Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-n-R9I-atg1XRuSCqObFhFCn7VA.roa
File: 1-n-R9I-atg1XRuSCqObFhFCn7VA.roa (raw, json)
Hash identifier: zlXVIHUTthGIvG8OuOow1U9S8NhiOlC4UUWGfnw0gtw=
Subject key identifier: FA:7F:91:F4:8F:9A:B6:0D:57:46:E4:82:A8:E6:C5:84:50:A7:ED:50
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194EF23128E761951B7A94EC2E4601F65BF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-n-R9I-atg1XRuSCqObFhFCn7VA.roa
Signing time: Mon 10 Feb 2025 09:14:00 +0000
ROA not before: Mon 10 Feb 2025 09:14:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 11:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:23:12:8e:76:19:51:b7:a9:4e:c2:e4:60:1f:65:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 10 09:14:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa7f91f48f9ab60d5746e482a8e6c58450a7ed50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:98:32:aa:e9:e5:58:b8:ad:5e:b0:9a:01:9f:
ba:3e:93:5f:d2:74:b2:93:a2:ae:f8:8a:79:19:da:
35:8e:60:d9:17:da:12:33:8e:7c:95:c7:10:6c:67:
b8:5a:ac:f0:13:f4:78:73:b2:ca:18:f0:33:b7:67:
ef:58:0a:f0:d5:5e:e8:9d:65:05:67:0c:0e:a6:f3:
3c:e5:49:b1:a4:e4:6e:0e:77:a8:26:a4:32:11:40:
ac:e3:69:2b:5c:73:02:13:0b:fe:31:f3:85:dd:99:
5b:7c:13:9f:0d:da:9f:e2:67:17:b2:3d:a1:e4:fb:
70:21:ec:3e:d8:dd:cf:b2:c4:fa:66:49:0a:65:6a:
5e:95:51:85:b4:6e:56:e7:a6:fc:22:4f:a8:5c:e3:
6e:b4:a9:a7:b0:5b:17:b6:53:5c:2f:97:ca:f9:0b:
6c:c1:a0:d7:4b:2f:40:86:5d:a8:87:44:28:a5:da:
09:2a:ad:6d:eb:27:32:b2:24:d0:97:9d:23:e6:80:
0e:19:d8:22:a7:56:f2:c1:ca:36:da:e8:70:ce:96:
31:19:72:55:ff:c4:e1:a5:21:c9:53:08:37:0e:94:
9d:03:5f:f3:3a:c7:d9:92:cf:79:76:e2:80:f9:a9:
e2:6f:9b:74:51:8a:be:19:e3:30:c3:66:3a:38:9a:
73:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7F:91:F4:8F:9A:B6:0D:57:46:E4:82:A8:E6:C5:84:50:A7:ED:50
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-n-R9I-atg1XRuSCqObFhFCn7VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.209.75.0/24
185.218.20.0/24
185.220.250.0/23
185.222.28.0/24
185.223.78.0/24
185.223.80.0/24
185.225.0.0/23
185.226.104.0/24
185.226.107.0/24
185.227.146.0/23
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:a9:a8:23:fe:b6:2f:76:a8:bc:64:e4:33:aa:0d:29:b9:ee:
96:42:15:22:34:e6:23:a9:63:ff:f1:19:6d:e6:9e:f3:da:fc:
61:bc:d7:3e:9a:23:9c:dc:f0:85:76:da:02:fd:bf:b0:7b:98:
20:5f:1d:e0:9e:2b:69:61:8f:c9:aa:13:5b:14:b2:f4:ad:56:
19:e4:f6:fb:1d:38:83:9a:a5:44:dc:41:13:eb:c7:c6:57:bd:
14:67:bf:83:9f:da:b6:f8:47:84:a6:ce:3e:42:1a:f6:06:13:
58:0d:c6:fa:24:0a:f9:d6:80:29:f2:12:3a:57:53:6e:f7:e2:
41:4e:f4:ba:cb:85:f2:63:52:fc:48:c0:0c:7a:47:18:b6:94:
8e:1f:a8:61:73:c4:3f:4b:7e:cf:b3:87:8e:ba:cc:c5:71:20:
f1:58:b6:4b:a1:c0:3d:8a:19:d8:b3:ed:22:55:f6:30:6b:7d:
f9:06:2d:70:f7:3a:fa:3d:d1:65:d3:e7:a1:f3:bc:7d:29:0c:
f1:66:25:f6:d0:4e:75:0d:7b:e4:b8:72:79:65:36:0b:c7:e4:
5a:00:21:58:33:ba:fa:a3:c8:d7:af:b5:95:02:e2:1d:26:43:
67:fe:20:29:08:43:e2:ca:de:ea:02:26:0e:e9:3b:df:3e:5b:
d7:62:1a:a8
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZTvIxKOdhlRt6lOwuRgH2W/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjEwMDkxNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTdmOTFmNDhmOWFiNjBkNTc0NmU0ODJhOGU2YzU4NDUwYTdlZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupgyqunlWLitXrCaAZ+6PpNf0nSy
k6Ku+Ip5Gdo1jmDZF9oSM458lccQbGe4WqzwE/R4c7LKGPAzt2fvWArw1V7onWUF
ZwwOpvM85UmxpORuDneoJqQyEUCs42krXHMCEwv+MfOF3ZlbfBOfDdqf4mcXsj2h
5PtwIew+2N3PssT6ZkkKZWpelVGFtG5W56b8Ik+oXONutKmnsFsXtlNcL5fK+Qts
waDXSy9Ahl2oh0QopdoJKq1t6ycysiTQl50j5oAOGdgip1bywco22uhwzpYxGXJV
/8ThpSHJUwg3DpSdA1/zOsfZks95duKA+anib5t0UYq+GeMww2Y6OJpzGQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPp/kfSPmrYNV0bkgqjmxYRQp+1QMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1uLVI5SS1hdGcxWFJ1U0NxT2JGaEZDbjdWQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEALl+UgME
ALnRSwMEALnaFAMEAbnc+gMEALneHAMEALnfTgMEALnfUAMEAbnhAAMEALniaAME
ALniawMEAbnjkgMEAcEIcAMEAcE6kjANBgkqhkiG9w0BAQsFAAOCAQEAuqmoI/62
L3aovGTkM6oNKbnulkIVIjTmI6lj//EZbeae89r8YbzXPpojnNzwhXbaAv2/sHuY
IF8d4J4raWGPyaoTWxSy9K1WGeT2+x04g5qlRNxBE+vHxle9FGe/g5/atvhHhKbO
PkIa9gYTWA3G+iQK+daAKfISOldTbvfiQU70usuF8mNS/EjADHpHGLaUjh+oYXPE
P0t+z7OHjrrMxXEg8Vi2S6HAPYoZ2LPtIlX2MGt9+QYtcPc6+j3RZdPnofO8fSkM
8WYl9tBOdQ175LhyeWU2C8fkWgAhWDO6+qPI16+1lQLiHSZDZ/4gKQhD4sre6gIm
Duk73z5b12IaqA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:43:11 2025 by rpki-client