Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0kGWvTie7BjyEUmFQAulYFCd6H0.roa
File: 0kGWvTie7BjyEUmFQAulYFCd6H0.roa (raw, json)
Hash identifier: +OY+UmWdNI1d2s0RuPJfRHgUp1V6DWvgvR+zqaEKrjk=
Subject key identifier: D2:41:96:BD:38:9E:EC:18:F2:11:49:85:40:0B:A5:60:50:9D:E8:7D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0196245878E84B7CD96482A20D9CAB6D73D2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0kGWvTie7BjyEUmFQAulYFCd6H0.roa
Signing time: Fri 11 Apr 2025 10:14:59 +0000
ROA not before: Fri 11 Apr 2025 10:14:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 09:41:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:58:78:e8:4b:7c:d9:64:82:a2:0d:9c:ab:6d:73:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 11 10:14:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d24196bd389eec18f2114985400ba560509de87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:0d:bd:93:83:ef:8c:04:74:81:fb:00:00:
47:f8:a5:9f:98:90:bc:01:d7:cd:a6:86:45:0d:4f:
bd:3f:1f:33:00:28:0e:89:ba:90:e9:f4:72:8c:fb:
a7:34:56:67:72:d2:2c:3e:09:5f:24:c1:5b:93:00:
d3:47:a4:73:4d:9b:72:ad:02:a9:6d:91:5a:66:af:
33:10:93:58:bd:ba:d2:25:e2:e2:b2:ee:a8:81:f1:
a6:8b:5f:46:29:61:4f:64:e9:e9:2a:2c:ae:91:c3:
f1:6c:e0:b1:9f:50:73:fa:22:49:ed:09:d0:a4:3a:
70:ab:7f:1c:f2:39:ea:7e:45:82:54:e5:a6:22:8f:
59:38:6d:76:21:39:f6:5d:db:d7:41:04:c5:76:84:
3e:96:02:7b:d2:fb:39:db:a0:45:06:f7:e4:38:79:
30:c7:67:e9:be:39:b2:07:0c:e0:00:4d:7b:4e:95:
7c:a0:31:0b:38:50:e4:5f:39:05:5d:61:d1:0d:68:
4b:82:79:1e:3b:ed:04:3f:ae:20:d6:ef:6d:2c:e2:
29:52:ed:15:3d:1b:83:f6:11:f8:4b:9a:6e:1a:24:
f7:81:26:a7:9a:33:ab:af:d0:c8:6d:ef:9b:a6:39:
f3:2c:cd:55:d6:eb:c5:66:3b:3b:e8:b9:3e:1c:2c:
c0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:41:96:BD:38:9E:EC:18:F2:11:49:85:40:0B:A5:60:50:9D:E8:7D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0kGWvTie7BjyEUmFQAulYFCd6H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.220.248.0/24
185.220.250.0/23
185.222.28.0/24
185.223.78.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
56:8b:08:85:b9:db:f8:1c:8e:d6:f8:96:f1:93:21:96:eb:59:
6d:ba:90:d6:d1:1a:9b:bb:77:36:20:0c:93:3e:8d:45:c8:c6:
48:cd:ce:d7:74:1d:78:46:6d:15:8b:2e:72:2f:3b:45:b3:18:
e7:fb:5f:66:17:d8:30:6a:3d:4e:e0:bc:63:2e:1b:ae:cc:45:
fb:fc:a6:0e:ca:30:6e:b9:e5:ff:ad:e5:59:6c:7d:ab:fd:4e:
4b:9c:5e:a9:9d:4c:54:14:24:19:23:ee:0a:43:35:6a:89:a8:
f8:2e:de:63:29:c4:35:bb:a0:e1:70:a3:f0:11:51:cb:50:0a:
95:31:e1:e5:61:12:6b:55:e2:a7:27:ae:54:f4:20:45:00:f4:
b3:c0:67:10:99:8d:0b:2a:5f:20:f1:82:ed:ca:da:3e:21:bf:
5d:f3:5e:85:11:bb:d7:9f:8c:29:6d:9d:8a:cd:e1:c4:15:05:
68:a0:ab:76:ba:e6:ab:cc:61:a2:a9:7c:e2:d4:e9:3f:69:c4:
17:5e:83:10:57:7d:f3:80:c7:34:5c:2c:3b:9d:1e:c1:98:1e:
6c:0b:11:d9:4d:1b:d4:dd:e7:24:91:e8:0f:8a:f0:2f:b1:56:
79:96:24:14:7e:56:36:57:91:64:96:e0:d4:31:8d:75:08:08:
c5:80:30:9b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZYkWHjoS3zZZIKiDZyrbXPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDExMTAxNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjQxOTZiZDM4OWVlYzE4ZjIxMTQ5ODU0MDBiYTU2MDUwOWRlODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPoNvZOD74wEdIH7AABH+KWfmJC8
AdfNpoZFDU+9Px8zACgOibqQ6fRyjPunNFZnctIsPglfJMFbkwDTR6RzTZtyrQKp
bZFaZq8zEJNYvbrSJeLisu6ogfGmi19GKWFPZOnpKiyukcPxbOCxn1Bz+iJJ7QnQ
pDpwq38c8jnqfkWCVOWmIo9ZOG12ITn2XdvXQQTFdoQ+lgJ70vs526BFBvfkOHkw
x2fpvjmyBwzgAE17TpV8oDELOFDkXzkFXWHRDWhLgnkeO+0EP64g1u9tLOIpUu0V
PRuD9hH4S5puGiT3gSanmjOrr9DIbe+bpjnzLM1V1uvFZjs76Lk+HCzAiQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNJBlr04nuwY8hFJhUALpWBQneh9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMGtHV3ZUaWU3Qmp5RVVtRlFBdWxZRkNkNkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAC5
flIDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC51mwDBAC52hQDBAC53PgDBAG5
3PoDBAC53hwDBAC5304DBAC535sDBAG54QADBAC54QMDBAG545IDBAC55EsDBAC5
6M4wDAMEBMEIcAMEAMEIcgMEAcE6kgMEAMJMrAMEAMJ8RTANBgkqhkiG9w0BAQsF
AAOCAQEAVosIhbnb+ByO1viW8ZMhlutZbbqQ1tEam7t3NiAMkz6NRcjGSM3O13Qd
eEZtFYsuci87RbMY5/tfZhfYMGo9TuC8Yy4brsxF+/ymDsowbrnl/63lWWx9q/1O
S5xeqZ1MVBQkGSPuCkM1aomo+C7eYynENbug4XCj8BFRy1AKlTHh5WESa1Xipyeu
VPQgRQD0s8BnEJmNCypfIPGC7craPiG/XfNehRG715+MKW2dis3hxBUFaKCrdrrm
q8xhoql84tTpP2nEF16DEFd984DHNFwsO50ewZgebAsR2U0b1N3nJJHoD4rwL7FW
eZYkFH5WNleRZJbg1DGNdQgIxYAwmw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:45 2025 by rpki-client