Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OMLjQX1kFNgMznmsIxoq-qRlPbU.roa
File: OMLjQX1kFNgMznmsIxoq-qRlPbU.roa (raw, json)
Hash identifier: t/M5RNv8hxqHRxSnqKqF4bi8rAfEcEv47GPEiZoVaBA=
Subject key identifier: 38:C2:E3:41:7D:64:14:D8:0C:CE:79:AC:23:1A:2A:FA:A4:65:3D:B5
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01950041B002D2414E85D23B70E7CCE3D9A5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OMLjQX1kFNgMznmsIxoq-qRlPbU.roa
Signing time: Thu 13 Feb 2025 17:00:59 +0000
ROA not before: Thu 13 Feb 2025 17:00:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400992
IP address blocks: 185.121.12.0/24 maxlen: 24
185.121.15.0/24 maxlen: 24
185.232.205.0/24 maxlen: 24
185.236.25.0/24 maxlen: 24
185.236.26.0/24 maxlen: 24
185.236.27.0/24 maxlen: 24
193.17.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 16:43:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:41:b0:02:d2:41:4e:85:d2:3b:70:e7:cc:e3:d9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 13 17:00:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38c2e3417d6414d80cce79ac231a2afaa4653db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:13:4c:7e:c3:ff:18:7a:a6:4c:b0:67:0b:ec:
a8:f2:ae:ff:e6:cd:18:7b:f8:dc:f6:32:ea:cd:45:
3f:c5:79:93:70:50:44:00:09:e4:76:75:eb:4e:c7:
55:c0:f4:7b:c8:d2:ce:fc:ee:0e:74:0a:2d:d0:0b:
bc:01:70:ee:5d:48:e1:be:e9:18:97:20:e7:a9:78:
ca:eb:d5:85:1d:7e:1a:33:6f:e3:cc:9c:44:af:29:
a7:45:13:ec:99:96:e6:eb:6c:ce:44:01:ce:09:bf:
25:a0:24:46:c0:bf:b4:f5:e7:39:b0:68:1d:e6:17:
7a:d1:91:75:fa:05:82:5c:a5:cb:fe:4f:ec:62:2e:
39:8a:6b:9a:49:62:cf:95:5b:5c:6b:78:e2:49:ea:
d1:36:ca:4f:3b:c0:7d:78:6f:99:bf:e5:51:2a:67:
df:57:38:b5:d6:6d:cf:b3:d4:6a:01:27:97:b5:3d:
56:ba:54:55:8a:26:31:5a:c0:b5:8b:83:f6:14:24:
2e:e4:cc:dd:9f:d6:2f:e4:13:a0:a5:cb:99:6f:da:
07:b0:2d:35:c5:71:26:24:c6:7a:c3:10:8e:ca:2b:
ab:19:14:47:81:20:52:b8:82:2c:89:4b:db:eb:3c:
15:42:7e:93:a4:f6:5c:ca:da:a5:27:e1:b4:85:8e:
24:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C2:E3:41:7D:64:14:D8:0C:CE:79:AC:23:1A:2A:FA:A4:65:3D:B5
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/OMLjQX1kFNgMznmsIxoq-qRlPbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/24
185.121.15.0/24
185.232.205.0/24
185.236.25.0-185.236.27.255
193.17.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:41:8d:49:b6:22:7a:95:b5:77:26:08:06:89:57:93:7c:70:
1f:d3:09:dd:d0:b4:d9:ef:97:82:0d:40:83:79:d2:05:8b:e4:
fe:a7:8d:20:ac:ae:ce:28:20:f2:69:9f:eb:2d:a8:0b:9c:25:
10:99:6d:e4:10:bc:2c:ca:04:61:13:70:29:48:d4:b1:70:40:
ab:dd:32:93:88:08:c6:2d:de:84:e9:3a:8e:7b:7f:6c:ff:8b:
dc:06:9d:b2:1c:af:7c:7f:6a:fe:84:e9:2a:22:64:21:ea:b7:
f9:02:f7:a3:11:42:9d:79:40:52:59:69:19:02:82:1f:15:00:
20:60:0f:dd:36:b2:07:c4:35:1e:2d:d2:52:93:a8:b0:a6:ae:
3e:16:27:22:55:de:fb:9a:67:80:da:71:8e:3d:d3:0f:33:c1:
77:9b:b5:e9:82:b0:00:59:03:d8:1e:a9:1d:d2:de:55:06:5b:
47:31:47:8b:99:f2:b5:49:82:df:0b:5a:ee:35:a0:c3:30:ee:
36:09:9c:dc:1a:af:ef:f8:bd:39:82:cc:a5:b1:6a:aa:46:2b:
0c:00:a9:77:1d:63:f3:c2:0c:4f:71:02:7c:b0:f2:d7:cf:db:
d5:6c:01:7f:bf:65:0e:43:d1:1f:9c:c9:6b:38:49:b3:1c:1a:
72:71:0c:e0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZUAQbAC0kFOhdI7cOfM49mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjEzMTcwMDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGMyZTM0MTdkNjQxNGQ4MGNjZTc5YWMyMzFhMmFmYWE0NjUzZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxNMfsP/GHqmTLBnC+yo8q7/5s0Y
e/jc9jLqzUU/xXmTcFBEAAnkdnXrTsdVwPR7yNLO/O4OdAot0Au8AXDuXUjhvukY
lyDnqXjK69WFHX4aM2/jzJxErymnRRPsmZbm62zORAHOCb8loCRGwL+09ec5sGgd
5hd60ZF1+gWCXKXL/k/sYi45imuaSWLPlVtca3jiSerRNspPO8B9eG+Zv+VRKmff
Vzi11m3Ps9RqASeXtT1WulRViiYxWsC1i4P2FCQu5Mzdn9Yv5BOgpcuZb9oHsC01
xXEmJMZ6wxCOyiurGRRHgSBSuIIsiUvb6zwVQn6TpPZcytqlJ+G0hY4kCwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDjC40F9ZBTYDM55rCMaKvqkZT21MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvT01MalFYMWtGTmdNem5tc0l4b3EtcVJsUGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAuXkMAwQA
uXkPAwQAuejNMAwDBAC57BkDBAK57BgDBADBEbcwDQYJKoZIhvcNAQELBQADggEB
AC5BjUm2InqVtXcmCAaJV5N8cB/TCd3QtNnvl4INQIN50gWL5P6njSCsrs4oIPJp
n+stqAucJRCZbeQQvCzKBGETcClI1LFwQKvdMpOICMYt3oTpOo57f2z/i9wGnbIc
r3x/av6E6SoiZCHqt/kC96MRQp15QFJZaRkCgh8VACBgD902sgfENR4t0lKTqLCm
rj4WJyJV3vuaZ4DacY490w8zwXebtemCsABZA9geqR3S3lUGW0cxR4uZ8rVJgt8L
Wu41oMMw7jYJnNwar+/4vTmCzKWxaqpGKwwAqXcdY/PCDE9xAnyw8tfP29VsAX+/
ZQ5D0R+cyWs4SbMcGnJxDOA=
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:32:36 2025 by rpki-client