Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W4jy17He2XZMb_lX_YbRSqt9lq4.roa
File: W4jy17He2XZMb_lX_YbRSqt9lq4.roa (raw, json)
Hash identifier: 9TDzTLGAvZUpDXjKNF84L1koENfmDqmvFlrldTTEMDw=
Subject key identifier: 5B:88:F2:D7:B1:DE:D9:76:4C:6F:F9:57:FD:86:D1:4A:AB:7D:96:AE
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019620C1C9C23C1B66539AADFAD733648EA0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W4jy17He2XZMb_lX_YbRSqt9lq4.roa
Signing time: Thu 10 Apr 2025 17:31:33 +0000
ROA not before: Thu 10 Apr 2025 17:31:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 09:08:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:c1:c9:c2:3c:1b:66:53:9a:ad:fa:d7:33:64:8e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 10 17:31:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b88f2d7b1ded9764c6ff957fd86d14aab7d96ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:53:06:82:f7:61:61:02:5d:02:3e:af:62:c0:
0b:e5:32:27:c8:81:15:a6:f6:fe:16:a6:7f:57:af:
a0:c4:3e:0e:54:e0:8b:58:c6:03:5f:d7:88:3e:fa:
1c:9b:12:ad:8e:f2:7f:66:f2:4b:0a:a1:11:8e:d1:
bd:4f:a8:9d:f2:de:29:4f:6a:e7:b7:f1:3c:6e:09:
83:70:29:e1:36:7b:61:97:13:4e:fa:55:ee:f4:94:
fe:b7:a4:3e:92:f2:05:4d:71:21:48:d7:c2:a8:3d:
6f:7f:e5:c8:bf:15:9e:d3:30:2a:8c:37:70:bc:78:
15:00:26:d8:b1:97:43:f5:09:7d:6a:6a:18:e0:4e:
5a:1c:be:28:3c:1a:50:62:9a:39:7a:3a:be:a4:ef:
3e:3a:7f:3d:9a:ac:2f:1c:7b:8f:bf:41:fc:0a:36:
2c:43:7a:0e:92:82:be:6c:5b:15:d6:e8:20:a4:d8:
71:3a:60:e4:45:ae:42:89:87:a6:80:6c:31:0b:9b:
7e:3c:84:e3:08:bd:c9:51:63:99:76:58:a4:41:3f:
bb:7f:42:4b:1a:17:ce:e4:39:82:7d:9c:34:f7:f3:
c0:0e:54:af:ad:a5:75:9d:bc:48:50:81:59:f3:8f:
d2:43:5a:f9:d6:f4:37:e2:2b:ef:fa:6a:05:f0:34:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:88:F2:D7:B1:DE:D9:76:4C:6F:F9:57:FD:86:D1:4A:AB:7D:96:AE
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/W4jy17He2XZMb_lX_YbRSqt9lq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.199.54.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.220.248.0/24
185.220.250.0/23
185.222.28.0/24
185.223.78.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
25:3c:ad:25:26:14:e9:8e:a7:e0:78:5e:41:ea:47:f3:ed:56:
bd:51:c3:a0:95:8b:7b:46:c0:36:d2:dc:c3:b0:3f:1f:ea:c9:
1a:ea:70:d8:86:25:51:43:30:5b:67:5b:8e:ec:50:68:8b:15:
f1:59:1b:b4:26:d5:04:84:15:2e:e3:ff:ac:11:1c:d4:2c:fa:
c0:ff:67:8d:0b:ae:1b:1a:d1:e7:80:20:84:cb:c3:4d:d4:bf:
dd:89:4d:91:61:ca:c7:fd:04:51:15:32:fe:30:03:2a:65:d1:
82:c2:b9:21:92:6c:56:47:21:ba:f2:38:ed:35:87:eb:48:ce:
74:37:59:10:13:8f:3f:01:ca:3e:a2:3f:38:05:0d:ba:32:b2:
96:34:44:9b:f0:f4:46:f9:5d:98:88:ad:c5:b6:0b:0d:cf:0b:
cd:aa:cc:75:3b:22:bd:68:e1:ee:e3:90:0d:72:14:9f:24:83:
88:7a:15:20:b9:a0:28:1d:46:f8:c2:ee:fc:4a:60:3f:03:66:
56:47:ed:87:35:39:08:f7:0e:26:e1:8e:5e:fb:2d:09:d2:5c:
6d:3c:70:4a:87:3f:b9:80:0e:29:15:63:de:8e:a6:df:fc:4b:
f9:5c:d4:e3:78:4e:5e:5b:bc:4d:48:aa:29:4b:7b:4e:05:55:
fc:bb:91:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZYgwcnCPBtmU5qt+tczZI6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDEwMTczMTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjg4ZjJkN2IxZGVkOTc2NGM2ZmY5NTdmZDg2ZDE0YWFiN2Q5NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVMGgvdhYQJdAj6vYsAL5TInyIEV
pvb+FqZ/V6+gxD4OVOCLWMYDX9eIPvocmxKtjvJ/ZvJLCqERjtG9T6id8t4pT2rn
t/E8bgmDcCnhNnthlxNO+lXu9JT+t6Q+kvIFTXEhSNfCqD1vf+XIvxWe0zAqjDdw
vHgVACbYsZdD9Ql9amoY4E5aHL4oPBpQYpo5ejq+pO8+On89mqwvHHuPv0H8CjYs
Q3oOkoK+bFsV1uggpNhxOmDkRa5CiYemgGwxC5t+PITjCL3JUWOZdlikQT+7f0JL
GhfO5DmCfZw09/PADlSvraV1nbxIUIFZ84/SQ1r51vQ34ivv+moF8DRBJQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFFuI8tex3tl2TG/5V/2G0UqrfZauMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVzRqeTE3SGUyWFpNYl9sWF9ZYlJTcXQ5bHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAC5
flIDBAC5xzYDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC51mwDBAC52hQDBAC5
3PgDBAG53PoDBAC53hwDBAC5304DBAC535sDBAG54QADBAC54QMDBAG545IDBAC5
5EsDBAC56M4wDAMEBMEIcAMEAMEIcgMEAcE6kgMEAMJMrDANBgkqhkiG9w0BAQsF
AAOCAQEAJTytJSYU6Y6n4HheQepH8+1WvVHDoJWLe0bANtLcw7A/H+rJGupw2IYl
UUMwW2dbjuxQaIsV8VkbtCbVBIQVLuP/rBEc1Cz6wP9njQuuGxrR54AghMvDTdS/
3YlNkWHKx/0EURUy/jADKmXRgsK5IZJsVkchuvI47TWH60jOdDdZEBOPPwHKPqI/
OAUNujKyljREm/D0RvldmIitxbYLDc8LzarMdTsivWjh7uOQDXIUnySDiHoVILmg
KB1G+MLu/EpgPwNmVkfthzU5CPcOJuGOXvstCdJcbTxwSoc/uYAOKRVj3o6m3/xL
+VzU43hOXlu8TUiqKUt7TgVV/LuR7Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 03:21:38 2025 by rpki-client