Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/cosAlQVmhH0IQ4O0PWkp7Hbk15A.roa
File: cosAlQVmhH0IQ4O0PWkp7Hbk15A.roa (raw, json)
Hash identifier: 2100LpE2I4SulcnxkpRFnT604M52KEMbSJrWHqIt1ZM=
Subject key identifier: 72:8B:00:95:05:66:84:7D:08:43:83:B4:3D:69:29:EC:76:E4:D7:90
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 019666A01B646C1818D379F9DA508635DED1
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/cosAlQVmhH0IQ4O0PWkp7Hbk15A.roa
Signing time: Thu 24 Apr 2025 07:08:10 +0000
ROA not before: Thu 24 Apr 2025 07:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212889
IP address blocks: 185.164.24.0/24 maxlen: 24
185.164.25.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.164.28.0/24 maxlen: 24
185.164.30.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.203.108.0/24 maxlen: 24
185.203.109.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
185.203.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 21:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:a0:1b:64:6c:18:18:d3:79:f9:da:50:86:35:de:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Apr 24 07:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=728b00950566847d084383b43d6929ec76e4d790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b1:0e:ef:a8:50:39:ac:a5:96:0e:a2:a4:4d:
56:c6:b6:6b:e4:3a:5d:96:11:e0:1f:b2:08:de:1a:
ad:ec:36:67:c9:ed:f0:fb:ef:33:a1:d4:df:8f:b6:
80:b3:04:7d:cc:9d:c0:fa:96:46:af:69:83:12:ce:
97:fc:a4:2a:a4:7e:f7:fb:a6:40:13:56:41:34:4e:
2e:5c:b7:e5:bc:f8:a9:42:43:2f:d5:75:99:28:31:
08:78:2e:c0:12:b6:31:ef:03:c6:d9:91:49:f8:77:
4e:dc:ee:c1:fa:0d:fc:a6:2b:9f:d4:76:f1:e0:0b:
3d:4d:a6:99:fe:1b:26:12:13:ea:8f:0f:4f:ba:61:
1e:ea:64:30:be:9d:cd:8f:4c:2d:27:b6:09:9d:cb:
71:d3:12:c8:ac:1d:3a:a5:cc:d9:f9:a1:8e:71:9d:
94:a0:30:df:12:56:28:5c:dc:12:83:dc:6a:d0:09:
13:3c:ed:27:ac:bb:84:af:26:bb:07:df:d1:9e:96:
99:ea:44:d9:80:f8:9f:6e:b8:c5:ec:d3:1f:cd:76:
8e:c8:5a:09:c0:dc:5d:45:44:fb:9d:c0:a7:2e:93:
b5:22:e0:94:2c:70:8b:2e:d2:6f:c6:43:f6:f7:35:
00:0e:a4:62:f8:ac:21:c5:5e:22:d3:1a:4d:03:d7:
c5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8B:00:95:05:66:84:7D:08:43:83:B4:3D:69:29:EC:76:E4:D7:90
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/cosAlQVmhH0IQ4O0PWkp7Hbk15A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.24.0-185.164.26.255
185.164.28.0/24
185.164.30.0/23
185.203.108.0/22
Signature Algorithm: sha256WithRSAEncryption
00:81:86:a0:6f:32:7f:62:d2:2d:f8:25:6e:ef:56:1d:76:77:
ae:dd:b9:a8:f1:66:81:38:a8:e6:49:54:a4:69:7e:d1:59:9f:
22:d8:a0:5c:d1:70:4b:4c:80:04:14:4a:8f:0c:c1:79:1e:3b:
2b:63:17:5f:3a:85:a3:c4:df:f2:c7:90:6e:fc:df:96:35:4d:
3c:b1:5d:02:fd:cf:5f:fa:81:cf:fa:2d:73:0f:56:38:0f:2a:
f6:06:0c:3c:94:db:55:f9:0b:bb:09:dc:50:0c:ff:5c:ac:49:
89:89:62:cd:c9:da:a3:68:82:b9:d5:bf:23:1b:e9:43:00:3a:
64:6f:af:f4:f7:81:b2:cc:d9:83:d5:79:50:7c:c2:fb:65:fd:
4f:95:e8:da:8c:41:35:ed:c9:90:ca:69:7a:83:af:ef:75:4e:
aa:f0:ef:84:fa:82:b8:cf:15:67:c9:bc:33:9b:54:c9:e2:57:
50:51:51:97:aa:68:87:4c:41:83:6e:81:fb:b1:b0:79:0e:86:
d8:7c:9f:b2:7d:4b:39:59:d9:1c:1d:92:b1:a0:12:af:63:f6:
50:c4:7c:54:67:d6:3e:95:18:05:5f:f9:6a:7d:e6:00:0a:4d:
76:13:54:e3:a3:22:c1:5d:c2:d2:3c:18:b3:7b:7e:d9:7e:d1:
2c:dd:a1:ec
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZZmoBtkbBgY03n52lCGNd7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjUwNDI0MDcwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjhiMDA5NTA1NjY4NDdkMDg0MzgzYjQzZDY5MjllYzc2ZTRkNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLEO76hQOayllg6ipE1WxrZr5Dpd
lhHgH7II3hqt7DZnye3w++8zodTfj7aAswR9zJ3A+pZGr2mDEs6X/KQqpH73+6ZA
E1ZBNE4uXLflvPipQkMv1XWZKDEIeC7AErYx7wPG2ZFJ+HdO3O7B+g38piuf1Hbx
4As9TaaZ/hsmEhPqjw9PumEe6mQwvp3Nj0wtJ7YJnctx0xLIrB06pczZ+aGOcZ2U
oDDfElYoXNwSg9xq0AkTPO0nrLuErya7B9/RnpaZ6kTZgPifbrjF7NMfzXaOyFoJ
wNxdRUT7ncCnLpO1IuCULHCLLtJvxkP29zUADqRi+KwhxV4i0xpNA9fFswIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHKLAJUFZoR9CEODtD1pKex25NeQMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvY29zQWxRVm1oSDBJUTRPMFBXa3A3SGJrMTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAO5pBgD
BAC5pBoDBAC5pBwDBAG5pB4DBAK5y2wwDQYJKoZIhvcNAQELBQADggEBAACBhqBv
Mn9i0i34JW7vVh12d67duajxZoE4qOZJVKRpftFZnyLYoFzRcEtMgAQUSo8MwXke
OytjF186haPE3/LHkG7835Y1TTyxXQL9z1/6gc/6LXMPVjgPKvYGDDyU21X5C7sJ
3FAM/1ysSYmJYs3J2qNogrnVvyMb6UMAOmRvr/T3gbLM2YPVeVB8wvtl/U+V6NqM
QTXtyZDKaXqDr+91Tqrw74T6grjPFWfJvDObVMniV1BRUZeqaIdMQYNugfuxsHkO
hth8n7J9SzlZ2RwdkrGgEq9j9lDEfFRn1j6VGAVf+Wp95gAKTXYTVOOjIsFdwtI8
GLN7ftl+0Szdoew=
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:27:38 2025 by rpki-client