Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/oKNPdH_13ku5ji26idi3rvYZzDo.roa
File: oKNPdH_13ku5ji26idi3rvYZzDo.roa (raw, json)
Hash identifier: 116rB5JtwgpJe/jtu5ZhkHRMOojNCWW58lGmCPzx430=
Subject key identifier: A0:A3:4F:74:7F:F5:DE:4B:B9:8E:2D:BA:89:D8:B7:AE:F6:19:CC:3A
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 0195B8567A72A7DD17A2E9A5CFC914450EF0
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/oKNPdH_13ku5ji26idi3rvYZzDo.roa
Signing time: Fri 21 Mar 2025 10:53:49 +0000
ROA not before: Fri 21 Mar 2025 10:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21132
IP address blocks: 185.1.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b8:56:7a:72:a7:dd:17:a2:e9:a5:cf:c9:14:45:0e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Mar 21 10:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0a34f747ff5de4bb98e2dba89d8b7aef619cc3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e7:93:dd:c8:88:bb:28:ba:36:ae:ff:74:aa:
c9:87:a6:d7:9d:e4:ef:2e:f7:ef:da:0d:08:80:a0:
72:44:6a:58:10:51:d4:b6:b3:f1:81:b8:79:1d:16:
e2:61:c2:94:cc:2a:5a:25:b5:b7:90:92:9f:5c:a1:
2c:b4:ae:21:64:4d:73:74:07:98:66:f5:81:cc:81:
b3:ef:1f:df:39:c4:fc:d0:78:c1:50:56:2e:ad:9d:
84:97:a9:53:4b:de:95:9f:30:89:8a:d7:79:32:62:
dc:74:b3:bb:96:e0:e5:76:1e:06:6e:d3:71:d1:11:
62:3e:01:74:55:cd:69:7f:a0:dc:6a:96:72:e1:e4:
da:d8:35:a3:9d:7c:93:df:39:25:c8:80:0a:6a:ca:
b7:83:67:2f:fa:05:65:8f:b7:27:4a:13:a3:b2:cb:
40:d0:23:85:a3:50:5c:a7:6b:7d:28:a9:36:6c:db:
ae:2a:36:ff:d3:44:15:96:a0:2f:b2:ce:74:fb:c7:
72:f5:97:75:27:11:1e:2f:6f:09:38:00:ff:94:b8:
63:f4:d3:dd:4a:82:ec:55:1a:f9:5a:9c:40:0d:ca:
ff:88:2a:a0:79:7c:2b:22:bc:e1:cf:4c:c9:76:83:
9a:6d:e7:28:66:9a:54:50:26:99:2d:dd:14:6f:89:
94:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A3:4F:74:7F:F5:DE:4B:B9:8E:2D:BA:89:D8:B7:AE:F6:19:CC:3A
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/oKNPdH_13ku5ji26idi3rvYZzDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.199.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:69:90:62:15:37:3e:79:99:58:5e:82:28:f5:b7:71:4c:44:
b9:2e:59:f1:d1:87:d5:2b:dd:c9:22:9c:67:62:cd:24:f1:d0:
17:b2:a7:36:5a:4a:83:81:00:da:e7:cb:2a:2c:ac:e1:3a:e7:
3b:59:d2:e6:ba:db:e8:53:3c:0e:f0:7e:5e:7e:d8:f2:b5:9f:
16:e8:8a:b0:cb:0e:b9:0d:17:fb:13:f3:5f:ac:05:a4:88:a2:
b7:d7:df:19:8b:94:96:d3:f3:2b:26:2c:3a:d6:3c:6c:78:69:
25:ce:34:e5:88:4f:b4:70:65:2e:fe:c4:b9:4c:46:d8:d4:69:
06:14:0b:d7:6d:dd:ad:fe:c7:82:88:0a:69:39:ba:4c:77:84:
d7:dc:fd:02:06:a8:b9:43:1f:13:8f:51:13:f4:5b:0f:de:9f:
fe:2d:82:cb:35:ac:88:23:60:b2:c4:33:f3:05:2f:f7:ed:e9:
93:6f:27:90:4c:f5:42:08:2c:ce:6a:58:49:7d:8c:e3:5e:f7:
88:1a:3c:84:56:56:19:90:30:bd:f5:b7:41:8e:da:23:c9:f4:
f3:0a:bc:ac:b4:dd:3b:42:d2:ef:01:7a:fb:26:8d:ba:cb:0c:
fa:41:a4:d8:e7:b8:4e:22:e7:dc:c9:22:c4:1b:07:09:70:d5:
45:b0:dc:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW4Vnpyp90Xoumlz8kURQ7wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjUwMzIxMTA1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGEzNGY3NDdmZjVkZTRiYjk4ZTJkYmE4OWQ4YjdhZWY2MTljYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ueT3ciIuyi6Nq7/dKrJh6bXneTv
Lvfv2g0IgKByRGpYEFHUtrPxgbh5HRbiYcKUzCpaJbW3kJKfXKEstK4hZE1zdAeY
ZvWBzIGz7x/fOcT80HjBUFYurZ2El6lTS96VnzCJitd5MmLcdLO7luDldh4GbtNx
0RFiPgF0Vc1pf6DcapZy4eTa2DWjnXyT3zklyIAKasq3g2cv+gVlj7cnShOjsstA
0COFo1Bcp2t9KKk2bNuuKjb/00QVlqAvss50+8dy9Zd1JxEeL28JOAD/lLhj9NPd
SoLsVRr5WpxADcr/iCqgeXwrIrzhz0zJdoOabecoZppUUCaZLd0Ub4mU2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCjT3R/9d5LuY4tuonYt672Gcw6MB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvb0tOUGRIXzEza3U1amkyNmlkaTNydllaekRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQHHMA0G
CSqGSIb3DQEBCwUAA4IBAQC2aZBiFTc+eZlYXoIo9bdxTES5Llnx0YfVK93JIpxn
Ys0k8dAXsqc2WkqDgQDa58sqLKzhOuc7WdLmutvoUzwO8H5eftjytZ8W6Iqwyw65
DRf7E/NfrAWkiKK3198Zi5SW0/MrJiw61jxseGklzjTliE+0cGUu/sS5TEbY1GkG
FAvXbd2t/seCiAppObpMd4TX3P0CBqi5Qx8Tj1ET9FsP3p/+LYLLNayII2CyxDPz
BS/37emTbyeQTPVCCCzOalhJfYzjXveIGjyEVlYZkDC99bdBjtojyfTzCrystN07
QtLvAXr7Jo26ywz6QaTY57hOIufcySLEGwcJcNVFsNxU
-----END CERTIFICATE-----
Generated at Sun May 4 07:01:59 2025 by rpki-client