Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/1SR0qap2haYxI8lOhjEKxGdIwmU.roa
File: 1SR0qap2haYxI8lOhjEKxGdIwmU.roa (raw, json)
Hash identifier: 1qR86xc+H5V/qlLTvi+Mkn2YCciKvKc/rEM13SZ8hlM=
Subject key identifier: D5:24:74:A9:AA:76:85:A6:31:23:C9:4E:86:31:0A:C4:67:48:C2:65
Certificate issuer: /CN=ca47921e4430521a7727888c13bc7b8e104cbdbe
Certificate serial: 019404967E1D35A6690ACF5C672819B044AD
Authority key identifier: CA:47:92:1E:44:30:52:1A:77:27:88:8C:13:BC:7B:8E:10:4C:BD:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ykeSHkQwUhp3J4iME7x7jhBMvb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/1SR0qap2haYxI8lOhjEKxGdIwmU.roa
Signing time: Thu 26 Dec 2024 20:09:18 +0000
ROA not before: Thu 26 Dec 2024 20:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.251.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:04:96:7e:1d:35:a6:69:0a:cf:5c:67:28:19:b0:44:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca47921e4430521a7727888c13bc7b8e104cbdbe
Validity
Not Before: Dec 26 20:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d52474a9aa7685a63123c94e86310ac46748c265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fa:9d:cd:04:67:c9:73:12:3d:18:0c:ae:7d:
00:3a:d9:d0:18:a2:d8:db:93:f0:53:37:5c:a5:d4:
b4:41:75:25:12:cf:ae:2a:2e:86:b0:a7:f5:b5:e9:
1a:22:3c:64:00:05:45:39:12:d3:7c:19:cb:c4:11:
04:21:fe:a2:fe:ab:12:78:fe:04:a1:64:7d:f8:31:
b5:64:9e:d8:c3:bb:b1:e4:23:68:cc:57:00:fd:f9:
be:d6:af:ee:5e:26:b0:33:48:91:1b:ed:ed:64:e1:
26:bc:37:ee:89:b3:e9:1c:eb:12:84:25:2d:db:cc:
02:e3:b0:da:5a:f6:ab:5b:41:00:5d:f0:ee:cd:d7:
f0:6b:6c:5d:15:80:e7:ec:4d:3a:71:b3:cf:d1:5c:
53:40:57:b2:ac:f6:73:6b:50:e3:e1:c9:89:ab:ce:
d3:5d:aa:0d:9a:d0:6e:a4:1c:91:e6:0f:5a:ca:e9:
d4:d6:94:d3:a5:ad:3f:8c:55:38:ca:83:81:c2:0e:
75:c9:3d:ab:10:01:b2:44:e9:cb:ea:67:a4:53:49:
2a:53:ea:6c:96:f6:b0:0c:06:f2:47:54:96:d5:24:
7a:11:e0:39:6e:fb:42:df:dd:23:6e:d8:1f:b6:80:
44:f3:c3:cd:df:04:5e:f7:45:75:ef:b8:a9:1c:11:
bf:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:24:74:A9:AA:76:85:A6:31:23:C9:4E:86:31:0A:C4:67:48:C2:65
X509v3 Authority Key Identifier:
keyid:CA:47:92:1E:44:30:52:1A:77:27:88:8C:13:BC:7B:8E:10:4C:BD:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ykeSHkQwUhp3J4iME7x7jhBMvb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/1SR0qap2haYxI8lOhjEKxGdIwmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/63f1e8-3715-4414-9f3b-83e55c5f6f7d/1/ykeSHkQwUhp3J4iME7x7jhBMvb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.244.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:96:57:bf:dc:e8:21:9c:ab:65:83:71:82:0f:29:58:9f:b0:
3f:44:80:94:23:a7:85:6f:03:70:c0:59:10:47:46:90:76:69:
63:75:b6:b3:ac:d4:5e:27:50:95:5e:22:6d:85:0d:e3:1c:8d:
4c:1a:f1:e5:36:cb:dc:09:75:b5:c6:ea:5a:09:fa:43:d4:2e:
ff:33:bc:5f:d9:e2:ff:8c:1c:e3:47:21:47:aa:6a:f0:df:9d:
b7:5d:73:d9:c1:aa:0e:1a:58:32:f7:ef:29:07:67:04:4a:49:
cf:21:3d:61:37:a1:98:ed:82:84:42:9c:3e:19:53:5e:58:03:
d5:ca:38:2f:6a:5b:00:f4:6b:6d:88:87:bc:58:95:6d:fe:dc:
0b:34:f4:92:91:81:b8:c0:69:f2:20:7a:e4:df:28:d5:41:f2:
d4:61:01:3a:8a:64:d1:c4:65:fe:5c:4a:d4:a8:d5:47:41:37:
a6:f1:e0:51:68:44:bf:cf:bf:4d:94:15:be:24:f5:dc:c2:f7:
fe:9c:c5:2c:77:43:c0:e8:20:f0:e8:76:ca:16:c9:62:37:5e:
ca:ad:b2:21:07:8c:fc:f7:10:9e:f0:c4:ce:75:7a:65:24:5a:
3d:ed:0d:74:71:bb:64:af:d4:99:ac:5b:ec:9b:d9:70:8c:85:
2e:2c:80:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQEln4dNaZpCs9cZygZsEStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNDc5MjFlNDQzMDUyMWE3NzI3ODg4YzEzYmM3YjhlMTA0
Y2JkYmUwHhcNMjQxMjI2MjAwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI0NzRhOWFhNzY4NWE2MzEyM2M5NGU4NjMxMGFjNDY3NDhjMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/qdzQRnyXMSPRgMrn0AOtnQGKLY
25PwUzdcpdS0QXUlEs+uKi6GsKf1tekaIjxkAAVFORLTfBnLxBEEIf6i/qsSeP4E
oWR9+DG1ZJ7Yw7ux5CNozFcA/fm+1q/uXiawM0iRG+3tZOEmvDfuibPpHOsShCUt
28wC47DaWvarW0EAXfDuzdfwa2xdFYDn7E06cbPP0VxTQFeyrPZza1Dj4cmJq87T
XaoNmtBupByR5g9ayunU1pTTpa0/jFU4yoOBwg51yT2rEAGyROnL6mekU0kqU+ps
lvawDAbyR1SW1SR6EeA5bvtC390jbtgftoBE88PN3wRe90V177ipHBG/ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUkdKmqdoWmMSPJToYxCsRnSMJlMB8GA1UdIwQY
MBaAFMpHkh5EMFIadyeIjBO8e44QTL2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWtlU0hrUXdVaHAzSjRpTUU3eDdqaEJNdmI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82M2YxZTgtMzcxNS00NDE0LTlmM2It
ODNlNTVjNWY2ZjdkLzEvMVNSMHFhcDJoYVl4SThsT2hqRUt4R2RJd21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82M2YxZTgtMzcxNS00NDE0LTlmM2ItODNlNTVjNWY2Zjdk
LzEveWtlU0hrUXdVaHAzSjRpTUU3eDdqaEJNdmI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufv0MA0G
CSqGSIb3DQEBCwUAA4IBAQChlle/3OghnKtlg3GCDylYn7A/RICUI6eFbwNwwFkQ
R0aQdmljdbazrNReJ1CVXiJthQ3jHI1MGvHlNsvcCXW1xupaCfpD1C7/M7xf2eL/
jBzjRyFHqmrw3523XXPZwaoOGlgy9+8pB2cESknPIT1hN6GY7YKEQpw+GVNeWAPV
yjgvalsA9GttiIe8WJVt/twLNPSSkYG4wGnyIHrk3yjVQfLUYQE6imTRxGX+XErU
qNVHQTem8eBRaES/z79NlBW+JPXcwvf+nMUsd0PA6CDw6HbKFsliN17KrbIhB4z8
9xCe8MTOdXplJFo97Q10cbtkr9SZrFvsm9lwjIUuLICm
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:50:34 2025 by rpki-client