Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JEl2bnpff-YO4JMh0KVi0OsTsaI.roa
File: JEl2bnpff-YO4JMh0KVi0OsTsaI.roa (raw, json)
Hash identifier: ULFzSL/KhxoeUswLzMI0GL/gkSr3t7h6VcSuoH6r0YM=
Subject key identifier: 24:49:76:6E:7A:5F:7F:E6:0E:E0:93:21:D0:A5:62:D0:EB:13:B1:A2
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0195A3457B3CB523D7E4352DFE1979B8CDB9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JEl2bnpff-YO4JMh0KVi0OsTsaI.roa
Signing time: Mon 17 Mar 2025 08:43:14 +0000
ROA not before: Mon 17 Mar 2025 08:43:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137897
IP address blocks: 185.246.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 09:32:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a3:45:7b:3c:b5:23:d7:e4:35:2d:fe:19:79:b8:cd:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 17 08:43:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2449766e7a5f7fe60ee09321d0a562d0eb13b1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d8:cc:99:a9:0f:a8:3f:c3:74:45:73:52:e9:
e6:68:01:89:6b:42:cb:47:1d:58:8c:3e:be:a0:74:
da:72:4b:7c:60:f6:de:7c:18:64:0d:bb:e1:2b:98:
95:da:76:8d:5c:51:47:a6:55:82:db:99:1f:7e:d5:
5c:1c:b3:b9:12:c8:07:f9:48:2c:0a:ff:63:cb:e9:
05:67:63:80:37:84:a6:65:bc:4f:79:11:a9:7a:0a:
f0:3f:39:71:4e:4c:f4:f8:ff:74:fd:d6:0b:0c:79:
b6:9b:76:ed:f6:84:69:b1:93:66:14:79:31:22:c2:
24:e0:26:13:3f:bc:44:5c:6f:37:08:5d:67:18:38:
8b:e0:4e:10:43:fe:fd:2b:ce:3f:9f:3e:34:bb:55:
e3:85:26:aa:40:d0:32:5f:32:6f:65:42:2a:fa:57:
4d:9e:f7:9a:fb:83:d4:a8:90:00:12:8f:9e:94:b5:
04:3e:67:a8:11:17:8c:1f:d3:30:1e:fc:b3:b9:17:
0f:11:4b:26:05:34:b2:e6:97:ea:90:e6:5d:61:95:
80:65:ba:24:74:fb:f7:7f:d0:fb:0d:f0:80:f3:19:
b7:8d:ab:1d:c8:5d:eb:06:e1:fa:e9:8a:b8:c5:ba:
77:00:30:99:c1:b1:9c:88:f2:23:70:78:7b:25:74:
94:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:49:76:6E:7A:5F:7F:E6:0E:E0:93:21:D0:A5:62:D0:EB:13:B1:A2
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/JEl2bnpff-YO4JMh0KVi0OsTsaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.112.0/24
193.8.114.0/24
Signature Algorithm: sha256WithRSAEncryption
00:49:db:f1:65:f7:3f:04:e9:55:96:93:38:f6:db:2f:bc:ff:
d5:38:1c:50:82:6f:c1:1e:7c:9b:1f:1b:98:92:56:40:1f:85:
ec:56:54:30:f2:3d:a2:f2:71:75:98:ed:eb:e4:55:e7:b4:df:
75:a6:da:72:8f:62:25:f6:e8:d1:bd:9c:44:8d:4d:e0:20:3e:
80:9a:28:53:7c:77:15:a4:00:79:b9:d6:cc:e2:f4:e9:1a:57:
72:e7:b1:df:25:1f:c5:7d:57:2f:3e:eb:bf:96:5a:65:cb:b8:
7c:62:a4:e0:1c:fe:0a:31:36:5a:17:62:93:1b:58:29:fe:48:
ad:f8:55:ca:de:e7:1e:08:0d:ea:54:c2:8b:b6:61:e1:4b:aa:
42:58:74:84:b6:6a:f7:0e:13:fc:2d:98:0b:ba:8a:21:a8:7e:
4e:3c:fc:6b:d4:d1:27:dd:e7:b2:2b:51:8c:07:70:1c:c4:74:
9f:55:34:f4:83:7c:64:da:8c:19:de:58:15:8d:d4:0b:b4:e8:
bc:2d:1a:55:3e:5b:36:d2:2f:18:17:1b:f7:13:74:4a:ca:a0:
5a:e8:31:13:5b:45:b9:6f:9a:e9:dd:e2:e0:06:a9:a0:32:b1:
b8:2e:09:79:9a:d3:03:ac:dc:97:f7:75:c7:87:4c:fb:ac:8f:
57:42:d0:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWjRXs8tSPX5DUt/hl5uM25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzE3MDg0MzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ5NzY2ZTdhNWY3ZmU2MGVlMDkzMjFkMGE1NjJkMGViMTNiMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9jMmakPqD/DdEVzUunmaAGJa0LL
Rx1YjD6+oHTackt8YPbefBhkDbvhK5iV2naNXFFHplWC25kfftVcHLO5EsgH+Ugs
Cv9jy+kFZ2OAN4SmZbxPeRGpegrwPzlxTkz0+P90/dYLDHm2m3bt9oRpsZNmFHkx
IsIk4CYTP7xEXG83CF1nGDiL4E4QQ/79K84/nz40u1XjhSaqQNAyXzJvZUIq+ldN
nvea+4PUqJAAEo+elLUEPmeoEReMH9MwHvyzuRcPEUsmBTSy5pfqkOZdYZWAZbok
dPv3f9D7DfCA8xm3jasdyF3rBuH66Yq4xbp3ADCZwbGciPIjcHh7JXSU1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCRJdm56X3/mDuCTIdClYtDrE7GiMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSkVsMmJucGZmLVlPNEpNaDBLVmkwT3NUc2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufZwAwQA
wQhyMA0GCSqGSIb3DQEBCwUAA4IBAQAASdvxZfc/BOlVlpM49tsvvP/VOBxQgm/B
HnybHxuYklZAH4XsVlQw8j2i8nF1mO3r5FXntN91ptpyj2Il9ujRvZxEjU3gID6A
mihTfHcVpAB5udbM4vTpGldy57HfJR/FfVcvPuu/llply7h8YqTgHP4KMTZaF2KT
G1gp/kit+FXK3uceCA3qVMKLtmHhS6pCWHSEtmr3DhP8LZgLuoohqH5OPPxr1NEn
3eeyK1GMB3AcxHSfVTT0g3xk2owZ3lgVjdQLtOi8LRpVPls20i8YFxv3E3RKyqBa
6DETW0W5b5rp3eLgBqmgMrG4Lgl5mtMDrNyX93XHh0z7rI9XQtAc
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:27:50 2025 by rpki-client