Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0pKNIskGS-InCH5se561KRqjLfI.roa
File: 0pKNIskGS-InCH5se561KRqjLfI.roa (raw, json)
Hash identifier: zl95WGs7IfyARMTQO9tLKQwnQDxgSCj8hxKFx6ypR8I=
Subject key identifier: D2:92:8D:22:C9:06:4B:E2:27:08:7E:6C:7B:9E:B5:29:1A:A3:2D:F2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019427803C76DCD28F768515B68986671857
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0pKNIskGS-InCH5se561KRqjLfI.roa
Signing time: Thu 02 Jan 2025 14:51:42 +0000
ROA not before: Thu 02 Jan 2025 14:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 185.199.54.0/24 maxlen: 24
185.206.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 09:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:80:3c:76:dc:d2:8f:76:85:15:b6:89:86:67:18:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 14:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2928d22c9064be227087e6c7b9eb5291aa32df2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:08:a2:b5:ff:f7:7b:c2:f2:7c:52:d9:3d:bc:
f0:b3:ed:b2:56:c3:17:83:e7:df:0b:d1:96:44:6e:
53:4b:dd:ec:07:3c:a4:e3:c1:2b:fb:97:15:d7:db:
06:50:a8:d7:11:1f:85:11:c2:5e:ec:b0:12:91:6e:
ae:5c:f5:58:13:86:a0:c2:7a:5e:1a:3d:22:63:82:
ce:1a:69:1b:66:eb:b0:c0:da:dc:ff:c5:0b:b4:a5:
ee:03:79:5e:75:3e:37:d4:d3:0e:6a:2e:b6:be:7f:
70:08:fc:7b:50:7a:a2:87:cb:5e:f7:b0:6a:32:83:
27:95:a9:78:0f:13:a3:b3:8b:f6:fe:89:d2:eb:82:
72:23:14:a2:0e:dd:6a:3c:ef:e1:8b:28:51:5c:77:
04:87:53:ed:27:76:05:15:b0:ed:6d:15:ff:6a:2c:
5b:18:09:b5:5e:15:ad:f7:a7:e4:13:e4:91:29:0d:
3b:b3:dc:7d:11:bb:17:5a:ae:62:5b:7c:d7:f0:7f:
15:bf:11:3e:7f:d7:ce:f9:fe:15:e1:ba:54:30:af:
cc:c9:68:89:af:36:63:11:d7:f6:ad:62:1f:d3:a7:
12:23:a0:1a:ae:34:59:73:14:77:cd:54:73:52:66:
ec:91:b0:13:ae:65:8a:c8:f5:50:6d:d2:e6:71:0e:
5e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:92:8D:22:C9:06:4B:E2:27:08:7E:6C:7B:9E:B5:29:1A:A3:2D:F2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/0pKNIskGS-InCH5se561KRqjLfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.54.0/24
185.206.250.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:92:f9:84:c9:b9:ab:0f:71:0d:16:85:0c:b4:d5:24:53:50:
46:e1:e9:96:7a:0b:a8:15:dd:fa:ca:6f:38:ae:ac:db:4e:3f:
bc:fd:1f:2e:a1:a1:32:63:b9:a8:f7:8b:bd:4f:5b:37:c5:b4:
1f:9a:61:35:e9:e3:34:85:e4:94:02:3e:42:c6:90:47:99:b5:
e5:de:02:c1:de:fa:4c:ac:c9:ab:81:03:82:3a:1f:75:01:46:
5f:29:d3:2e:00:b2:85:41:17:63:23:ae:22:18:56:91:91:b4:
80:56:5b:84:a3:ea:4b:71:fb:55:95:4f:dd:96:60:8a:c5:2c:
80:e5:fa:98:52:70:cb:1d:2d:cd:7b:ef:8c:98:8d:7d:62:be:
6f:df:83:73:14:e6:98:87:3e:9c:b2:21:04:9b:94:1d:cb:71:
4e:9f:c2:c0:82:27:5a:47:2e:f1:dd:43:f2:64:ef:a0:35:89:
b8:66:5b:e5:83:9d:97:45:d0:fc:7f:3b:27:cf:84:d2:46:18:
a0:42:ee:e3:88:2c:ba:c7:8d:76:e5:15:b0:80:3f:7f:2f:d4:
11:d8:8b:13:6c:7f:39:e4:a9:fc:a4:cb:c7:ca:db:fa:ab:ac:
bb:4a:be:cd:90:f2:3f:8d:34:a1:7e:22:89:cd:dd:14:cf:9f:
1e:25:92:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQngDx23NKPdoUVtomGZxhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAyMTQ1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkyOGQyMmM5MDY0YmUyMjcwODdlNmM3YjllYjUyOTFhYTMyZGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAiitf/3e8LyfFLZPbzws+2yVsMX
g+ffC9GWRG5TS93sBzyk48Er+5cV19sGUKjXER+FEcJe7LASkW6uXPVYE4agwnpe
Gj0iY4LOGmkbZuuwwNrc/8ULtKXuA3ledT431NMOai62vn9wCPx7UHqih8te97Bq
MoMnlal4DxOjs4v2/onS64JyIxSiDt1qPO/hiyhRXHcEh1PtJ3YFFbDtbRX/aixb
GAm1XhWt96fkE+SRKQ07s9x9EbsXWq5iW3zX8H8VvxE+f9fO+f4V4bpUMK/MyWiJ
rzZjEdf2rWIf06cSI6AarjRZcxR3zVRzUmbskbATrmWKyPVQbdLmcQ5eowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNKSjSLJBkviJwh+bHuetSkaoy3yMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMHBLTklza0dTLUluQ0g1c2U1NjFLUnFqTGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucc2AwQA
uc76MA0GCSqGSIb3DQEBCwUAA4IBAQCLkvmEybmrD3ENFoUMtNUkU1BG4emWeguo
Fd36ym84rqzbTj+8/R8uoaEyY7mo94u9T1s3xbQfmmE16eM0heSUAj5CxpBHmbXl
3gLB3vpMrMmrgQOCOh91AUZfKdMuALKFQRdjI64iGFaRkbSAVluEo+pLcftVlU/d
lmCKxSyA5fqYUnDLHS3Ne++MmI19Yr5v34NzFOaYhz6csiEEm5Qdy3FOn8LAgida
Ry7x3UPyZO+gNYm4Zlvlg52XRdD8fzsnz4TSRhigQu7jiCy6x4125RWwgD9/L9QR
2IsTbH855Kn8pMvHytv6q6y7Sr7NkPI/jTShfiKJzd0Uz58eJZJC
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:31:37 2025 by rpki-client