Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/SGxctmG7fPhktHb4AfH21ATnh1E.roa
File: SGxctmG7fPhktHb4AfH21ATnh1E.roa (raw, json)
Hash identifier: 50ba3YsbLgu5W4UGLOycYJTDyQaDvQTI7hGk8Ntk7Bw=
Subject key identifier: 48:6C:5C:B6:61:BB:7C:F8:64:B4:76:F8:01:F1:F6:D4:04:E7:87:51
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0196C5935ADC812229C187E71035C308B24F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/SGxctmG7fPhktHb4AfH21ATnh1E.roa
Signing time: Mon 12 May 2025 17:38:10 +0000
ROA not before: Mon 12 May 2025 17:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 185.144.102.0/24 maxlen: 32
185.144.103.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 May 2025 22:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:93:5a:dc:81:22:29:c1:87:e7:10:35:c3:08:b2:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: May 12 17:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=486c5cb661bb7cf864b476f801f1f6d404e78751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:df:55:87:58:15:77:05:99:10:17:c5:f5:7b:
02:54:09:66:7c:8d:cc:72:7f:0f:f3:31:3a:12:99:
c8:08:81:b4:ea:39:11:a8:a3:85:5e:6b:85:a9:d4:
ea:24:31:70:24:a9:4b:75:1a:d5:0f:95:e5:9f:20:
98:72:c0:eb:1c:8c:02:40:35:96:c1:80:42:b4:c7:
46:47:bf:5e:44:fd:82:31:e5:ed:0f:f8:bb:ca:f5:
47:2d:db:80:31:c6:09:43:a6:43:d3:38:3a:48:95:
50:5d:6c:d1:9a:ad:23:b0:47:d6:97:0e:0c:18:e8:
d4:d9:b8:e6:67:f2:47:30:0f:22:73:3b:e3:30:c3:
0c:6b:df:9d:da:53:5b:88:01:17:ab:07:68:a7:38:
50:35:60:83:f4:cf:b4:43:10:b2:9a:57:ed:6f:75:
b8:64:0e:8c:d4:94:47:ee:ab:1f:a4:c6:7e:eb:4b:
a2:9c:ce:0d:4f:4d:3e:57:5e:6a:c5:3c:d8:63:70:
5f:3d:94:12:b2:83:46:81:a4:8b:28:ba:44:50:e0:
d7:e4:6e:4c:4f:13:a6:e2:ce:1a:13:6e:31:4c:f5:
bb:2e:a7:79:de:5b:61:89:39:50:ce:ca:ce:21:71:
09:cb:8c:7f:29:bb:68:b4:f0:11:be:ac:74:bc:55:
63:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6C:5C:B6:61:BB:7C:F8:64:B4:76:F8:01:F1:F6:D4:04:E7:87:51
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/SGxctmG7fPhktHb4AfH21ATnh1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.102.0/23
193.201.208.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:3e:2d:51:34:a7:73:83:fa:03:77:6f:d4:c4:11:72:58:d0:
a5:47:57:aa:8b:92:ee:32:01:81:16:46:69:13:88:77:4b:d7:
a0:b6:13:ad:3b:64:c0:52:f8:9c:ff:4d:54:c1:d8:0e:23:7c:
73:86:0a:c8:c1:07:57:16:aa:4c:bf:18:99:24:3b:8c:f3:11:
87:3f:cf:72:e3:4e:c3:a1:9a:89:b9:38:60:bf:5b:66:14:d2:
84:bd:28:4d:a4:0e:86:ee:af:d4:10:a2:5d:ce:e4:aa:ab:67:
c5:a1:51:2c:e2:dc:01:a9:4c:07:dd:cd:aa:66:c7:43:9f:d4:
46:42:7c:d6:3a:c7:cb:b7:b1:ae:90:83:1c:e1:17:e5:b4:5f:
f3:c9:48:81:8d:fb:ba:8a:ee:69:0a:46:02:33:3e:6e:be:f6:
00:df:49:46:26:47:31:e1:84:c1:01:b5:3b:7e:33:bd:94:24:
bd:2a:eb:85:b0:d8:82:d5:0d:2f:5c:f4:cb:a7:67:04:d2:99:
e7:4c:ca:13:4f:57:76:d0:2f:09:41:f9:a1:ff:ec:9f:7b:c0:
e8:5f:9a:8b:b7:13:80:6d:b9:25:71:49:43:0a:e8:a6:87:0e:
89:4b:52:22:d6:17:90:4c:ba:f0:c8:bf:52:c7:b1:a2:84:45:
ac:01:c7:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbFk1rcgSIpwYfnEDXDCLJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNTEyMTczODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZjNWNiNjYxYmI3Y2Y4NjRiNDc2ZjgwMWYxZjZkNDA0ZTc4NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN9Vh1gVdwWZEBfF9XsCVAlmfI3M
cn8P8zE6EpnICIG06jkRqKOFXmuFqdTqJDFwJKlLdRrVD5XlnyCYcsDrHIwCQDWW
wYBCtMdGR79eRP2CMeXtD/i7yvVHLduAMcYJQ6ZD0zg6SJVQXWzRmq0jsEfWlw4M
GOjU2bjmZ/JHMA8iczvjMMMMa9+d2lNbiAEXqwdopzhQNWCD9M+0QxCymlftb3W4
ZA6M1JRH7qsfpMZ+60uinM4NT00+V15qxTzYY3BfPZQSsoNGgaSLKLpEUODX5G5M
TxOm4s4aE24xTPW7Lqd53lthiTlQzsrOIXEJy4x/KbtotPARvqx0vFVjLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEhsXLZhu3z4ZLR2+AHx9tQE54dRMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvU0d4Y3RtRzdmUGhrdEhiNEFmSDIxQVRuaDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuZBmAwQA
wcnQMA0GCSqGSIb3DQEBCwUAA4IBAQCyPi1RNKdzg/oDd2/UxBFyWNClR1eqi5Lu
MgGBFkZpE4h3S9egthOtO2TAUvic/01UwdgOI3xzhgrIwQdXFqpMvxiZJDuM8xGH
P89y407DoZqJuThgv1tmFNKEvShNpA6G7q/UEKJdzuSqq2fFoVEs4twBqUwH3c2q
ZsdDn9RGQnzWOsfLt7GukIMc4RfltF/zyUiBjfu6iu5pCkYCMz5uvvYA30lGJkcx
4YTBAbU7fjO9lCS9KuuFsNiC1Q0vXPTLp2cE0pnnTMoTT1d20C8JQfmh/+yfe8Do
X5qLtxOAbbklcUlDCuimhw6JS1Ii1heQTLrwyL9Sx7GihEWsAccD
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:18:27 2025 by rpki-client