Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/g_VyohvUPWnTksAiACIPxHmEImY.roa
File: g_VyohvUPWnTksAiACIPxHmEImY.roa (raw, json)
Hash identifier: odFKlr8fPgnqDRuxnCTHOqvSj6hBkzJAC3YeYBdRquw=
Subject key identifier: 83:F5:72:A2:1B:D4:3D:69:D3:92:C0:22:00:22:0F:C4:79:84:22:66
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192BFFD89E12F44A38D525B7D6AF37C7459
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/g_VyohvUPWnTksAiACIPxHmEImY.roa
Signing time: Thu 24 Oct 2024 19:25:16 +0000
ROA not before: Thu 24 Oct 2024 19:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205059
IP address blocks: 185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 19:55:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:fd:89:e1:2f:44:a3:8d:52:5b:7d:6a:f3:7c:74:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 19:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83f572a21bd43d69d392c02200220fc479842266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ab:f0:17:37:02:21:1d:8c:8b:2f:1b:f0:e1:
5c:3b:f0:9e:0d:1f:5a:ba:95:b8:f2:d0:68:e5:da:
26:12:b4:90:73:aa:54:90:e8:c3:cb:c4:07:59:18:
31:9c:4b:92:26:e0:e2:9c:83:23:3b:80:6c:3c:47:
80:72:19:62:71:de:ae:85:18:e4:2d:4c:b8:4a:dd:
f6:c6:8f:5e:ba:8c:21:28:e0:09:53:bf:76:7f:41:
ea:2c:6f:0c:9c:53:51:f1:fa:ce:99:11:c9:b9:3a:
7c:f9:9f:03:7b:e0:53:a3:40:6b:17:4d:91:02:fe:
fe:18:1b:bb:d0:0f:de:87:21:22:e2:e7:27:0e:82:
c5:2a:df:d3:cb:6c:63:7e:61:35:ba:66:a7:bd:61:
45:21:74:32:17:04:40:48:59:e7:36:59:fb:e0:b2:
f2:7e:57:b4:59:3a:8f:09:c8:94:4f:9e:5c:9b:ba:
69:cf:ec:42:49:2e:ed:98:b3:34:03:5e:23:09:da:
65:18:4b:be:84:98:7e:6e:be:2e:a5:4d:fb:b2:c9:
fc:13:29:f7:57:45:d2:fe:dc:3e:5d:51:ee:2a:5c:
35:47:47:32:11:53:38:0d:99:8f:44:f7:d7:b7:52:
8b:ba:a8:04:e3:72:80:f9:83:53:73:f7:0c:82:d7:
b0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F5:72:A2:1B:D4:3D:69:D3:92:C0:22:00:22:0F:C4:79:84:22:66
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/g_VyohvUPWnTksAiACIPxHmEImY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.108.0/23
IPv6:
2a0f:aac0::/47
Signature Algorithm: sha256WithRSAEncryption
14:09:60:08:71:f6:3e:46:e6:f7:a9:59:05:22:c2:aa:cd:91:
e7:f1:8e:5e:8d:b8:3b:8b:53:c4:0d:5e:35:50:51:3d:1a:21:
30:58:0b:45:25:8a:95:8e:32:26:34:49:40:1b:cf:97:f7:41:
d2:a7:3d:f7:a1:7c:85:2b:58:38:57:06:4b:e7:6c:aa:8c:b4:
84:aa:f1:4d:b2:5d:07:27:d0:e2:c5:2d:73:7e:3d:e3:06:1c:
ed:b6:6d:75:05:58:f7:a7:e3:c6:fd:bd:96:8c:95:2d:e5:f9:
82:8e:f0:c8:53:17:ca:8d:6f:5a:55:0c:84:89:3c:e3:62:4d:
b7:73:b0:d1:8e:28:1c:4d:1e:43:33:ce:62:48:42:fd:dc:53:
f6:83:9a:4f:eb:7e:6f:29:64:52:61:c4:aa:84:96:c8:90:3a:
b1:c2:56:62:d4:28:4b:0a:38:08:99:b0:05:44:db:cd:c0:67:
a6:68:12:b8:4b:d1:de:3b:6f:da:6c:3c:20:1e:2e:91:5c:91:
ee:73:97:39:f8:67:25:24:3b:59:42:e4:2f:be:2a:89:95:48:
6c:e7:1d:a3:b7:ed:44:ca:59:94:51:e3:95:c1:1d:0e:a3:cc:
d0:1a:98:c2:e6:10:dd:d5:f1:5b:5c:c2:88:5e:fa:6e:ac:60:
69:06:58:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZK//YnhL0SjjVJbfWrzfHRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MTkyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y1NzJhMjFiZDQzZDY5ZDM5MmMwMjIwMDIyMGZjNDc5ODQyMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KvwFzcCIR2Miy8b8OFcO/CeDR9a
upW48tBo5domErSQc6pUkOjDy8QHWRgxnEuSJuDinIMjO4BsPEeAchlicd6uhRjk
LUy4St32xo9euowhKOAJU792f0HqLG8MnFNR8frOmRHJuTp8+Z8De+BTo0BrF02R
Av7+GBu70A/ehyEi4ucnDoLFKt/Ty2xjfmE1umanvWFFIXQyFwRASFnnNln74LLy
fle0WTqPCciUT55cm7ppz+xCSS7tmLM0A14jCdplGEu+hJh+br4upU37ssn8Eyn3
V0XS/tw+XVHuKlw1R0cyEVM4DZmPRPfXt1KLuqgE43KA+YNTc/cMgtewvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIP1cqIb1D1p05LAIgAiD8R5hCJmMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvZ19WeW9odlVQV25Ua3NBaUFDSVB4SG1FSW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuedsMA8E
AgACMAkDBwEqD6rAAAAwDQYJKoZIhvcNAQELBQADggEBABQJYAhx9j5G5vepWQUi
wqrNkefxjl6NuDuLU8QNXjVQUT0aITBYC0UlipWOMiY0SUAbz5f3QdKnPfehfIUr
WDhXBkvnbKqMtISq8U2yXQcn0OLFLXN+PeMGHO22bXUFWPen48b9vZaMlS3l+YKO
8MhTF8qNb1pVDISJPONiTbdzsNGOKBxNHkMzzmJIQv3cU/aDmk/rfm8pZFJhxKqE
lsiQOrHCVmLUKEsKOAiZsAVE283AZ6ZoErhL0d47b9psPCAeLpFcke5zlzn4ZyUk
O1lC5C++KomVSGznHaO37UTKWZRR45XBHQ6jzNAamMLmEN3V8Vtcwohe+m6sYGkG
WHk=
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:23:17 2025 by rpki-client