Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/mmq0J21REtAUg9-rQ7l-DFyv_4w.roa
File: mmq0J21REtAUg9-rQ7l-DFyv_4w.roa (raw, json)
Hash identifier: zPwwFh1RUoAHGs3rPtEDw99lnxsXS5k0Lh/sg8p7B+M=
Subject key identifier: 9A:6A:B4:27:6D:51:12:D0:14:83:DF:AB:43:B9:7E:0C:5C:AF:FF:8C
Certificate issuer: /CN=6c195b9bd47001eab50fdba1de0d2d3f4527f675
Certificate serial: 019546C09BF13E58D2C0CA8F5FA21967866E
Authority key identifier: 6C:19:5B:9B:D4:70:01:EA:B5:0F:DB:A1:DE:0D:2D:3F:45:27:F6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/mmq0J21REtAUg9-rQ7l-DFyv_4w.roa
Signing time: Thu 27 Feb 2025 09:33:02 +0000
ROA not before: Thu 27 Feb 2025 09:33:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.121.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 10:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:c0:9b:f1:3e:58:d2:c0:ca:8f:5f:a2:19:67:86:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c195b9bd47001eab50fdba1de0d2d3f4527f675
Validity
Not Before: Feb 27 09:33:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a6ab4276d5112d01483dfab43b97e0c5cafff8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f5:b3:32:85:c5:f6:6c:cd:38:94:5c:ff:f9:
06:84:40:7d:83:ff:be:de:90:4c:86:68:37:30:45:
dc:c2:0a:f9:d8:34:22:42:77:ff:e0:d8:94:f5:f4:
ad:9b:d0:a1:b1:e9:c5:05:ce:b0:a4:bd:ae:bc:d6:
47:24:c7:58:3a:d8:b5:6f:71:7e:dc:6e:89:84:8b:
3b:6f:58:9d:c6:0a:28:58:3a:f8:1a:01:ee:ab:e9:
13:88:71:1b:be:81:aa:96:01:9e:06:ce:f0:15:40:
55:1b:d6:6d:1c:f1:c3:a6:38:0c:9c:0d:3d:91:06:
c3:1a:17:f7:b0:3c:b5:43:3b:29:62:c5:1a:0e:0d:
b2:1f:cd:35:f3:de:0e:e0:91:c1:79:35:be:d7:32:
e9:ee:4a:1d:5b:8c:40:79:1a:a9:93:5e:d5:39:b1:
03:65:8d:db:dc:24:cd:80:2c:5a:7a:29:4f:a4:4a:
99:e6:4f:7c:e2:a5:90:dd:a8:19:a8:f8:ea:8c:59:
8b:0f:3a:1a:07:97:03:f5:45:e3:0d:23:b8:50:51:
e9:10:66:22:19:51:f2:a5:e7:ad:d1:a2:09:87:cf:
86:c3:2b:ff:49:d5:3e:bd:e9:07:ff:a8:3d:0f:4e:
51:ad:62:54:74:f5:71:a1:eb:3f:e1:b7:7e:71:a8:
21:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6A:B4:27:6D:51:12:D0:14:83:DF:AB:43:B9:7E:0C:5C:AF:FF:8C
X509v3 Authority Key Identifier:
keyid:6C:19:5B:9B:D4:70:01:EA:B5:0F:DB:A1:DE:0D:2D:3F:45:27:F6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/mmq0J21REtAUg9-rQ7l-DFyv_4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.140.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:32:13:f4:59:d3:17:0a:b6:51:fa:f2:ec:25:2a:14:0e:d3:
e0:69:4b:d8:93:d3:23:be:d3:18:ad:de:8e:a1:95:3f:0d:99:
d1:f6:b8:70:17:10:dc:80:7c:44:82:93:7b:7d:72:4b:b7:ab:
89:c5:4f:ac:0a:5c:f1:7e:3b:15:fb:45:d3:12:31:4d:5c:f5:
e2:ac:d4:bf:ac:fe:91:9a:88:41:0f:4e:7c:0a:c3:65:65:f9:
58:50:7a:91:bb:6a:74:1b:32:5e:80:52:30:c9:3f:b8:b3:e6:
e0:c6:9e:4c:28:18:f2:22:7d:7f:0f:53:a8:45:d0:1f:49:e2:
92:af:4f:6a:e4:73:16:d8:5b:3e:7f:41:f3:e4:41:f0:64:2a:
6b:91:d6:29:db:14:13:63:8c:58:fa:61:db:59:80:af:93:99:
02:6d:c7:08:af:6f:ca:b8:15:85:4e:e0:b9:e5:3b:d8:8f:36:
13:14:c8:55:6d:64:46:ad:4a:86:d1:10:84:cc:07:cb:8d:92:
66:9e:c4:61:dc:8e:7e:b3:b9:84:d0:84:cd:7f:e3:b8:d1:f1:
01:41:3c:3f:09:29:11:30:c9:82:f3:63:6c:eb:b9:47:0f:a2:
eb:93:32:b2:a6:f5:69:2c:a1:ef:64:fe:c0:2d:e0:67:88:c6:
87:c9:06:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVGwJvxPljSwMqPX6IZZ4ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMTk1YjliZDQ3MDAxZWFiNTBmZGJhMWRlMGQyZDNmNDUy
N2Y2NzUwHhcNMjUwMjI3MDkzMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZhYjQyNzZkNTExMmQwMTQ4M2RmYWI0M2I5N2UwYzVjYWZmZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/WzMoXF9mzNOJRc//kGhEB9g/++
3pBMhmg3MEXcwgr52DQiQnf/4NiU9fStm9ChsenFBc6wpL2uvNZHJMdYOti1b3F+
3G6JhIs7b1idxgooWDr4GgHuq+kTiHEbvoGqlgGeBs7wFUBVG9ZtHPHDpjgMnA09
kQbDGhf3sDy1QzspYsUaDg2yH801894O4JHBeTW+1zLp7kodW4xAeRqpk17VObED
ZY3b3CTNgCxaeilPpEqZ5k984qWQ3agZqPjqjFmLDzoaB5cD9UXjDSO4UFHpEGYi
GVHypeet0aIJh8+Gwyv/SdU+vekH/6g9D05RrWJUdPVxoes/4bd+cagh/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpqtCdtURLQFIPfq0O5fgxcr/+MMB8GA1UdIwQY
MBaAFGwZW5vUcAHqtQ/bod4NLT9FJ/Z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8wMTBkM2QtMWJhOC00YTk2LTgyMTIt
OTRhYzhhZjFiZmNmLzEvbW1xMEoyMVJFdEFVZzktclE3bC1ERnl2XzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8wMTBkM2QtMWJhOC00YTk2LTgyMTItOTRhYzhhZjFiZmNm
LzEvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXmMMA0G
CSqGSIb3DQEBCwUAA4IBAQBsMhP0WdMXCrZR+vLsJSoUDtPgaUvYk9MjvtMYrd6O
oZU/DZnR9rhwFxDcgHxEgpN7fXJLt6uJxU+sClzxfjsV+0XTEjFNXPXirNS/rP6R
mohBD058CsNlZflYUHqRu2p0GzJegFIwyT+4s+bgxp5MKBjyIn1/D1OoRdAfSeKS
r09q5HMW2Fs+f0Hz5EHwZCprkdYp2xQTY4xY+mHbWYCvk5kCbccIr2/KuBWFTuC5
5TvYjzYTFMhVbWRGrUqG0RCEzAfLjZJmnsRh3I5+s7mE0ITNf+O40fEBQTw/CSkR
MMmC82Ns67lHD6LrkzKypvVpLKHvZP7ALeBniMaHyQZe
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:34:55 2025 by rpki-client