Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/cIAOXjLLUcw3qG7It6IuUfLKwX8.roa
File: cIAOXjLLUcw3qG7It6IuUfLKwX8.roa (raw, json)
Hash identifier: TdaTDGkp3J82hce23/RpNHN1VctyD/k6ViqFm4TEuis=
Subject key identifier: 70:80:0E:5E:32:CB:51:CC:37:A8:6E:C8:B7:A2:2E:51:F2:CA:C1:7F
Certificate issuer: /CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626
Certificate serial: 01958B190EA94F1A5B2326B988FC4288F1C0
Authority key identifier: A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/cIAOXjLLUcw3qG7It6IuUfLKwX8.roa
Signing time: Wed 12 Mar 2025 16:03:49 +0000
ROA not before: Wed 12 Mar 2025 16:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199927
IP address blocks: 185.251.236.0/22 maxlen: 22
185.251.238.0/24 maxlen: 24
185.251.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 16:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8b:19:0e:a9:4f:1a:5b:23:26:b9:88:fc:42:88:f1:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626
Validity
Not Before: Mar 12 16:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70800e5e32cb51cc37a86ec8b7a22e51f2cac17f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:81:3c:37:fd:45:d6:e5:3b:99:f3:2b:af:54:
30:d1:ef:08:4d:c3:c0:8b:62:6d:be:72:24:3d:1e:
4a:78:15:38:c0:68:3a:91:20:ae:9a:36:b0:f8:f2:
a4:3d:10:0b:a3:e4:5b:b4:cd:a1:35:e6:ed:55:e8:
20:fb:62:d9:4e:54:c1:01:1b:7d:0f:1e:b4:79:f7:
22:97:52:2c:8e:bf:31:5f:68:04:b5:fe:ea:a0:0d:
30:14:8d:99:82:50:ab:e6:b4:e7:0d:f3:85:82:0c:
03:1a:c2:3a:4d:80:41:01:7d:7f:21:b7:bc:3c:30:
02:37:2c:65:a3:d8:af:f6:40:5c:fb:ae:18:84:53:
24:64:a8:c4:0c:8e:be:ec:ef:bc:01:0d:44:7e:dc:
dc:51:dd:15:ae:94:72:e7:e9:3d:b9:bf:ce:21:44:
33:58:97:5f:50:e1:0a:98:c4:71:b8:48:3e:5b:4c:
47:cf:56:42:7a:e6:2b:7b:fc:d8:10:71:dd:b7:d8:
bc:7e:a2:ba:e5:b7:a2:69:18:09:c7:ee:04:69:39:
7e:8c:03:ca:e2:85:10:5a:9f:8a:14:48:49:0d:9d:
b2:ce:5b:e1:74:47:47:da:78:be:39:f9:e1:9b:68:
60:d8:cc:66:20:25:91:a2:50:cd:44:3c:99:0c:8b:
59:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:80:0E:5E:32:CB:51:CC:37:A8:6E:C8:B7:A2:2E:51:F2:CA:C1:7F
X509v3 Authority Key Identifier:
keyid:A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/cIAOXjLLUcw3qG7It6IuUfLKwX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/pTi7DCtB76jDsCBk68UvupLCNiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.236.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:30:6d:65:da:e9:df:e6:71:0c:57:5b:53:80:4b:53:95:a9:
13:7d:22:f3:4b:1c:35:d6:02:b9:ae:e0:73:b6:af:6e:b8:6a:
6a:4e:1a:0e:b2:2a:ca:66:6a:b9:c0:b5:db:73:c9:bf:5f:b9:
d7:c4:99:95:0f:4e:f3:1a:d2:78:c3:4d:66:3f:a6:53:f3:c5:
6e:49:a9:1b:de:b8:f3:6c:ab:d8:a1:a0:ad:1a:1b:d3:f4:68:
b1:e6:96:77:c4:3a:e3:f7:f1:7e:42:a5:11:68:24:ae:0c:83:
04:bb:02:45:e5:0f:00:01:90:ad:a9:fc:82:e5:94:25:cb:47:
87:ca:c3:ad:b9:eb:09:5b:b0:2c:77:c8:b9:28:ec:39:14:52:
46:35:13:48:3e:3e:1b:a6:91:8a:4d:5e:5e:73:0f:76:e8:3a:
3b:8b:06:12:0a:fd:d5:9c:8d:b6:88:b7:cf:8a:cd:47:f6:7b:
6c:ea:d7:ee:d2:7b:7c:5b:0e:6f:6f:51:b0:b9:2d:89:b1:9f:
21:52:6f:4e:67:7a:03:70:50:43:ed:ea:31:54:80:c6:a8:da:
26:b3:dc:35:7e:db:44:dc:2f:b3:09:fc:32:1c:8c:d2:60:02:
e8:33:8a:b7:94:fa:5a:c9:ac:4c:d3:4d:a1:e2:b7:b2:9b:b6:
09:5c:c5:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWLGQ6pTxpbIya5iPxCiPHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzhiYjBjMmI0MWVmYThjM2IwMjA2NGViYzUyZmJhOTJj
MjM2MjYwHhcNMjUwMzEyMTYwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgwMGU1ZTMyY2I1MWNjMzdhODZlYzhiN2EyMmU1MWYyY2FjMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIE8N/1F1uU7mfMrr1Qw0e8ITcPA
i2JtvnIkPR5KeBU4wGg6kSCumjaw+PKkPRALo+RbtM2hNebtVegg+2LZTlTBARt9
Dx60efcil1Isjr8xX2gEtf7qoA0wFI2ZglCr5rTnDfOFggwDGsI6TYBBAX1/Ibe8
PDACNyxlo9iv9kBc+64YhFMkZKjEDI6+7O+8AQ1EftzcUd0VrpRy5+k9ub/OIUQz
WJdfUOEKmMRxuEg+W0xHz1ZCeuYre/zYEHHdt9i8fqK65beiaRgJx+4EaTl+jAPK
4oUQWp+KFEhJDZ2yzlvhdEdH2ni+Ofnhm2hg2MxmICWRolDNRDyZDItZgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCADl4yy1HMN6huyLeiLlHyysF/MB8GA1UdIwQY
MBaAFKU4uwwrQe+ow7AgZOvFL7qSwjYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMt
NjcyODJkNzEzOGEwLzEvY0lBT1hqTExVY3czcUc3SXQ2SXVVZkxLd1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMtNjcyODJkNzEzOGEw
LzEvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufvsMA0G
CSqGSIb3DQEBCwUAA4IBAQBMMG1l2unf5nEMV1tTgEtTlakTfSLzSxw11gK5ruBz
tq9uuGpqThoOsirKZmq5wLXbc8m/X7nXxJmVD07zGtJ4w01mP6ZT88VuSakb3rjz
bKvYoaCtGhvT9Gix5pZ3xDrj9/F+QqURaCSuDIMEuwJF5Q8AAZCtqfyC5ZQly0eH
ysOtuesJW7Asd8i5KOw5FFJGNRNIPj4bppGKTV5ecw926Do7iwYSCv3VnI22iLfP
is1H9nts6tfu0nt8Ww5vb1GwuS2JsZ8hUm9OZ3oDcFBD7eoxVIDGqNoms9w1fttE
3C+zCfwyHIzSYALoM4q3lPpayaxM002h4reym7YJXMWu
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:29:09 2025 by rpki-client