Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/fMHSG2phIbW7Gqqz_l9dtTTy2d8.roa
File: fMHSG2phIbW7Gqqz_l9dtTTy2d8.roa (raw, json)
Hash identifier: N1IzC1haEppbCdkgTXSg7onr740Bd4czp8F+Ih8oleU=
Subject key identifier: 7C:C1:D2:1B:6A:61:21:B5:BB:1A:AA:B3:FE:5F:5D:B5:34:F2:D9:DF
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0195F0655E4421201AB05A48124479FD8E91
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/fMHSG2phIbW7Gqqz_l9dtTTy2d8.roa
Signing time: Tue 01 Apr 2025 08:08:49 +0000
ROA not before: Tue 01 Apr 2025 08:08:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 185.186.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 15:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f0:65:5e:44:21:20:1a:b0:5a:48:12:44:79:fd:8e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 1 08:08:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cc1d21b6a6121b5bb1aaab3fe5f5db534f2d9df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8e:e0:fa:de:9e:d6:f9:c0:f1:28:68:84:64:
08:a9:59:cc:91:2b:9d:77:d5:39:f1:17:25:f8:54:
fe:e4:53:f7:23:72:dc:11:92:8c:e3:64:5e:e6:51:
97:c2:b9:d0:8c:bb:29:a1:68:98:67:cc:fe:09:47:
42:07:37:f7:6d:5e:6a:55:2f:b5:38:7b:60:f0:8b:
6b:31:15:9b:20:93:7d:31:c8:64:f1:d0:02:07:d6:
07:ed:fe:35:80:0d:b7:e9:02:ab:cd:61:38:d5:94:
34:3b:be:06:be:ab:0c:fd:b0:e6:3e:3a:6d:06:b5:
d4:41:bf:e1:77:16:44:81:5c:12:2a:a1:b9:8c:f4:
55:0b:26:67:ca:80:7e:69:cb:87:f2:64:5f:be:18:
f2:ab:bd:e5:50:5a:3e:55:05:80:1d:34:38:ac:aa:
5b:f0:a7:13:eb:67:e3:64:e2:8d:c4:f1:7a:05:19:
09:df:31:db:b8:21:09:54:6b:6b:b2:9d:a8:83:10:
95:78:db:93:43:e2:f1:07:cf:cf:52:c5:de:9e:c4:
5b:ac:d0:ff:91:ea:23:86:e3:e4:2d:18:42:62:65:
a9:eb:01:92:0a:6b:3e:af:f2:e2:80:df:be:62:c6:
7b:e0:c6:7f:7e:b1:70:3e:d5:d7:8c:04:80:58:65:
d6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C1:D2:1B:6A:61:21:B5:BB:1A:AA:B3:FE:5F:5D:B5:34:F2:D9:DF
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/fMHSG2phIbW7Gqqz_l9dtTTy2d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.67.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e2:8a:ed:c4:fe:78:10:64:52:af:07:08:3f:3f:9e:30:b8:
8c:4e:12:1e:04:df:69:30:09:eb:56:34:58:00:c7:9b:ae:96:
81:29:7a:8c:77:00:54:08:14:5a:aa:1d:7e:dd:99:2b:28:eb:
0b:ce:b8:49:7a:63:f2:2a:6d:a1:a2:24:de:89:fd:dc:fc:df:
1e:ee:55:ef:ad:98:31:6a:5e:e0:1f:ad:5e:15:5e:d6:8f:c0:
39:d3:d0:0b:32:59:53:ce:af:c7:2b:12:fe:72:01:7f:dc:4f:
f6:e3:35:5a:be:47:82:cc:8a:03:31:c9:96:09:c2:26:f5:33:
b3:d3:76:40:ee:10:b1:13:1b:5b:09:15:d3:ce:76:7d:c5:fb:
d7:ef:b0:34:e2:19:64:96:b2:e8:ec:e7:3c:a1:6c:e0:ce:ea:
ca:ef:bb:fe:4f:8c:c1:e6:36:0c:cd:b5:67:ee:b0:c3:03:86:
26:06:a4:3e:24:25:31:af:e5:2e:df:14:dd:b6:a6:18:66:30:
23:8d:bb:a2:a1:b7:4c:97:4d:a5:d3:6a:37:66:be:5c:cc:6e:
25:12:99:46:41:7c:6c:7b:3e:8b:8c:e2:df:50:15:97:a1:a1:
03:13:6c:b5:eb:10:05:85:6e:6c:55:a5:ee:e9:00:01:ee:1c:
cf:a1:3e:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXwZV5EISAasFpIEkR5/Y6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNDAxMDgwODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2MxZDIxYjZhNjEyMWI1YmIxYWFhYjNmZTVmNWRiNTM0ZjJkOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4I7g+t6e1vnA8ShohGQIqVnMkSud
d9U58Rcl+FT+5FP3I3LcEZKM42Re5lGXwrnQjLspoWiYZ8z+CUdCBzf3bV5qVS+1
OHtg8ItrMRWbIJN9Mchk8dACB9YH7f41gA236QKrzWE41ZQ0O74GvqsM/bDmPjpt
BrXUQb/hdxZEgVwSKqG5jPRVCyZnyoB+acuH8mRfvhjyq73lUFo+VQWAHTQ4rKpb
8KcT62fjZOKNxPF6BRkJ3zHbuCEJVGtrsp2ogxCVeNuTQ+LxB8/PUsXensRbrND/
keojhuPkLRhCYmWp6wGSCms+r/LigN++YsZ74MZ/frFwPtXXjASAWGXWHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzB0htqYSG1uxqqs/5fXbU08tnfMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZk1IU0cycGhJYlc3R3Fxel9sOWR0VFR5MmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubpDMA0G
CSqGSIb3DQEBCwUAA4IBAQAO4ortxP54EGRSrwcIPz+eMLiMThIeBN9pMAnrVjRY
AMebrpaBKXqMdwBUCBRaqh1+3ZkrKOsLzrhJemPyKm2hoiTeif3c/N8e7lXvrZgx
al7gH61eFV7Wj8A509ALMllTzq/HKxL+cgF/3E/24zVavkeCzIoDMcmWCcIm9TOz
03ZA7hCxExtbCRXTznZ9xfvX77A04hlklrLo7Oc8oWzgzurK77v+T4zB5jYMzbVn
7rDDA4YmBqQ+JCUxr+Uu3xTdtqYYZjAjjbuiobdMl02l02o3Zr5czG4lEplGQXxs
ez6LjOLfUBWXoaEDE2y16xAFhW5sVaXu6QAB7hzPoT7o
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:57:58 2025 by rpki-client