHu677
2SILrKAV4GGlRkOT61Rkt4sl2DDWzRkXydxG9r7sudrA
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:46 2025 by rpki-client