Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/DFrMCQ3mJRBEyZ8f-m5iKd3TsMo.roa
File: DFrMCQ3mJRBEyZ8f-m5iKd3TsMo.roa (raw, json)
Hash identifier: hFCD5Hhp6371YJKoK8Dpmm2S4wzZm37CbnYh85OaUuQ=
Subject key identifier: 0C:5A:CC:09:0D:E6:25:10:44:C9:9F:1F:FA:6E:62:29:DD:D3:B0:CA
Certificate issuer: /CN=070483d3d62f19c0835746dcb721c8832c3b7926
Certificate serial: 01965DA4FA87EBF2D5ED4958D842F3FCB1E0
Authority key identifier: 07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/DFrMCQ3mJRBEyZ8f-m5iKd3TsMo.roa
Signing time: Tue 22 Apr 2025 13:16:55 +0000
ROA not before: Tue 22 Apr 2025 13:16:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60619
IP address blocks: 185.249.144.0/22 maxlen: 22
2a0c:6280::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 23 Apr 2025 08:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:a4:fa:87:eb:f2:d5:ed:49:58:d8:42:f3:fc:b1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=070483d3d62f19c0835746dcb721c8832c3b7926
Validity
Not Before: Apr 22 13:16:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c5acc090de6251044c99f1ffa6e6229ddd3b0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:29:11:ce:26:6d:81:5f:3b:1b:8a:52:d4:
53:f8:24:75:b1:97:c8:f4:9d:ea:83:e1:c2:46:30:
6f:50:29:c7:67:f3:75:11:f2:fc:31:dc:94:bf:7f:
e0:18:61:9e:3d:a9:56:6a:c8:9a:21:6d:bf:6c:c4:
04:c0:e9:16:87:1b:99:df:60:ce:c0:c2:fd:b8:03:
f3:f6:96:a2:0a:29:93:82:3e:74:8d:4a:5e:c3:9a:
b5:1b:7f:59:bd:26:26:86:57:64:ba:eb:20:d1:3a:
09:66:02:44:6c:db:60:af:17:b1:a1:87:25:d4:59:
d9:16:12:b2:f7:9b:55:61:ba:66:0a:fd:97:be:04:
bb:4f:35:7a:e4:13:09:70:38:8f:43:af:65:38:b3:
1a:f6:26:e9:8f:f1:25:66:e2:7f:09:89:b3:3e:16:
8c:d8:f3:ec:2c:83:9e:48:b8:4b:b8:1a:b2:9a:3a:
13:51:94:42:a6:ec:b7:28:1d:cb:e0:85:42:1a:69:
b7:43:a1:95:07:e7:4d:0f:1b:20:40:05:02:0c:04:
47:69:1f:40:f0:a9:d2:11:72:e2:8f:73:5b:42:c2:
e3:87:ce:eb:03:06:1b:60:e0:b9:be:8b:91:5c:00:
3c:18:0d:eb:f1:90:08:44:e3:49:a1:9c:9b:d3:51:
65:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5A:CC:09:0D:E6:25:10:44:C9:9F:1F:FA:6E:62:29:DD:D3:B0:CA
X509v3 Authority Key Identifier:
keyid:07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/DFrMCQ3mJRBEyZ8f-m5iKd3TsMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.144.0/22
IPv6:
2a0c:6280::/29
Signature Algorithm: sha256WithRSAEncryption
2b:8b:d1:74:19:f5:e4:b0:43:4a:92:62:f3:70:9e:bb:e6:85:
af:44:4e:22:ca:c1:97:a0:e6:dc:5b:6c:f4:45:e5:ad:e1:70:
c8:55:50:d6:64:48:ff:e3:26:c0:88:49:ec:b2:6d:fc:4e:31:
52:ce:e6:81:3f:6b:6d:11:eb:e5:6c:4d:10:c9:b7:a7:20:c2:
ba:10:7e:47:81:8d:ed:e5:11:c0:49:99:5a:fa:98:de:5a:0b:
d4:f4:ca:44:a7:bf:08:21:4c:78:47:c0:2b:ad:45:ef:a8:52:
43:2f:0d:e4:6d:e6:30:66:8d:ea:9d:c2:da:9c:9b:69:63:37:
64:60:86:fd:cf:58:22:d2:8a:97:41:da:1a:a1:7b:dc:74:30:
5b:78:10:b0:db:b1:cd:d5:7c:11:58:39:14:62:4b:83:da:3c:
ac:aa:1a:42:2d:4c:91:7d:6c:3d:91:27:8e:ac:47:19:da:3b:
d7:db:1f:b6:35:b6:d5:83:05:e4:8f:c2:85:bc:10:de:4a:74:
b3:8e:38:e5:f5:9a:0b:77:85:fe:aa:d8:31:91:80:44:11:25:
b9:db:f8:cb:fc:ba:11:96:72:26:8f:30:c6:a0:50:69:a2:c5:
5a:c6:cf:5f:3a:4f:10:55:92:ff:41:49:2d:10:9f:3e:73:cd:
c6:fc:53:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZdpPqH6/LV7UlY2ELz/LHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDQ4M2QzZDYyZjE5YzA4MzU3NDZkY2I3MjFjODgzMmMz
Yjc5MjYwHhcNMjUwNDIyMTMxNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzVhY2MwOTBkZTYyNTEwNDRjOTlmMWZmYTZlNjIyOWRkZDNiMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyEpEc4mbYFfOxuKUtRT+CR1sZfI
9J3qg+HCRjBvUCnHZ/N1EfL8MdyUv3/gGGGePalWasiaIW2/bMQEwOkWhxuZ32DO
wML9uAPz9paiCimTgj50jUpew5q1G39ZvSYmhldkuusg0ToJZgJEbNtgrxexoYcl
1FnZFhKy95tVYbpmCv2XvgS7TzV65BMJcDiPQ69lOLMa9ibpj/ElZuJ/CYmzPhaM
2PPsLIOeSLhLuBqymjoTUZRCpuy3KB3L4IVCGmm3Q6GVB+dNDxsgQAUCDARHaR9A
8KnSEXLij3NbQsLjh87rAwYbYOC5vouRXAA8GA3r8ZAIRONJoZyb01FliwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAxazAkN5iUQRMmfH/puYind07DKMB8GA1UdIwQY
MBaAFAcEg9PWLxnAg1dG3LchyIMsO3kmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAt
ZDQ0MmM0ZjllOWJkLzEvREZyTUNRM21KUkJFeVo4Zi1tNWlLZDNUc01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAtZDQ0MmM0ZjllOWJk
LzEvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufmQMA0E
AgACMAcDBQMqDGKAMA0GCSqGSIb3DQEBCwUAA4IBAQAri9F0GfXksENKkmLzcJ67
5oWvRE4iysGXoObcW2z0ReWt4XDIVVDWZEj/4ybAiEnssm38TjFSzuaBP2ttEevl
bE0QybenIMK6EH5HgY3t5RHASZla+pjeWgvU9MpEp78IIUx4R8ArrUXvqFJDLw3k
beYwZo3qncLanJtpYzdkYIb9z1gi0oqXQdoaoXvcdDBbeBCw27HN1XwRWDkUYkuD
2jysqhpCLUyRfWw9kSeOrEcZ2jvX2x+2NbbVgwXkj8KFvBDeSnSzjjjl9ZoLd4X+
qtgxkYBEESW52/jL/LoRlnImjzDGoFBposVaxs9fOk8QVZL/QUktEJ8+c83G/FNE
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:40:49 2025 by rpki-client