Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/232047-b2e8-4fba-bdd5-c3fec45ed056/1/2AOtHpb-BGVEdDZ_U7eufT4JsB8.roa
File: 2AOtHpb-BGVEdDZ_U7eufT4JsB8.roa (raw, json)
Hash identifier: r5osbaL5bqeQievC5aXpEfqR+GV+5dIQsYclbvj8nEs=
Subject key identifier: D8:03:AD:1E:96:FE:04:65:44:74:36:7F:53:B7:AE:7D:3E:09:B0:1F
Certificate issuer: /CN=07077969a8b6a55c461adde106c006486a26359f
Certificate serial: 01961A36314F76BF3E1E82BAB546BF38E195
Authority key identifier: 07:07:79:69:A8:B6:A5:5C:46:1A:DD:E1:06:C0:06:48:6A:26:35:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bwd5aai2pVxGGt3hBsAGSGomNZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/232047-b2e8-4fba-bdd5-c3fec45ed056/1/2AOtHpb-BGVEdDZ_U7eufT4JsB8.roa
Signing time: Wed 09 Apr 2025 11:01:21 +0000
ROA not before: Wed 09 Apr 2025 11:01:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215679
IP address blocks: 185.219.112.0/22 maxlen: 24
2a14:7780::/29 maxlen: 64
Validation: Failed, certificate revoked on Wed 09 Apr 2025 11:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1a:36:31:4f:76:bf:3e:1e:82:ba:b5:46:bf:38:e1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07077969a8b6a55c461adde106c006486a26359f
Validity
Not Before: Apr 9 11:01:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d803ad1e96fe04654474367f53b7ae7d3e09b01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c0:49:87:22:2c:5f:f9:07:10:ab:1a:ba:de:
84:a8:c5:73:cb:42:f4:49:bf:5a:f7:1d:c0:af:69:
d3:be:d1:ef:c2:8a:72:6a:b5:17:39:77:12:a4:4c:
0f:78:06:d1:d0:32:1a:cb:20:3c:a7:c5:ad:59:6d:
ab:28:ed:88:11:9f:21:c4:6e:2c:be:7d:b0:a1:69:
67:9b:76:33:47:4b:16:c6:02:92:03:1b:cc:3c:89:
86:3a:2f:17:bc:ab:39:8c:0d:17:9d:a4:37:ca:4b:
36:da:17:a4:22:19:2e:f3:6a:8e:4a:6d:19:8a:3f:
2f:65:b4:10:17:54:3b:a1:96:65:86:bd:f5:db:30:
2e:af:7a:9e:af:e7:2c:67:40:a5:57:4a:26:6a:05:
a4:81:cd:56:7f:f5:51:ad:41:9f:1c:09:47:7c:31:
a2:d0:60:61:a3:b1:88:e6:bb:70:8c:6e:df:2e:ca:
a0:b9:ef:b4:9b:bd:bc:08:68:df:f9:25:cb:fe:c6:
48:7a:fe:c9:97:c4:b2:9d:6f:59:ce:08:98:a3:b7:
b1:81:92:ad:cf:5b:ce:23:a2:c5:5d:85:99:e3:17:
b0:54:24:78:e9:c1:c8:ae:fe:56:58:72:e0:04:57:
d4:54:e8:4d:c0:46:f0:bc:13:69:1a:1f:9f:b5:e9:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:03:AD:1E:96:FE:04:65:44:74:36:7F:53:B7:AE:7D:3E:09:B0:1F
X509v3 Authority Key Identifier:
keyid:07:07:79:69:A8:B6:A5:5C:46:1A:DD:E1:06:C0:06:48:6A:26:35:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bwd5aai2pVxGGt3hBsAGSGomNZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/232047-b2e8-4fba-bdd5-c3fec45ed056/1/2AOtHpb-BGVEdDZ_U7eufT4JsB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/232047-b2e8-4fba-bdd5-c3fec45ed056/1/Bwd5aai2pVxGGt3hBsAGSGomNZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.112.0/22
IPv6:
2a14:7780::/29
Signature Algorithm: sha256WithRSAEncryption
20:76:48:b1:61:29:62:26:a5:2a:a8:a6:ad:a5:ba:6a:46:ec:
15:93:ba:8e:01:39:11:0b:ff:c5:a8:fc:74:ed:26:ca:eb:3d:
a1:99:66:2a:7f:53:e8:93:6d:eb:ce:2f:20:36:d8:45:c5:e0:
d9:bf:c6:01:56:bd:51:76:1c:fe:af:62:54:1b:4e:f2:19:7b:
05:f9:0d:6d:66:07:0e:aa:77:13:f9:77:9c:1a:c2:fb:ee:64:
e1:ac:d1:fa:03:49:c9:40:2f:33:ba:71:d6:07:a5:de:d2:df:
b6:cf:9d:14:ad:55:55:f1:27:e0:9f:5a:81:d4:61:dd:8b:0c:
3b:c1:38:b5:cc:da:d1:ce:4d:cc:1d:c8:0e:ad:a7:6e:7a:f2:
ed:b6:ce:3e:0d:49:68:eb:d4:3e:72:56:70:2f:f8:ef:71:2f:
79:4c:ef:7f:25:1e:34:fa:3c:83:5d:6f:8a:07:89:e7:34:29:
4d:ac:ea:34:3e:17:d3:a8:20:01:d2:2f:95:d8:fb:57:75:51:
c7:9a:1e:b4:34:4b:a3:9f:b6:85:52:cc:87:f2:1e:95:5c:32:
6c:d3:2c:04:d1:01:0d:f6:c1:c9:aa:d5:01:0b:5f:88:26:be:
3a:58:77:7f:ea:6c:c5:42:37:52:f7:b4:ae:fb:b7:6a:0e:b0:
24:d8:29:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZYaNjFPdr8+HoK6tUa/OOGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDc3OTY5YThiNmE1NWM0NjFhZGRlMTA2YzAwNjQ4NmEy
NjM1OWYwHhcNMjUwNDA5MTEwMTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODAzYWQxZTk2ZmUwNDY1NDQ3NDM2N2Y1M2I3YWU3ZDNlMDliMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18BJhyIsX/kHEKsaut6EqMVzy0L0
Sb9a9x3Ar2nTvtHvwopyarUXOXcSpEwPeAbR0DIayyA8p8WtWW2rKO2IEZ8hxG4s
vn2woWlnm3YzR0sWxgKSAxvMPImGOi8XvKs5jA0XnaQ3yks22hekIhku82qOSm0Z
ij8vZbQQF1Q7oZZlhr312zAur3qer+csZ0ClV0omagWkgc1Wf/VRrUGfHAlHfDGi
0GBho7GI5rtwjG7fLsqgue+0m728CGjf+SXL/sZIev7Jl8SynW9ZzgiYo7exgZKt
z1vOI6LFXYWZ4xewVCR46cHIrv5WWHLgBFfUVOhNwEbwvBNpGh+ftelqjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNgDrR6W/gRlRHQ2f1O3rn0+CbAfMB8GA1UdIwQY
MBaAFAcHeWmotqVcRhrd4QbABkhqJjWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndkNWFhaTJwVnhHR3QzaEJzQUdTR29tTlo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yMzIwNDctYjJlOC00ZmJhLWJkZDUt
YzNmZWM0NWVkMDU2LzEvMkFPdEhwYi1CR1ZFZERaX1U3ZXVmVDRKc0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yMzIwNDctYjJlOC00ZmJhLWJkZDUtYzNmZWM0NWVkMDU2
LzEvQndkNWFhaTJwVnhHR3QzaEJzQUdTR29tTlo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudtwMA0E
AgACMAcDBQMqFHeAMA0GCSqGSIb3DQEBCwUAA4IBAQAgdkixYSliJqUqqKatpbpq
RuwVk7qOATkRC//FqPx07SbK6z2hmWYqf1Pok23rzi8gNthFxeDZv8YBVr1Rdhz+
r2JUG07yGXsF+Q1tZgcOqncT+XecGsL77mThrNH6A0nJQC8zunHWB6Xe0t+2z50U
rVVV8Sfgn1qB1GHdiww7wTi1zNrRzk3MHcgOraduevLtts4+DUlo69Q+clZwL/jv
cS95TO9/JR40+jyDXW+KB4nnNClNrOo0PhfTqCAB0i+V2PtXdVHHmh60NEujn7aF
UsyH8h6VXDJs0ywE0QEN9sHJqtUBC1+IJr46WHd/6mzFQjdS97Su+7dqDrAk2Cln
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:37:44 2025 by rpki-client