Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3rg5ExWqoyQzdSEh8lxNUtwgyqI.roa
File: 3rg5ExWqoyQzdSEh8lxNUtwgyqI.roa (raw, json)
Hash identifier: K44Kp7/eyrk6PjBxjZ/JlUF9tmYO7UQgejHGbiuf4/0=
Subject key identifier: DE:B8:39:13:15:AA:A3:24:33:75:21:21:F2:5C:4D:52:DC:20:CA:A2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422202C0B070EAD20E7829BE139A2C027
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3rg5ExWqoyQzdSEh8lxNUtwgyqI.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60721
IP address blocks: 185.194.28.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 08:43:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2c:0b:07:0e:ad:20:e7:82:9b:e1:39:a2:c0:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deb8391315aaa32433752121f25c4d52dc20caa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:82:8d:f8:9c:f0:7f:56:d5:e6:02:0f:68:
26:cb:83:0e:5e:5c:8a:e1:82:d1:b1:10:6c:68:7b:
a9:3a:64:c7:88:d7:f4:14:b0:3d:ca:53:2a:61:31:
75:cc:6b:d5:a3:d3:b0:57:c7:c2:f3:bf:05:69:b0:
e5:4c:24:6f:09:6c:37:65:62:4e:98:6b:46:ea:00:
f7:2a:2b:c8:70:54:18:ca:8b:29:72:96:5b:cc:3a:
e9:55:56:3b:48:59:f0:17:39:ba:6b:91:26:d8:2d:
ec:c1:4e:7b:f8:c3:70:15:be:97:76:35:12:a7:e9:
17:81:09:6e:24:68:2f:37:de:78:b1:7e:41:18:6e:
d9:6c:37:b4:ab:ce:39:66:9b:e2:e0:b7:92:49:f3:
7d:3e:99:59:96:7d:54:56:e1:76:ea:9a:b7:1d:64:
4f:b2:8a:e5:f9:3f:b5:29:6a:59:f3:de:d4:5c:06:
8a:fa:e7:47:46:e9:7f:62:d6:40:b6:3b:48:a8:4d:
eb:8e:bc:e0:4e:b6:71:17:0e:1e:e5:87:f4:1d:c6:
4d:c8:3a:b9:0c:83:82:aa:9c:01:3a:a5:bb:b8:8d:
9a:f6:29:51:7f:5f:f2:7f:7c:49:0a:e5:75:c7:ec:
82:b1:4d:86:d6:15:92:61:8b:0e:10:f1:da:3e:be:
f0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B8:39:13:15:AA:A3:24:33:75:21:21:F2:5C:4D:52:DC:20:CA:A2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3rg5ExWqoyQzdSEh8lxNUtwgyqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.28.0/24
185.225.3.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:7c:1f:45:c6:47:e7:7d:52:63:e9:5e:b0:7f:e6:86:55:20:
ab:9a:c2:c2:97:85:e9:42:bf:da:e0:91:d4:42:07:c1:c5:67:
e9:6e:a2:a7:91:02:75:77:e5:88:21:c2:f2:10:e2:91:3c:ef:
26:1d:8e:20:92:70:59:b6:0a:64:e0:2a:40:c5:cf:98:6e:da:
72:24:7f:dc:57:7a:f9:64:3b:35:dc:bf:30:27:d4:8a:99:e9:
7b:0d:bc:6f:f7:57:68:ae:a3:2c:c8:4d:90:e4:b4:67:b7:08:
f2:94:fe:29:c6:70:1b:d6:84:d3:26:ad:2d:5b:18:80:c8:f0:
ae:59:15:c5:a5:8f:f8:c4:db:a2:ac:c2:a1:81:dc:ea:59:26:
2b:8c:e7:fc:91:62:10:b3:bf:98:7b:ec:e9:59:a8:ee:37:4e:
d7:fb:92:38:ac:c9:d2:ed:2f:3e:ba:98:7c:c0:64:94:0a:20:
a0:e1:4e:b1:ce:40:41:0e:0e:fc:06:85:ff:07:41:1d:ae:e7:
a6:03:1c:00:9f:6d:65:02:9f:b7:07:25:0b:ec:91:a4:d0:b4:
c0:dc:84:91:7c:c7:26:1a:00:f9:c2:d4:52:33:fa:ff:45:d1:
39:37:6b:b7:fc:b1:d6:31:06:a6:0a:4e:95:b9:c1:d2:33:a2:
20:3a:16:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiICwLBw6tIOeCm+E5osAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWI4MzkxMzE1YWFhMzI0MzM3NTIxMjFmMjVjNGQ1MmRjMjBjYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7iCjfic8H9W1eYCD2gmy4MOXlyK
4YLRsRBsaHupOmTHiNf0FLA9ylMqYTF1zGvVo9OwV8fC878FabDlTCRvCWw3ZWJO
mGtG6gD3KivIcFQYyospcpZbzDrpVVY7SFnwFzm6a5Em2C3swU57+MNwFb6XdjUS
p+kXgQluJGgvN954sX5BGG7ZbDe0q845Zpvi4LeSSfN9PplZln1UVuF26pq3HWRP
sorl+T+1KWpZ897UXAaK+udHRul/YtZAtjtIqE3rjrzgTrZxFw4e5Yf0HcZNyDq5
DIOCqpwBOqW7uI2a9ilRf1/yf3xJCuV1x+yCsU2G1hWSYYsOEPHaPr7wmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN64ORMVqqMkM3UhIfJcTVLcIMqiMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM3JnNUV4V3FveVF6ZFNFaDhseE5VdHdneXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucIcAwQA
ueEDMA0GCSqGSIb3DQEBCwUAA4IBAQAvfB9FxkfnfVJj6V6wf+aGVSCrmsLCl4Xp
Qr/a4JHUQgfBxWfpbqKnkQJ1d+WIIcLyEOKRPO8mHY4gknBZtgpk4CpAxc+Ybtpy
JH/cV3r5ZDs13L8wJ9SKmel7Dbxv91dorqMsyE2Q5LRntwjylP4pxnAb1oTTJq0t
WxiAyPCuWRXFpY/4xNuirMKhgdzqWSYrjOf8kWIQs7+Ye+zpWajuN07X+5I4rMnS
7S8+uph8wGSUCiCg4U6xzkBBDg78BoX/B0EdruemAxwAn21lAp+3ByUL7JGk0LTA
3ISRfMcmGgD5wtRSM/r/RdE5N2u3/LHWMQamCk6VucHSM6IgOhaC
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:30:37 2025 by rpki-client