Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/S0VfIQyTN2EZBsuXzSRdHqb9xRY.roa
File: S0VfIQyTN2EZBsuXzSRdHqb9xRY.roa (raw, json)
Hash identifier: DZ2+3lLFB8UzGIfcKAZMtF8oTKMOfAz0umpKqYatKSE=
Subject key identifier: 4B:45:5F:21:0C:93:37:61:19:06:CB:97:CD:24:5D:1E:A6:FD:C5:16
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01953CC81FD7C3C3B02C380ACD2AB231973E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/S0VfIQyTN2EZBsuXzSRdHqb9xRY.roa
Signing time: Tue 25 Feb 2025 11:05:03 +0000
ROA not before: Tue 25 Feb 2025 11:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 185.209.74.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 09:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:c8:1f:d7:c3:c3:b0:2c:38:0a:cd:2a:b2:31:97:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 25 11:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b455f210c9337611906cb97cd245d1ea6fdc516
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:64:30:4c:27:8e:26:a8:09:df:71:b4:9c:
19:e3:a9:79:b2:48:ef:ab:d8:90:38:fb:a3:e0:61:
b5:40:ec:91:ae:fe:8d:63:33:ad:3b:9e:9a:06:69:
46:61:66:d5:08:cb:5b:3d:e2:cd:bb:f2:07:9c:bc:
ef:a2:58:48:91:ac:44:6f:82:bb:a3:cc:40:f8:c7:
cc:d5:0e:ec:b7:11:cc:e4:6e:97:8e:a7:24:f6:ce:
19:0a:d2:09:85:55:6a:06:c0:e5:8f:e2:aa:90:48:
44:b7:31:a6:f1:de:63:de:81:12:4a:0e:13:46:3e:
00:0b:c5:79:ab:17:ac:f7:1f:18:87:17:9c:0b:af:
e9:0c:69:b5:33:cb:32:8c:22:45:e3:a0:f9:2f:f5:
89:85:f7:42:54:58:ec:1f:bd:14:a7:46:e6:bb:4a:
20:4a:d7:2c:12:41:9f:60:da:c4:bb:5e:9b:e5:fd:
39:cd:51:4c:34:b4:57:45:14:96:d0:a8:69:0a:67:
d0:b3:96:ac:3a:4e:2e:c6:0e:61:65:40:d1:ff:a1:
20:36:ee:9f:a1:56:62:6c:0a:29:3d:da:ba:33:98:
e0:88:15:73:3c:00:0b:65:dd:cd:2d:f1:b9:35:fa:
76:0a:18:88:ce:3a:06:1a:81:7a:76:9f:e1:22:0a:
7b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:45:5F:21:0C:93:37:61:19:06:CB:97:CD:24:5D:1E:A6:FD:C5:16
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/S0VfIQyTN2EZBsuXzSRdHqb9xRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.74.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b6:4c:ef:bc:7f:27:b6:f0:31:a1:48:0f:d0:64:ea:0e:fa:
2c:70:b5:c4:29:f7:db:bd:ce:be:83:45:b5:15:41:30:e6:43:
36:3d:e8:e8:1b:8b:58:ac:53:52:24:a6:62:2b:87:e8:0c:a3:
5b:82:6e:4d:bf:7e:8b:be:f8:fa:7e:8f:da:7a:00:4d:2e:da:
8d:48:fc:01:e4:6f:0c:df:4a:06:d0:b2:e8:22:75:b1:d5:99:
79:5d:4a:0f:07:8d:1b:5e:0b:bb:71:7a:14:e3:e4:90:13:c1:
14:52:93:e7:bd:1b:3d:aa:0d:5d:56:97:0b:06:a6:38:f9:1c:
9d:b0:11:b6:00:0d:bb:00:ed:bf:fa:8d:df:43:4a:79:bc:71:
0a:00:c7:27:4c:88:93:38:dd:54:bd:3f:5e:8b:f1:5b:b3:4b:
d4:13:42:2b:5d:2c:09:f6:3b:c6:13:88:cb:41:fd:a0:f5:91:
6b:a4:42:19:1f:e7:76:ec:00:2c:43:80:60:4b:94:eb:63:b4:
aa:f1:3d:f0:2c:c5:65:90:b1:5c:f0:fd:14:0d:82:95:16:c0:
73:aa:b1:5e:c3:96:2d:17:4c:f1:d7:5f:bb:a1:75:a2:9c:d2:
ce:c3:43:14:14:cf:35:9c:c3:43:80:0c:bd:79:60:fc:5d:75:
6c:ca:5d:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZU8yB/Xw8OwLDgKzSqyMZc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjI1MTEwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQ1NWYyMTBjOTMzNzYxMTkwNmNiOTdjZDI0NWQxZWE2ZmRjNTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZJkMEwnjiaoCd9xtJwZ46l5skjv
q9iQOPuj4GG1QOyRrv6NYzOtO56aBmlGYWbVCMtbPeLNu/IHnLzvolhIkaxEb4K7
o8xA+MfM1Q7stxHM5G6Xjqck9s4ZCtIJhVVqBsDlj+KqkEhEtzGm8d5j3oESSg4T
Rj4AC8V5qxes9x8YhxecC6/pDGm1M8syjCJF46D5L/WJhfdCVFjsH70Up0bmu0og
StcsEkGfYNrEu16b5f05zVFMNLRXRRSW0KhpCmfQs5asOk4uxg5hZUDR/6EgNu6f
oVZibAopPdq6M5jgiBVzPAALZd3NLfG5Nfp2ChiIzjoGGoF6dp/hIgp78wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEtFXyEMkzdhGQbLl80kXR6m/cUWMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUzBWZklReVROMkVaQnN1WHpTUmRIcWI5eFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudFKAwQA
wkysMA0GCSqGSIb3DQEBCwUAA4IBAQCytkzvvH8ntvAxoUgP0GTqDvoscLXEKffb
vc6+g0W1FUEw5kM2PejoG4tYrFNSJKZiK4foDKNbgm5Nv36Lvvj6fo/aegBNLtqN
SPwB5G8M30oG0LLoInWx1Zl5XUoPB40bXgu7cXoU4+SQE8EUUpPnvRs9qg1dVpcL
BqY4+RydsBG2AA27AO2/+o3fQ0p5vHEKAMcnTIiTON1UvT9ei/Fbs0vUE0IrXSwJ
9jvGE4jLQf2g9ZFrpEIZH+d27AAsQ4BgS5TrY7Sq8T3wLMVlkLFc8P0UDYKVFsBz
qrFew5YtF0zx11+7oXWinNLOw0MUFM81nMNDgAy9eWD8XXVsyl08
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:30:50 2025 by rpki-client