Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/od4M0gooCV_eDys9W9iD0WWFkds.roa
File: od4M0gooCV_eDys9W9iD0WWFkds.roa (raw, json)
Hash identifier: 4sCaqtLuttzt6tPJ7pzXvPrGY24yjbRgldQPvW89IPY=
Subject key identifier: A1:DE:0C:D2:0A:28:09:5F:DE:0F:2B:3D:5B:D8:83:D1:65:85:91:DB
Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Certificate serial: 0193F2BB5AF72ECE74EEB5FB9795F07B73EA
Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/od4M0gooCV_eDys9W9iD0WWFkds.roa
Signing time: Mon 23 Dec 2024 08:56:25 +0000
ROA not before: Mon 23 Dec 2024 08:56:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 185.222.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 04:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:bb:5a:f7:2e:ce:74:ee:b5:fb:97:95:f0:7b:73:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Validity
Not Before: Dec 23 08:56:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1de0cd20a28095fde0f2b3d5bd883d1658591db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:26:b2:ba:47:84:c6:62:09:2d:ed:f3:2a:ab:
bb:96:41:36:f4:51:5e:bb:98:5b:98:24:3b:41:1f:
75:63:87:8e:bd:c3:27:83:af:b8:6f:67:94:ef:98:
93:f9:b1:bb:6f:3d:c0:94:c5:61:d9:eb:c1:91:30:
d5:b4:d7:e5:d2:c8:6f:d5:81:ea:b3:50:91:13:45:
53:89:64:fd:65:14:f4:1a:aa:a7:c8:11:75:32:a4:
36:23:78:63:42:81:7c:32:b0:c2:46:8e:1c:4e:9f:
d3:f3:5a:5b:70:84:34:bb:5f:88:ef:d0:80:9c:46:
dc:d2:14:92:39:fa:1d:e5:dd:00:dd:17:88:d1:10:
93:bd:94:ed:92:a5:8d:48:19:73:95:f9:d1:ab:60:
57:13:cf:67:8e:93:2c:12:17:45:58:6f:1f:ac:f1:
85:ed:09:ba:45:19:06:57:3f:bb:af:da:d1:65:41:
37:e7:c7:56:35:9d:80:c9:1b:73:b5:59:09:f2:af:
98:0e:4e:ad:3d:34:79:b2:a6:dc:30:09:6b:4e:f5:
8a:55:e4:a4:e8:ad:2b:2e:0e:e3:01:b5:f7:13:55:
4e:2d:53:1e:38:89:a3:75:42:b8:6e:53:78:1a:99:
88:13:f0:12:78:17:41:42:f3:0b:33:61:ad:12:00:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DE:0C:D2:0A:28:09:5F:DE:0F:2B:3D:5B:D8:83:D1:65:85:91:DB
X509v3 Authority Key Identifier:
keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/od4M0gooCV_eDys9W9iD0WWFkds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.210.0/24
Signature Algorithm: sha256WithRSAEncryption
21:bc:99:ca:9a:9a:52:4f:e9:c4:70:c4:10:12:9d:83:da:85:
99:ef:8c:3a:6f:c2:af:26:be:46:58:73:e7:00:d3:be:67:3c:
ba:42:44:f4:ac:df:e7:da:05:4d:2e:dc:89:64:88:90:b1:f4:
ad:69:33:5c:f0:44:4c:76:46:7f:f8:3c:ca:2f:27:94:30:04:
28:ca:2f:3d:4a:29:b4:a9:79:f5:9f:56:75:21:07:21:1f:75:
a7:b1:c8:ee:b0:a3:9e:d2:26:80:9a:ec:35:1b:39:4d:95:3e:
ba:8a:17:f8:89:a3:4d:30:12:7a:2a:4d:d0:00:95:e8:e3:f4:
60:4e:b4:f6:02:a9:8b:fe:11:12:62:5a:5f:12:e2:d0:6c:6c:
a0:d5:15:30:16:92:aa:87:59:31:3c:1c:dc:b1:32:70:1b:74:
e6:26:49:ea:18:95:5d:cd:b1:bf:81:5b:3f:36:a4:ea:0c:b9:
1c:48:69:af:37:36:a0:00:7c:b9:e4:92:ec:6f:54:d2:e7:a1:
ae:a6:97:f9:b9:21:19:bf:d5:43:d7:72:89:b8:74:14:79:67:
a8:6d:bd:83:7d:49:84:75:c2:29:12:22:ee:56:ee:d8:20:fb:
a2:3b:07:8f:d6:cb:9a:bc:c9:00:7d:5d:ee:a6:fd:ef:ba:2b:
25:c4:34:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPyu1r3Ls507rX7l5Xwe3PqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTY4MWYxNDRkYjE0MzBhYzMxNWM4MzA2ZTFjMTQ3MzBj
NWZlYzIwHhcNMjQxMjIzMDg1NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRlMGNkMjBhMjgwOTVmZGUwZjJiM2Q1YmQ4ODNkMTY1ODU5MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SayukeExmIJLe3zKqu7lkE29FFe
u5hbmCQ7QR91Y4eOvcMng6+4b2eU75iT+bG7bz3AlMVh2evBkTDVtNfl0shv1YHq
s1CRE0VTiWT9ZRT0GqqnyBF1MqQ2I3hjQoF8MrDCRo4cTp/T81pbcIQ0u1+I79CA
nEbc0hSSOfod5d0A3ReI0RCTvZTtkqWNSBlzlfnRq2BXE89njpMsEhdFWG8frPGF
7Qm6RRkGVz+7r9rRZUE358dWNZ2AyRtztVkJ8q+YDk6tPTR5sqbcMAlrTvWKVeSk
6K0rLg7jAbX3E1VOLVMeOImjdUK4blN4GpmIE/ASeBdBQvMLM2GtEgAaxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHeDNIKKAlf3g8rPVvYg9FlhZHbMB8GA1UdIwQY
MBaAFK2WgfFE2xQwrDFcgwbhwUcwxf7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2Yt
YTNhMTNlM2E3ZDgwLzEvb2Q0TTBnb29DVl9lRHlzOVc5aUQwV1dGa2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2YtYTNhMTNlM2E3ZDgw
LzEvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud7SMA0G
CSqGSIb3DQEBCwUAA4IBAQAhvJnKmppST+nEcMQQEp2D2oWZ74w6b8KvJr5GWHPn
ANO+Zzy6QkT0rN/n2gVNLtyJZIiQsfStaTNc8ERMdkZ/+DzKLyeUMAQoyi89Sim0
qXn1n1Z1IQchH3WnscjusKOe0iaAmuw1GzlNlT66ihf4iaNNMBJ6Kk3QAJXo4/Rg
TrT2AqmL/hESYlpfEuLQbGyg1RUwFpKqh1kxPBzcsTJwG3TmJknqGJVdzbG/gVs/
NqTqDLkcSGmvNzagAHy55JLsb1TS56Guppf5uSEZv9VD13KJuHQUeWeobb2DfUmE
dcIpEiLuVu7YIPuiOweP1suavMkAfV3upv3vuislxDRV
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:17:48 2025 by rpki-client