Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/B4b02bo3Ta7CQr9rpXIaC7ZHKQ8.roa
File: B4b02bo3Ta7CQr9rpXIaC7ZHKQ8.roa (raw, json)
Hash identifier: K1nvNpZgRUgiswjOT2cly2aIH3ScZcPEA7hBbqbjNEc=
Subject key identifier: 07:86:F4:D9:BA:37:4D:AE:C2:42:BF:6B:A5:72:1A:0B:B6:47:29:0F
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 0193EE049DB65FA8C5659F5389773C94C7BC
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/B4b02bo3Ta7CQr9rpXIaC7ZHKQ8.roa
Signing time: Sun 22 Dec 2024 10:58:20 +0000
ROA not before: Sun 22 Dec 2024 10:58:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209235
IP address blocks: 185.130.194.0/24 maxlen: 24
2a09:c0c0::/29 maxlen: 29
2a09:c0c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ee:04:9d:b6:5f:a8:c5:65:9f:53:89:77:3c:94:c7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Dec 22 10:58:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0786f4d9ba374daec242bf6ba5721a0bb647290f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c6:b1:b1:ae:5d:37:ee:2a:90:77:db:59:46:
97:5f:77:15:bb:f4:c6:1d:43:90:96:76:75:7d:bf:
27:40:32:1e:58:62:91:1a:a1:31:65:64:f2:b2:f3:
15:95:a9:af:3f:f9:ea:e3:d6:a9:f5:a7:88:18:75:
70:54:43:89:24:f3:7f:be:14:60:b1:da:d0:c7:0e:
c4:fc:86:85:d9:bd:3a:5e:40:3b:6b:7a:83:2a:f2:
05:de:6c:22:d9:09:39:71:c5:31:ed:60:08:59:82:
7b:bc:d2:82:f2:ed:21:7c:97:9f:e5:e5:83:cb:28:
60:c2:5e:25:a5:eb:56:73:2e:1a:a9:e5:1c:fe:8e:
53:a2:86:dd:f2:bd:85:dc:66:de:4f:6c:b7:e2:8d:
0c:23:fa:54:08:c2:36:51:23:ed:1d:b8:5d:11:ce:
85:11:8a:7c:3b:90:6e:70:1d:58:d7:b8:76:61:ce:
22:9a:47:69:4f:a2:a6:29:89:12:c5:a6:5c:d1:f0:
3a:98:47:c0:53:a7:1a:83:34:e0:d7:38:8c:df:b5:
88:16:76:a6:38:02:c8:dc:3f:e9:e1:57:ab:b5:95:
f8:43:e1:74:1d:d9:0e:05:90:b8:48:87:1b:b9:13:
aa:79:24:89:4c:8a:b0:45:a1:e2:48:4b:5a:bb:15:
d1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:86:F4:D9:BA:37:4D:AE:C2:42:BF:6B:A5:72:1A:0B:B6:47:29:0F
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/B4b02bo3Ta7CQr9rpXIaC7ZHKQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.194.0/24
IPv6:
2a09:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:94:2b:43:18:a6:bd:e2:27:c4:59:fc:c1:fc:a2:0e:6a:6f:
34:6a:0b:b3:59:ec:42:32:06:b8:7d:c1:24:8f:94:a6:93:ab:
af:42:e0:a9:76:6f:fe:a4:4b:68:78:53:24:72:f2:fc:7c:ac:
36:42:94:77:2a:51:32:ff:16:14:9b:aa:ab:af:02:e4:36:4f:
66:c1:70:ba:8c:b6:5f:92:79:f5:67:83:bf:b7:6c:8a:01:e0:
5a:f2:a1:30:b9:52:29:6f:57:c4:de:cf:f3:4b:a2:cc:ae:38:
cf:f7:44:ec:85:c7:cf:23:b5:1f:c0:f2:5f:a5:c1:77:c3:f6:
a3:d4:c1:d1:95:8f:48:3e:c2:0e:a9:2e:ee:6b:12:94:aa:3c:
fe:ad:22:44:14:a8:d4:78:0c:01:45:94:66:19:6f:41:e7:cf:
32:9b:73:67:f0:30:c3:58:e1:86:18:8e:dc:8f:5d:80:4d:5f:
11:f7:e7:9a:df:87:b0:cc:c9:85:e3:c1:ee:25:36:6c:2b:48:
5f:16:7c:50:10:89:3b:db:4e:9b:a2:08:20:73:2a:ef:19:d5:
93:6b:bf:a0:5f:5d:3a:55:c6:12:d2:fd:66:bc:31:55:6c:d1:
db:a8:a4:4b:52:fb:86:16:9c:c9:4a:e9:68:86:5f:8d:e2:96:
2f:20:78:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZPuBJ22X6jFZZ9TiXc8lMe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjQxMjIyMTA1ODIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzg2ZjRkOWJhMzc0ZGFlYzI0MmJmNmJhNTcyMWEwYmI2NDcyOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78axsa5dN+4qkHfbWUaXX3cVu/TG
HUOQlnZ1fb8nQDIeWGKRGqExZWTysvMVlamvP/nq49ap9aeIGHVwVEOJJPN/vhRg
sdrQxw7E/IaF2b06XkA7a3qDKvIF3mwi2Qk5ccUx7WAIWYJ7vNKC8u0hfJef5eWD
yyhgwl4lpetWcy4aqeUc/o5Toobd8r2F3GbeT2y34o0MI/pUCMI2USPtHbhdEc6F
EYp8O5BucB1Y17h2Yc4imkdpT6KmKYkSxaZc0fA6mEfAU6cagzTg1ziM37WIFnam
OALI3D/p4VertZX4Q+F0HdkOBZC4SIcbuROqeSSJTIqwRaHiSEtauxXR9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAeG9Nm6N02uwkK/a6VyGgu2RykPMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEvQjRiMDJibzNUYTdDUXI5cnBYSWFDN1pIS1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYLCMA0E
AgACMAcDBQMqCcDAMA0GCSqGSIb3DQEBCwUAA4IBAQAslCtDGKa94ifEWfzB/KIO
am80aguzWexCMga4fcEkj5Smk6uvQuCpdm/+pEtoeFMkcvL8fKw2QpR3KlEy/xYU
m6qrrwLkNk9mwXC6jLZfknn1Z4O/t2yKAeBa8qEwuVIpb1fE3s/zS6LMrjjP90Ts
hcfPI7UfwPJfpcF3w/aj1MHRlY9IPsIOqS7uaxKUqjz+rSJEFKjUeAwBRZRmGW9B
588ym3Nn8DDDWOGGGI7cj12ATV8R9+ea34ewzMmF48HuJTZsK0hfFnxQEIk7206b
ogggcyrvGdWTa7+gX106VcYS0v1mvDFVbNHbqKRLUvuGFpzJSulohl+N4pYvIHiv
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:39:40 2025 by rpki-client