Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/ijOmFNaef_KJS2cCaa6G11rZhM8.roa
File: ijOmFNaef_KJS2cCaa6G11rZhM8.roa (raw, json)
Hash identifier: yaeWFWavjiGaFizQIdrtxhxcPAZsXb5ICLCHsU0XSvY=
Subject key identifier: 8A:33:A6:14:D6:9E:7F:F2:89:4B:67:02:69:AE:86:D7:5A:D9:84:CF
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 01962A6DC7CEF3C216048F752FBAC6094C3F
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/ijOmFNaef_KJS2cCaa6G11rZhM8.roa
Signing time: Sat 12 Apr 2025 14:35:59 +0000
ROA not before: Sat 12 Apr 2025 14:35:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.49.105.0/24 maxlen: 24
185.49.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 12:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:2a:6d:c7:ce:f3:c2:16:04:8f:75:2f:ba:c6:09:4c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Apr 12 14:35:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a33a614d69e7ff2894b670269ae86d75ad984cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5c:36:aa:cb:49:28:ac:2b:47:38:5c:cd:78:
21:f6:54:d4:bc:b8:6f:a6:d4:8f:5a:e3:13:45:3a:
25:87:aa:55:d1:96:9d:9b:e0:5a:53:de:99:f8:42:
4a:5e:06:1e:fc:be:91:cd:27:e1:d6:27:05:f0:9f:
7b:a1:0a:8c:5c:65:54:c9:23:5b:26:da:7a:a3:b2:
2a:63:7a:b2:ee:60:0a:20:e1:1c:67:02:8d:3b:55:
cd:7a:59:3a:3c:16:34:eb:70:36:bd:a3:3d:a3:2f:
e1:a2:3c:1c:de:35:5c:20:01:0d:57:45:3e:e0:23:
a5:20:de:fa:9d:0b:13:58:cb:f1:d5:6b:a3:25:ed:
1a:97:a9:9a:2d:df:53:33:5e:00:e1:04:a0:61:3b:
a6:af:6d:c1:09:40:28:00:24:3a:4c:5d:f6:fc:dc:
17:1c:19:7a:58:16:18:94:2b:50:1e:36:b5:ec:62:
ce:03:3e:1a:ad:c4:92:76:76:1d:5d:6a:ed:29:b6:
72:97:e5:ea:6d:1d:8e:db:3d:2d:7f:85:a8:25:0a:
7e:50:43:51:18:12:0e:30:e7:d5:e3:bd:d4:57:f9:
f2:37:1c:00:ee:27:8b:97:36:3d:04:26:c6:4d:f3:
6a:f9:8f:32:bb:d9:13:14:00:1a:8a:83:49:12:e1:
93:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:33:A6:14:D6:9E:7F:F2:89:4B:67:02:69:AE:86:D7:5A:D9:84:CF
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/ijOmFNaef_KJS2cCaa6G11rZhM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.105.0/24
185.49.107.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1e:7a:cb:a6:9d:23:4e:8d:26:64:ef:84:1f:d4:d0:cb:39:
b8:79:42:8d:17:31:82:96:d9:a4:3b:a1:0f:b5:18:95:94:97:
47:c6:5c:48:36:4e:c5:9b:a8:7a:3a:55:51:73:35:e4:10:76:
0a:bc:cf:a3:57:9a:6b:4c:1a:02:3b:81:44:25:2c:eb:7d:d7:
ff:cf:89:4f:b6:25:54:8a:4d:0a:2c:94:84:77:27:ab:9e:7d:
a0:fa:01:8a:53:df:bb:6f:92:ef:0b:0c:fc:b5:ea:5a:cd:f8:
70:58:42:ba:97:30:20:d5:51:f9:a6:fc:36:78:fd:f2:44:65:
64:f5:21:6e:4c:cc:74:67:39:2a:92:ab:70:d4:d7:e4:33:b5:
2b:f9:58:1b:57:2a:66:c4:99:41:09:34:b0:fe:12:65:a4:cb:
a2:4c:56:71:fb:d0:32:0e:88:0f:7e:4a:b3:fd:4b:ee:15:da:
ee:9f:05:cc:52:6a:10:d6:f5:c1:be:bd:c3:ef:86:91:d9:39:
f8:00:09:a8:11:99:93:0c:56:59:57:ba:43:99:61:2e:6b:e7:
2c:0c:11:5a:ed:fa:5f:23:bb:8c:4b:38:0c:47:00:a7:4f:ac:
87:d2:97:aa:27:d0:31:ae:ac:dd:00:59:52:77:16:61:21:02:
ab:1f:52:6b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYqbcfO88IWBI91L7rGCUw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjUwNDEyMTQzNTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTMzYTYxNGQ2OWU3ZmYyODk0YjY3MDI2OWFlODZkNzVhZDk4NGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1w2qstJKKwrRzhczXgh9lTUvLhv
ptSPWuMTRTolh6pV0Zadm+BaU96Z+EJKXgYe/L6RzSfh1icF8J97oQqMXGVUySNb
Jtp6o7IqY3qy7mAKIOEcZwKNO1XNelk6PBY063A2vaM9oy/hojwc3jVcIAENV0U+
4COlIN76nQsTWMvx1WujJe0al6maLd9TM14A4QSgYTumr23BCUAoACQ6TF32/NwX
HBl6WBYYlCtQHja17GLOAz4arcSSdnYdXWrtKbZyl+XqbR2O2z0tf4WoJQp+UENR
GBIOMOfV473UV/nyNxwA7ieLlzY9BCbGTfNq+Y8yu9kTFAAaioNJEuGTNQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIozphTWnn/yiUtnAmmuhtda2YTPMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL2lqT21GTmFlZl9LSlMyY0NhYTZHMTFyWmhNOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC5MWkD
BAC5MWswDQYJKoZIhvcNAQELBQADggEBAAgeesumnSNOjSZk74Qf1NDLObh5Qo0X
MYKW2aQ7oQ+1GJWUl0fGXEg2TsWbqHo6VVFzNeQQdgq8z6NXmmtMGgI7gUQlLOt9
1//PiU+2JVSKTQoslIR3J6uefaD6AYpT37tvku8LDPy16lrN+HBYQrqXMCDVUfmm
/DZ4/fJEZWT1IW5MzHRnOSqSq3DU1+QztSv5WBtXKmbEmUEJNLD+EmWky6JMVnH7
0DIOiA9+SrP9S+4V2u6fBcxSahDW9cG+vcPvhpHZOfgACagRmZMMVllXukOZYS5r
5ywMEVrt+l8ju4xLOAxHAKdPrIfSl6on0DGurN0AWVJ3FmEhAqsfUms=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:59:14 2025 by rpki-client