Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/b5oI8CeJ6qgEVktXqwXrrEpXOKw.roa
File: b5oI8CeJ6qgEVktXqwXrrEpXOKw.roa (raw, json)
Hash identifier: ChcR9bP9th6BJw3VzECNX1hG4VLPFBC13j/AyjGBM94=
Subject key identifier: 6F:9A:08:F0:27:89:EA:A8:04:56:4B:57:AB:05:EB:AC:4A:57:38:AC
Certificate issuer: /CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Certificate serial: 0194F96A54F3F1D7C14B82A0F645D8B0691A
Authority key identifier: A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/b5oI8CeJ6qgEVktXqwXrrEpXOKw.roa
Signing time: Wed 12 Feb 2025 09:08:02 +0000
ROA not before: Wed 12 Feb 2025 09:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203217
IP address blocks: 185.239.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 09:40:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:6a:54:f3:f1:d7:c1:4b:82:a0:f6:45:d8:b0:69:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6785773df313b91711bf6bc5b149ecc246b9e89
Validity
Not Before: Feb 12 09:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f9a08f02789eaa804564b57ab05ebac4a5738ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f0:fb:2a:1e:1e:aa:4e:fc:00:27:a1:57:ed:
f7:e6:c3:95:1e:41:73:b2:9d:21:52:21:fb:b7:bf:
cc:9b:2b:c5:3a:27:01:2f:f4:93:7a:0f:2d:f5:88:
f6:0f:3b:df:8e:28:42:f2:f0:27:94:0f:64:f6:71:
81:56:e2:8a:dd:c6:45:3b:6c:c2:66:67:06:94:1e:
0f:cd:80:5d:a8:e4:1e:6b:44:48:e9:a6:64:c2:5e:
9d:70:45:cd:dc:d4:62:3d:91:78:9a:0a:c2:81:12:
5d:66:59:2b:37:6e:66:dc:5c:28:db:a6:7e:ec:11:
aa:34:fc:dd:3b:4d:48:72:62:bb:cd:2a:f5:da:48:
97:12:8d:dd:b0:c0:53:c4:00:d0:1d:29:02:1c:b5:
2f:6a:df:45:7a:e5:f5:f6:56:cd:a1:5a:c7:2e:d0:
15:ea:22:ab:f9:ec:7f:09:69:6e:84:1d:50:60:8a:
8c:e1:ec:fb:0e:fe:ca:1e:40:fc:eb:e0:1c:47:04:
e9:3f:40:05:77:bd:b1:af:09:63:cf:db:62:ba:1d:
de:a5:83:f3:13:c6:d5:cc:79:a5:de:c2:45:5d:e7:
0f:84:a0:b9:3c:b0:3f:10:7a:b5:e9:02:cd:ec:e2:
b4:af:ed:c2:54:4f:ff:7d:a1:49:14:15:3f:d9:d9:
30:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:9A:08:F0:27:89:EA:A8:04:56:4B:57:AB:05:EB:AC:4A:57:38:AC
X509v3 Authority Key Identifier:
keyid:A6:78:57:73:DF:31:3B:91:71:1B:F6:BC:5B:14:9E:CC:24:6B:9E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pnhXc98xO5FxG_a8WxSezCRrnok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/b5oI8CeJ6qgEVktXqwXrrEpXOKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ae9211-c52d-480d-a591-d75869c0c71e/1/pnhXc98xO5FxG_a8WxSezCRrnok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.178.0/24
Signature Algorithm: sha256WithRSAEncryption
34:28:f8:fc:51:3b:3f:9d:0c:53:ad:d3:3a:3b:38:65:e7:f1:
24:68:42:e9:fe:94:ca:04:7d:95:38:88:ca:ca:76:64:31:de:
d2:1e:7f:2e:38:ee:96:0a:d9:ea:43:c2:31:15:a8:08:9c:93:
49:7c:60:53:d4:02:72:48:86:ce:7a:8b:a4:25:67:98:bc:1c:
64:55:6b:a1:66:91:ba:25:2f:05:5a:8b:53:5f:18:2a:1a:50:
7b:60:72:42:10:ff:02:ca:32:41:e8:05:2c:77:c7:26:f5:c2:
a1:8c:65:b8:aa:64:2b:3d:a6:79:22:69:45:aa:46:bf:24:61:
51:03:24:38:43:22:d0:fe:33:65:ca:f3:c0:e8:3b:75:40:ba:
71:34:7f:e0:9a:6e:50:6a:5c:90:e3:6e:0d:aa:c7:92:d5:ff:
99:21:16:34:4b:80:7a:ab:f7:58:a9:c5:e7:35:7d:93:13:fc:
af:7c:8e:f7:e2:3e:73:6d:8d:c0:c9:c6:9b:c4:07:c2:05:12:
2e:ab:88:c6:6d:95:2e:70:76:ba:b7:03:ad:d6:f8:24:7d:9f:
57:8a:c2:e2:82:75:87:9f:e0:30:ea:6f:4c:98:ee:3d:75:94:
8b:cd:7f:1d:eb:c1:23:0d:2f:50:16:89:57:12:14:ad:83:db:
d6:9a:85:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT5alTz8dfBS4Kg9kXYsGkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Nzg1NzczZGYzMTNiOTE3MTFiZjZiYzViMTQ5ZWNjMjQ2
YjllODkwHhcNMjUwMjEyMDkwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjlhMDhmMDI3ODllYWE4MDQ1NjRiNTdhYjA1ZWJhYzRhNTczOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfD7Kh4eqk78ACehV+335sOVHkFz
sp0hUiH7t7/MmyvFOicBL/STeg8t9Yj2DzvfjihC8vAnlA9k9nGBVuKK3cZFO2zC
ZmcGlB4PzYBdqOQea0RI6aZkwl6dcEXN3NRiPZF4mgrCgRJdZlkrN25m3Fwo26Z+
7BGqNPzdO01IcmK7zSr12kiXEo3dsMBTxADQHSkCHLUvat9FeuX19lbNoVrHLtAV
6iKr+ex/CWluhB1QYIqM4ez7Dv7KHkD86+AcRwTpP0AFd72xrwljz9tiuh3epYPz
E8bVzHml3sJFXecPhKC5PLA/EHq16QLN7OK0r+3CVE//faFJFBU/2dkwyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+aCPAnieqoBFZLV6sF66xKVzisMB8GA1UdIwQY
MBaAFKZ4V3PfMTuRcRv2vFsUnswka56JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEt
ZDc1ODY5YzBjNzFlLzEvYjVvSThDZUo2cWdFVmt0WHF3WHJyRXBYT0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hZTkyMTEtYzUyZC00ODBkLWE1OTEtZDc1ODY5YzBjNzFl
LzEvcG5oWGM5OHhPNUZ4R19hOFd4U2V6Q1Jybm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue+yMA0G
CSqGSIb3DQEBCwUAA4IBAQA0KPj8UTs/nQxTrdM6Ozhl5/EkaELp/pTKBH2VOIjK
ynZkMd7SHn8uOO6WCtnqQ8IxFagInJNJfGBT1AJySIbOeoukJWeYvBxkVWuhZpG6
JS8FWotTXxgqGlB7YHJCEP8CyjJB6AUsd8cm9cKhjGW4qmQrPaZ5ImlFqka/JGFR
AyQ4QyLQ/jNlyvPA6Dt1QLpxNH/gmm5QalyQ424NqseS1f+ZIRY0S4B6q/dYqcXn
NX2TE/yvfI734j5zbY3AycabxAfCBRIuq4jGbZUucHa6twOt1vgkfZ9XisLignWH
n+Aw6m9MmO49dZSLzX8d68EjDS9QFolXEhStg9vWmoVI
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:19:02 2025 by rpki-client