Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyJFVVzfUFkZYW-nOKgR0j0OOVQ.roa
File: vyJFVVzfUFkZYW-nOKgR0j0OOVQ.roa (raw, json)
Hash identifier: rNHj6cpIGlN6aQotgOTj2elcnU9868lRt+b4ISV0t/c=
Subject key identifier: BF:22:45:55:5C:DF:50:59:19:61:6F:A7:38:A8:11:D2:3D:0E:39:54
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222032A00FF4881DDD42AF6058E2100C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyJFVVzfUFkZYW-nOKgR0j0OOVQ.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140641
IP address blocks: 185.108.204.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 11:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:32:a0:0f:f4:88:1d:dd:42:af:60:58:e2:10:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf2245555cdf505919616fa738a811d23d0e3954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:04:fb:1b:b0:d3:c9:24:30:81:01:a5:d5:2e:
1c:02:75:87:f1:2f:c3:74:a4:ea:12:84:2d:fe:42:
11:74:a1:15:97:bf:dd:ba:02:db:66:32:35:5c:b9:
b1:d3:c8:b2:2a:d0:52:61:a6:f1:2f:8d:1e:99:5a:
40:7f:91:be:33:0f:d4:1f:5d:b0:51:95:65:1c:b6:
07:ed:e4:74:f9:59:9b:79:e7:88:06:c9:ae:31:73:
50:91:af:ed:af:71:ac:f7:27:9c:52:d1:cc:e4:0d:
2e:fe:6f:02:b2:1e:6a:3c:0e:47:f7:aa:c8:11:d6:
3c:06:ed:05:d6:1e:a6:52:85:47:db:7c:dc:bd:1c:
23:f4:a0:ba:74:57:c4:0a:4f:a4:6f:99:3f:72:15:
2d:fb:20:f2:02:71:14:63:0b:9d:fa:85:87:04:43:
7c:e2:77:73:25:89:5d:04:1c:2e:06:19:12:7a:6a:
7e:ad:6b:2a:68:2d:6c:3b:8c:7c:21:85:71:f7:95:
96:99:12:9c:6b:3a:8d:29:33:bc:a1:9c:a8:99:a6:
e3:dd:4e:41:58:d0:65:e9:bf:fb:37:bc:73:dd:83:
3d:b9:09:1d:87:61:71:fd:0c:e8:f2:4f:09:30:5c:
26:52:5e:75:38:9c:3a:e7:63:47:1b:67:7d:0f:4e:
94:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:22:45:55:5C:DF:50:59:19:61:6F:A7:38:A8:11:D2:3D:0E:39:54
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vyJFVVzfUFkZYW-nOKgR0j0OOVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.204.0/24
185.209.75.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:12:f3:80:f3:62:12:93:51:a8:a2:22:1e:6e:80:78:06:96:
af:b2:47:74:75:86:ba:70:d0:2d:7d:f8:a1:ee:97:0d:eb:57:
2a:ee:e5:50:f9:35:21:20:77:cb:5a:88:94:80:ce:51:cc:ba:
0e:d9:0f:de:17:e2:17:03:b4:cf:8a:3a:37:92:58:d7:f8:00:
22:02:20:59:6d:35:a5:ef:5d:b4:0a:1d:e8:ba:eb:07:86:bc:
80:23:c6:f7:4b:84:ff:f7:f7:0c:9a:c7:6c:a6:ca:80:f2:4f:
72:80:b8:a9:be:90:b5:82:c2:7a:7d:5e:a0:c0:50:92:51:19:
83:1a:b7:c8:c6:b2:63:02:71:c0:ae:a7:9a:ee:18:f5:9a:d2:
74:d4:c6:d3:7f:bb:b5:5b:ef:55:b2:a5:7f:63:07:52:10:39:
23:2c:48:d6:35:3f:b8:fd:5e:8d:f4:da:a5:15:e4:d2:41:b3:
81:e5:38:a2:fd:e0:a4:02:a0:85:b8:73:61:e7:a4:66:08:c8:
dd:78:80:b0:6f:ee:20:97:06:5d:87:db:29:62:50:5e:3d:81:
62:47:b9:d8:51:a1:10:12:fe:c6:4c:ef:69:58:41:36:d0:79:
41:c9:ff:31:41:5c:d5:f9:de:44:aa:d0:75:5b:e3:7d:0b:d6:
f6:ec:bd:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiIDKgD/SIHd1Cr2BY4hAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIyNDU1NTVjZGY1MDU5MTk2MTZmYTczOGE4MTFkMjNkMGUzOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAT7G7DTySQwgQGl1S4cAnWH8S/D
dKTqEoQt/kIRdKEVl7/dugLbZjI1XLmx08iyKtBSYabxL40emVpAf5G+Mw/UH12w
UZVlHLYH7eR0+VmbeeeIBsmuMXNQka/tr3Gs9yecUtHM5A0u/m8Csh5qPA5H96rI
EdY8Bu0F1h6mUoVH23zcvRwj9KC6dFfECk+kb5k/chUt+yDyAnEUYwud+oWHBEN8
4ndzJYldBBwuBhkSemp+rWsqaC1sO4x8IYVx95WWmRKcazqNKTO8oZyomabj3U5B
WNBl6b/7N7xz3YM9uQkdh2Fx/Qzo8k8JMFwmUl51OJw652NHG2d9D06UGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8iRVVc31BZGWFvpzioEdI9DjlUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdnlKRlZWemZVRmtaWVctbk9LZ1IwajBPT1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWzMAwQA
udFLMA0GCSqGSIb3DQEBCwUAA4IBAQCtEvOA82ISk1GooiIeboB4Bpavskd0dYa6
cNAtffih7pcN61cq7uVQ+TUhIHfLWoiUgM5RzLoO2Q/eF+IXA7TPijo3kljX+AAi
AiBZbTWl7120Ch3ouusHhryAI8b3S4T/9/cMmsdspsqA8k9ygLipvpC1gsJ6fV6g
wFCSURmDGrfIxrJjAnHArqea7hj1mtJ01MbTf7u1W+9VsqV/YwdSEDkjLEjWNT+4
/V6N9NqlFeTSQbOB5Tii/eCkAqCFuHNh56RmCMjdeICwb+4glwZdh9spYlBePYFi
R7nYUaEQEv7GTO9pWEE20HlByf8xQVzV+d5EqtB1W+N9C9b27L3P
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:35:57 2025 by rpki-client