Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/670Fc_lBqEB4VNKlhsUIxJ34T4U.roa
File: 670Fc_lBqEB4VNKlhsUIxJ34T4U.roa (raw, json)
Hash identifier: mMO2qS+5Q9eq9QxAYKU6e3ALEx2ogYDvpF3C/xe9DPQ=
Subject key identifier: EB:BD:05:73:F9:41:A8:40:78:54:D2:A5:86:C5:08:C4:9D:F8:4F:85
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018DE53FED2F570F43F37BD4080AB24F6FE5
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/670Fc_lBqEB4VNKlhsUIxJ34T4U.roa
Signing time: Mon 26 Feb 2024 11:49:48 +0000
ROA not before: Mon 26 Feb 2024 11:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.21.252.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 14:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:3f:ed:2f:57:0f:43:f3:7b:d4:08:0a:b2:4f:6f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 26 11:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebbd0573f941a8407854d2a586c508c49df84f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:63:8c:81:52:a4:84:bf:5f:dd:cc:e9:91:64:
4f:63:c0:fe:0c:5e:e3:2c:24:2b:f0:b0:c2:0f:75:
81:0c:a7:10:1a:4c:1a:1d:dc:78:c4:9b:fd:49:1a:
95:57:d4:4d:29:86:cd:5f:55:e4:c9:6f:aa:c8:14:
4f:a9:74:11:58:ca:a9:b1:3f:84:f3:b8:1c:3a:80:
c2:95:67:94:89:aa:54:a5:a7:e6:16:02:d2:6d:a2:
fd:10:d8:31:6d:ee:ed:70:5c:97:18:0b:06:93:82:
2a:98:cb:29:48:09:ce:1e:ab:70:06:44:56:67:4e:
df:21:76:6c:46:70:5a:b1:ec:76:92:5f:5f:f0:4b:
34:23:e3:4f:57:9f:f9:98:9b:78:75:f5:48:06:a8:
0c:63:83:0a:63:16:4e:46:15:f0:6f:6b:f4:53:e1:
f9:b5:be:39:68:d5:03:4d:d0:5d:8c:81:c8:30:72:
ad:66:dc:e2:a9:52:84:b3:f7:fc:ea:50:e8:c4:b3:
df:fb:16:26:7e:c2:c6:b3:52:8d:71:05:a3:6c:b7:
dd:22:55:bd:d5:2f:e3:9c:6b:b6:74:0f:fc:68:b9:
95:36:c5:80:0b:5d:f6:ef:31:f5:53:e1:5d:e0:61:
7f:7c:3b:f0:25:44:5e:0a:a9:50:04:75:76:11:e0:
e9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BD:05:73:F9:41:A8:40:78:54:D2:A5:86:C5:08:C4:9D:F8:4F:85
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/670Fc_lBqEB4VNKlhsUIxJ34T4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
dc:03:fa:60:2c:c1:02:8b:fe:e3:2b:4d:da:0c:2e:e3:12:dd:
65:db:54:78:98:99:fd:95:97:ff:df:87:5e:5a:23:47:3d:a1:
44:5d:4f:03:25:17:1b:b0:5b:07:14:12:14:8d:dc:ab:92:ee:
0f:c1:3b:bf:fd:aa:59:c0:d4:55:6b:ca:ee:60:49:d9:1d:c1:
2b:6c:80:8c:3d:4b:12:33:1b:bc:28:74:8a:f9:fd:d1:86:62:
e6:10:58:66:20:df:dd:13:bf:7c:04:bf:74:a8:ab:9a:30:b5:
07:9a:41:a1:55:ff:b0:78:b6:4e:be:8e:96:16:ac:cf:98:8f:
e8:a7:1c:15:9e:5f:c2:3e:b3:15:6e:c8:bb:b7:d5:d5:2a:8d:
08:c8:66:2d:73:87:c9:95:93:a7:0c:fd:e7:92:65:74:00:3c:
e0:fd:d4:0d:a4:4c:09:a7:9f:ef:e8:ff:1c:85:b1:eb:ff:7c:
68:72:02:b6:bd:e2:8f:62:b2:dd:95:69:e6:ae:5b:82:ac:4a:
d9:63:a0:a1:92:e4:00:38:d8:f3:f9:b1:b7:17:73:31:cd:3f:
b1:cf:f1:b1:e1:57:c6:1c:78:6a:e8:55:a4:ae:9c:ab:ea:94:
c5:34:b3:be:3c:b1:07:56:18:92:c7:e4:c8:7a:26:c7:5b:6e:
9a:df:02:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3lP+0vVw9D83vUCAqyT2/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjI2MTE0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJkMDU3M2Y5NDFhODQwNzg1NGQyYTU4NmM1MDhjNDlkZjg0Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumOMgVKkhL9f3czpkWRPY8D+DF7j
LCQr8LDCD3WBDKcQGkwaHdx4xJv9SRqVV9RNKYbNX1XkyW+qyBRPqXQRWMqpsT+E
87gcOoDClWeUiapUpafmFgLSbaL9ENgxbe7tcFyXGAsGk4IqmMspSAnOHqtwBkRW
Z07fIXZsRnBasex2kl9f8Es0I+NPV5/5mJt4dfVIBqgMY4MKYxZORhXwb2v0U+H5
tb45aNUDTdBdjIHIMHKtZtziqVKEs/f86lDoxLPf+xYmfsLGs1KNcQWjbLfdIlW9
1S/jnGu2dA/8aLmVNsWAC1327zH1U+Fd4GF/fDvwJUReCqlQBHV2EeDpRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOu9BXP5QahAeFTSpYbFCMSd+E+FMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNjcwRmNfbEJxRUI0Vk5LbGhzVUl4SjM0VDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRX8AwQF
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQDcA/pgLMECi/7jK03aDC7jEt1l21R4mJn9
lZf/34deWiNHPaFEXU8DJRcbsFsHFBIUjdyrku4PwTu//apZwNRVa8ruYEnZHcEr
bICMPUsSMxu8KHSK+f3RhmLmEFhmIN/dE798BL90qKuaMLUHmkGhVf+weLZOvo6W
FqzPmI/opxwVnl/CPrMVbsi7t9XVKo0IyGYtc4fJlZOnDP3nkmV0ADzg/dQNpEwJ
p5/v6P8chbHr/3xocgK2veKPYrLdlWnmrluCrErZY6ChkuQAONjz+bG3F3MxzT+x
z/Gx4VfGHHhq6FWkrpyr6pTFNLO+PLEHVhiSx+TIeibHW26a3wJN
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:19:23 2025 by rpki-client