Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mOoBv8iUPNM_UvGTrdqKXhDY9KQ.roa
File: mOoBv8iUPNM_UvGTrdqKXhDY9KQ.roa (raw, json)
Hash identifier: HgiRwePXFvtgN1lkdNCUMFuzfd2nanZf3XK6+UdfKCs=
Subject key identifier: 98:EA:01:BF:C8:94:3C:D3:3F:52:F1:93:AD:DA:8A:5E:10:D8:F4:A4
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0196582E491D98EBA8FDC233CAE8CE5A3A13
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mOoBv8iUPNM_UvGTrdqKXhDY9KQ.roa
Signing time: Mon 21 Apr 2025 11:49:10 +0000
ROA not before: Mon 21 Apr 2025 11:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.209.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 19:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:2e:49:1d:98:eb:a8:fd:c2:33:ca:e8:ce:5a:3a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 21 11:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98ea01bfc8943cd33f52f193adda8a5e10d8f4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2c:6c:25:e6:9b:a6:cf:66:ab:d7:e1:c4:f4:
19:25:c1:ad:67:46:16:e5:7b:fb:a9:8e:c4:f5:e4:
63:9c:32:b1:f6:e7:21:d6:66:a2:b8:09:35:af:a7:
fc:95:1b:18:a2:fc:ff:be:88:94:d9:f6:a8:6a:cc:
66:6c:97:2b:32:10:c7:11:bc:21:bf:86:de:a4:92:
1b:0f:93:b0:c7:eb:9f:b1:35:4c:e4:b0:79:a7:1b:
e0:e5:ba:dd:fd:dd:d8:43:ff:a7:74:a8:d1:62:c8:
c1:56:86:e1:9e:ef:1e:89:08:4f:e7:9d:20:82:f8:
28:91:d6:76:1a:b2:0d:1c:d4:c1:49:f7:94:d1:64:
ad:ed:b2:27:26:19:82:7a:d3:58:d4:a7:bf:df:4c:
1a:83:6f:69:6f:2a:11:ec:ef:3b:f1:a0:20:09:d3:
3b:e0:44:5b:5e:de:5d:f1:db:08:4a:a0:3a:66:41:
d1:4a:99:7b:0f:12:73:99:63:58:3e:92:9f:59:96:
e9:4b:da:af:05:4d:44:a6:db:e1:c1:06:60:d5:01:
57:81:3b:56:43:ed:0f:a1:f2:73:3e:6d:02:15:1e:
fa:c3:60:ca:c2:86:53:a4:33:b1:f7:4e:2f:21:c8:
d6:0b:a8:cd:c6:d8:22:56:da:77:21:bc:73:52:5e:
c3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EA:01:BF:C8:94:3C:D3:3F:52:F1:93:AD:DA:8A:5E:10:D8:F4:A4
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mOoBv8iUPNM_UvGTrdqKXhDY9KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.161.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:fa:d0:69:d4:77:e3:3e:05:fe:4a:54:d3:58:c1:a8:9a:ca:
41:0a:5a:b0:54:c4:c8:6e:b8:1f:da:04:92:d1:c4:81:90:54:
37:29:90:ca:71:ba:8b:82:0a:eb:5e:be:47:c5:76:8d:14:70:
74:6b:79:5e:15:3e:8d:4d:36:d3:12:22:40:5a:96:e9:1b:67:
3a:79:75:4d:30:36:c2:c8:77:ba:07:ef:80:e7:a3:4e:ae:e7:
ee:96:cc:4b:d6:cc:91:4c:0b:4d:f9:9e:fc:f5:76:6f:0e:30:
46:61:01:13:d4:d3:25:bb:e5:c2:a3:82:71:c5:2e:78:40:58:
49:6e:55:59:29:da:30:f4:9b:5b:88:a8:0e:bc:36:c3:da:25:
a4:71:f5:29:9d:03:db:3a:89:6c:81:b9:92:e7:62:53:d2:57:
ef:bf:3c:15:1e:71:cb:ed:f2:2d:ff:af:ef:fb:6c:3b:dd:77:
27:5f:51:04:38:ba:ca:6f:10:39:d9:0c:76:83:c6:95:da:fc:
c6:f3:af:0c:50:e3:c7:84:58:3e:97:f7:eb:c6:16:38:4b:cf:
9f:56:4c:83:13:f9:97:ea:0e:69:d8:22:33:f5:d0:b0:de:9e:
6a:93:c8:c6:45:9f:49:01:3d:e3:b9:95:4d:3e:25:04:27:27:
cc:6a:2f:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZYLkkdmOuo/cIzyujOWjoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNDIxMTE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVhMDFiZmM4OTQzY2QzM2Y1MmYxOTNhZGRhOGE1ZTEwZDhmNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCxsJeabps9mq9fhxPQZJcGtZ0YW
5Xv7qY7E9eRjnDKx9uch1maiuAk1r6f8lRsYovz/voiU2faoasxmbJcrMhDHEbwh
v4bepJIbD5Owx+ufsTVM5LB5pxvg5brd/d3YQ/+ndKjRYsjBVobhnu8eiQhP550g
gvgokdZ2GrINHNTBSfeU0WSt7bInJhmCetNY1Ke/30wag29pbyoR7O878aAgCdM7
4ERbXt5d8dsISqA6ZkHRSpl7DxJzmWNYPpKfWZbpS9qvBU1EptvhwQZg1QFXgTtW
Q+0PofJzPm0CFR76w2DKwoZTpDOx904vIcjWC6jNxtgiVtp3IbxzUl7DtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjqAb/IlDzTP1Lxk63ail4Q2PSkMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbU9vQnY4aVVQTk1fVXZHVHJkcUtYaERZOUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGhMA0G
CSqGSIb3DQEBCwUAA4IBAQAv+tBp1HfjPgX+SlTTWMGomspBClqwVMTIbrgf2gSS
0cSBkFQ3KZDKcbqLggrrXr5HxXaNFHB0a3leFT6NTTbTEiJAWpbpG2c6eXVNMDbC
yHe6B++A56NOrufulsxL1syRTAtN+Z789XZvDjBGYQET1NMlu+XCo4JxxS54QFhJ
blVZKdow9JtbiKgOvDbD2iWkcfUpnQPbOolsgbmS52JT0lfvvzwVHnHL7fIt/6/v
+2w73XcnX1EEOLrKbxA52Qx2g8aV2vzG868MUOPHhFg+l/frxhY4S8+fVkyDE/mX
6g5p2CIz9dCw3p5qk8jGRZ9JAT3juZVNPiUEJyfMai9M
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:20:44 2025 by rpki-client