Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KddOrEuzBzqNUFYqn3UkSU6ZwRU.roa
File: KddOrEuzBzqNUFYqn3UkSU6ZwRU.roa (raw, json)
Hash identifier: iDn6VdOFkdC2j29estlt/VYvUiDqig2WrNWM2QEBbnQ=
Subject key identifier: 29:D7:4E:AC:4B:B3:07:3A:8D:50:56:2A:9F:75:24:49:4E:99:C1:15
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194B54F1700563F4FA8D48F331FF40F9F81
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KddOrEuzBzqNUFYqn3UkSU6ZwRU.roa
Signing time: Thu 30 Jan 2025 03:44:06 +0000
ROA not before: Thu 30 Jan 2025 03:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400992
IP address blocks: 185.121.12.0/24 maxlen: 24
185.121.15.0/24 maxlen: 24
185.232.205.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b5:4f:17:00:56:3f:4f:a8:d4:8f:33:1f:f4:0f:9f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 30 03:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29d74eac4bb3073a8d50562a9f7524494e99c115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:40:8f:c0:70:d7:a0:a1:2a:f4:b1:4a:cd:c6:
ce:64:e8:37:87:97:61:f9:d6:79:32:e8:b9:2b:a9:
6f:6c:e9:80:bf:97:12:1b:2b:3e:45:99:3f:a9:88:
ae:61:52:bb:07:7a:b0:2f:fb:3a:0a:91:d2:f5:7c:
69:f9:ff:d8:34:f0:62:41:2f:77:db:98:d7:25:65:
03:b4:94:aa:dd:15:64:e0:af:d4:9c:dd:15:b6:5d:
26:7a:98:bb:de:a6:71:b0:0c:87:3e:29:30:62:ba:
d7:82:bc:68:2a:91:9e:ab:72:24:c2:7a:0e:0b:7a:
44:8f:6a:96:77:26:db:b1:e3:fe:44:30:ff:e7:f4:
83:b2:d2:b2:91:a7:79:48:56:20:ed:fb:22:bd:29:
38:25:3f:20:9d:d3:bd:30:ad:56:70:28:dc:8b:0c:
ca:f6:73:99:50:6d:62:d0:f9:54:0c:bf:3a:30:62:
ab:20:9b:5f:f1:8e:07:b1:a4:59:99:09:76:72:66:
86:5b:11:d0:86:3c:42:67:44:08:6e:76:ac:df:c1:
dd:40:5b:9b:b2:ca:f2:ed:ef:66:8a:a0:7f:15:35:
3b:07:d0:af:5d:a6:8c:3c:3f:48:c9:09:a6:c4:0a:
16:1c:f3:7e:d8:83:6b:d4:81:fc:fc:05:ba:2b:eb:
2b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D7:4E:AC:4B:B3:07:3A:8D:50:56:2A:9F:75:24:49:4E:99:C1:15
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KddOrEuzBzqNUFYqn3UkSU6ZwRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/24
185.121.15.0/24
185.232.205.0/24
193.17.183.0/24
Signature Algorithm: sha256WithRSAEncryption
58:2f:06:ba:96:12:f9:7b:ff:e4:21:7b:50:3b:bb:da:a4:8b:
9b:e7:17:a3:21:42:07:df:d6:0f:14:28:f3:18:cf:7c:32:a4:
71:38:cf:8b:a6:f2:b5:b0:1a:b7:22:bb:98:8a:9c:fb:5e:5b:
96:09:4b:35:e9:eb:a8:0e:b9:ff:e9:c6:08:dd:0e:5b:1e:13:
e6:7e:8c:bc:67:25:6b:48:73:ba:ea:c2:91:9c:05:50:20:a2:
3a:08:29:bb:de:3e:ce:ee:48:a9:1c:1c:64:43:cb:eb:03:d2:
04:f9:99:a9:01:d3:9b:50:cc:7d:29:7e:2b:0a:48:a3:e4:d5:
b3:08:dd:c7:21:f4:a1:dd:40:19:84:bf:54:fa:a1:22:5e:23:
c2:58:53:94:18:52:6f:d6:3e:12:3f:f8:e1:2d:e0:4a:2a:d0:
26:94:05:51:4b:0c:62:4e:66:2c:93:b0:12:ce:0e:1b:29:6c:
d4:5c:24:bd:da:e5:de:b1:14:ac:13:66:52:bf:b3:3f:2d:1f:
22:40:28:63:b7:c4:a9:1b:f7:9a:f4:9b:25:7b:fc:ff:06:78:
53:f0:dc:ce:0f:5c:e3:87:b9:42:6f:7a:4b:84:ac:00:d5:f0:
a3:e2:01:95:dd:6b:3e:f8:63:bc:a3:1a:19:7a:ea:14:e9:1e:
6b:03:a3:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZS1TxcAVj9PqNSPMx/0D5+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTMwMDM0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ3NGVhYzRiYjMwNzNhOGQ1MDU2MmE5Zjc1MjQ0OTRlOTljMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30CPwHDXoKEq9LFKzcbOZOg3h5dh
+dZ5Mui5K6lvbOmAv5cSGys+RZk/qYiuYVK7B3qwL/s6CpHS9Xxp+f/YNPBiQS93
25jXJWUDtJSq3RVk4K/UnN0Vtl0mepi73qZxsAyHPikwYrrXgrxoKpGeq3IkwnoO
C3pEj2qWdybbseP+RDD/5/SDstKykad5SFYg7fsivSk4JT8gndO9MK1WcCjciwzK
9nOZUG1i0PlUDL86MGKrIJtf8Y4HsaRZmQl2cmaGWxHQhjxCZ0QIbnas38HdQFub
ssry7e9miqB/FTU7B9CvXaaMPD9IyQmmxAoWHPN+2INr1IH8/AW6K+srTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCnXTqxLswc6jVBWKp91JElOmcEVMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS2RkT3JFdXpCenFOVUZZcW4zVWtTVTZad1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuXkMAwQA
uXkPAwQAuejNAwQAwRG3MA0GCSqGSIb3DQEBCwUAA4IBAQBYLwa6lhL5e//kIXtQ
O7vapIub5xejIUIH39YPFCjzGM98MqRxOM+LpvK1sBq3IruYipz7XluWCUs16euo
Drn/6cYI3Q5bHhPmfoy8ZyVrSHO66sKRnAVQIKI6CCm73j7O7kipHBxkQ8vrA9IE
+ZmpAdObUMx9KX4rCkij5NWzCN3HIfSh3UAZhL9U+qEiXiPCWFOUGFJv1j4SP/jh
LeBKKtAmlAVRSwxiTmYsk7ASzg4bKWzUXCS92uXesRSsE2ZSv7M/LR8iQChjt8Sp
G/ea9Jsle/z/BnhT8NzOD1zjh7lCb3pLhKwA1fCj4gGV3Ws++GO8oxoZeuoU6R5r
A6Oh
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:38:58 2025 by rpki-client