Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0nELE5r84Hm3sCxD2gvDiq1r18g.roa
File: 0nELE5r84Hm3sCxD2gvDiq1r18g.roa (raw, json)
Hash identifier: ezupSLB3JR0bMn0JZDULdQg/wXYHMvpluF+nfo+ALEg=
Subject key identifier: D2:71:0B:13:9A:FC:E0:79:B7:B0:2C:43:DA:0B:C3:8A:AD:6B:D7:C8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193EAA546145C2D50AEA44CBA2E04E0D257
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0nELE5r84Hm3sCxD2gvDiq1r18g.roa
Signing time: Sat 21 Dec 2024 19:15:20 +0000
ROA not before: Sat 21 Dec 2024 19:15:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 185.220.248.0/24 maxlen: 24
185.238.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:a5:46:14:5c:2d:50:ae:a4:4c:ba:2e:04:e0:d2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 21 19:15:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2710b139afce079b7b02c43da0bc38aad6bd7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e7:54:ff:34:ae:02:73:a3:2e:0a:90:41:78:
b6:01:a4:b9:b3:25:3d:7e:05:b9:55:a0:e0:8d:d5:
37:6b:59:53:0d:c7:7a:44:a5:b1:d1:ed:e4:04:9f:
da:b8:da:f1:8e:5e:be:66:56:a1:36:a8:31:71:8f:
df:13:05:47:61:da:e0:49:c4:cb:ab:74:66:bc:c1:
b7:75:b3:7a:df:66:74:87:77:20:3b:56:d6:99:52:
e7:56:fb:94:a1:65:db:65:26:a3:09:d2:7b:7e:63:
e3:fc:26:33:4c:63:b9:3b:32:05:0d:ed:69:ae:f6:
b8:18:e8:5a:2c:f0:f0:24:ed:11:5b:21:7a:b2:4c:
fe:0c:91:3e:20:c2:91:f0:1c:19:38:54:20:6b:98:
0c:0b:e9:42:b4:1b:95:5c:6c:4e:7f:79:d5:4b:42:
51:07:eb:38:30:21:29:64:24:d4:0f:f0:da:4c:f0:
f6:91:d4:f5:aa:55:e6:21:a1:d5:f0:15:f8:f8:24:
c0:e5:6b:9c:cc:c9:65:37:1f:6a:cc:59:9c:20:bb:
87:1a:e3:88:82:fe:37:e3:02:bb:0a:60:58:8d:5e:
8a:af:0b:18:f0:ce:8e:02:e0:25:fe:3e:67:de:24:
92:db:7c:3a:19:cc:ac:de:b4:bc:2d:44:ed:1f:bd:
b9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:71:0B:13:9A:FC:E0:79:B7:B0:2C:43:DA:0B:C3:8A:AD:6B:D7:C8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0nELE5r84Hm3sCxD2gvDiq1r18g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.248.0/24
185.238.228.0/24
Signature Algorithm: sha256WithRSAEncryption
08:4b:21:70:a2:c5:b6:72:40:83:3f:ed:6e:c4:2f:e6:92:a1:
2d:2f:02:fb:3b:0d:de:47:f1:99:6c:b7:cd:a5:92:f1:ce:60:
c5:f2:a3:39:d9:cb:79:07:c2:c1:15:da:92:38:25:14:04:23:
35:2d:68:62:39:d2:91:20:a7:c2:b8:32:38:e2:cd:d1:32:87:
8e:93:73:93:fe:5d:36:9b:dd:ce:d0:96:b8:81:c0:59:28:b9:
bd:b2:2c:46:66:aa:a6:45:fe:00:c5:cd:75:d9:07:13:8b:16:
dd:32:d0:f6:d5:ca:18:2a:7c:45:ce:65:0a:3b:81:b7:9b:ea:
bd:44:2b:a3:17:ec:61:91:e0:16:3c:ad:9f:14:6a:93:90:ef:
1e:8a:e9:b6:76:63:19:4a:27:bd:3f:66:5a:5e:5f:e5:83:05:
ee:8d:22:ff:dc:b0:a2:9d:06:67:8b:81:0f:fb:9b:60:2e:c0:
12:10:c9:99:a9:97:92:1e:0a:89:b8:7d:f1:48:f2:9f:13:72:
56:34:91:07:d6:eb:6c:a8:1b:de:dd:52:e9:ec:85:af:41:cc:
e8:4d:cc:cf:6b:94:26:44:a2:8f:5c:e2:ff:ed:73:17:2a:2e:
e7:08:c4:0f:ec:32:dc:32:ce:3d:a5:e8:cf:29:8e:08:d0:a6:
bd:9a:8a:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPqpUYUXC1QrqRMui4E4NJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjIxMTkxNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjcxMGIxMzlhZmNlMDc5YjdiMDJjNDNkYTBiYzM4YWFkNmJkN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvudU/zSuAnOjLgqQQXi2AaS5syU9
fgW5VaDgjdU3a1lTDcd6RKWx0e3kBJ/auNrxjl6+ZlahNqgxcY/fEwVHYdrgScTL
q3RmvMG3dbN632Z0h3cgO1bWmVLnVvuUoWXbZSajCdJ7fmPj/CYzTGO5OzIFDe1p
rva4GOhaLPDwJO0RWyF6skz+DJE+IMKR8BwZOFQga5gMC+lCtBuVXGxOf3nVS0JR
B+s4MCEpZCTUD/DaTPD2kdT1qlXmIaHV8BX4+CTA5WuczMllNx9qzFmcILuHGuOI
gv434wK7CmBYjV6KrwsY8M6OAuAl/j5n3iSS23w6Gcys3rS8LUTtH725QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNJxCxOa/OB5t7AsQ9oLw4qta9fIMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMG5FTEU1cjg0SG0zc0N4RDJndkRpcTFyMThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudz4AwQA
ue7kMA0GCSqGSIb3DQEBCwUAA4IBAQAISyFwosW2ckCDP+1uxC/mkqEtLwL7Ow3e
R/GZbLfNpZLxzmDF8qM52ct5B8LBFdqSOCUUBCM1LWhiOdKRIKfCuDI44s3RMoeO
k3OT/l02m93O0Ja4gcBZKLm9sixGZqqmRf4Axc112QcTixbdMtD21coYKnxFzmUK
O4G3m+q9RCujF+xhkeAWPK2fFGqTkO8eium2dmMZSie9P2ZaXl/lgwXujSL/3LCi
nQZni4EP+5tgLsASEMmZqZeSHgqJuH3xSPKfE3JWNJEH1utsqBve3VLp7IWvQczo
TczPa5QmRKKPXOL/7XMXKi7nCMQP7DLcMs49pejPKY4I0Ka9moqw
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:32:34 2025 by rpki-client