Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/DDjF6w4qjiPs_tmZoRLHwVDWUmI.roa
File: DDjF6w4qjiPs_tmZoRLHwVDWUmI.roa (raw, json)
Hash identifier: m7gzc2M4r6Z6mGK7ZH/cy7ex2ytSGwEWU11Qs7wNHMg=
Subject key identifier: 0C:38:C5:EB:0E:2A:8E:23:EC:FE:D9:99:A1:12:C7:C1:50:D6:52:62
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 01966C3AFA46C62E2A4BAC07126B1E8228DB
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/DDjF6w4qjiPs_tmZoRLHwVDWUmI.roa
Signing time: Fri 25 Apr 2025 09:15:26 +0000
ROA not before: Fri 25 Apr 2025 09:15:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15693
IP address blocks: 185.29.60.0/24 maxlen: 24
2a01:8800::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 25 Apr 2025 12:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:3a:fa:46:c6:2e:2a:4b:ac:07:12:6b:1e:82:28:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Apr 25 09:15:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c38c5eb0e2a8e23ecfed999a112c7c150d65262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6c:6f:af:1c:d5:df:66:8f:21:18:93:cd:cb:
b4:43:d8:08:6b:e2:e6:4b:56:3e:1e:ef:18:79:52:
a7:3e:4f:8c:a5:59:51:a9:e6:26:43:cf:5a:d6:e3:
ee:3c:8c:5c:94:65:81:04:e1:21:d3:0d:a5:22:dd:
99:ee:ee:29:e5:9b:cf:c6:bb:dc:a5:23:85:65:4b:
65:aa:9d:98:7f:f8:64:cb:16:7e:62:91:fc:21:e2:
08:e8:9d:92:e2:00:ce:0b:7f:58:a2:b5:8b:2c:12:
5c:14:c2:7b:39:a2:4c:3f:ce:1b:1b:2b:7c:e4:4b:
f2:bc:d7:a3:3a:e3:a6:d7:2f:72:6e:6d:65:7d:65:
10:75:f3:47:f7:a4:b2:92:28:eb:25:d4:57:6e:4c:
ff:cb:49:6a:de:3f:e9:40:e3:ee:b4:fd:2a:13:9f:
6e:df:e2:58:00:4a:65:26:ff:6b:75:ee:de:b8:19:
5c:73:21:c8:b6:5a:81:46:9c:75:5d:68:f5:a0:d2:
39:95:df:14:56:9c:88:1d:ee:38:01:cc:5f:e2:b2:
76:ac:83:76:50:57:46:7b:a2:f0:d4:b7:37:a0:fc:
a4:10:aa:3f:39:aa:69:4b:f8:ff:1c:b9:8a:55:82:
55:77:44:7b:b3:60:53:c2:5f:b0:93:2c:8b:2e:3d:
fd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:38:C5:EB:0E:2A:8E:23:EC:FE:D9:99:A1:12:C7:C1:50:D6:52:62
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/DDjF6w4qjiPs_tmZoRLHwVDWUmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.60.0/24
IPv6:
2a01:8800::/29
Signature Algorithm: sha256WithRSAEncryption
b5:38:a4:f6:87:42:a0:ea:19:af:64:7d:b0:af:ec:29:94:5d:
fb:75:47:fa:3e:8f:4f:ba:d9:4b:94:8a:ab:c8:be:78:3e:6e:
a5:31:83:a7:1a:10:0c:1e:ba:5d:29:50:6c:54:fc:75:0b:33:
10:a3:ad:01:ca:83:14:e6:13:eb:ca:4a:a4:ab:e7:c9:06:8a:
60:52:63:d1:b0:e1:28:7b:e5:e5:83:30:71:3c:9e:12:ee:f9:
f9:3c:b6:e0:4e:38:43:ea:7f:27:39:26:b0:79:86:90:95:44:
0e:cc:5a:bd:54:45:60:df:cd:2e:ad:14:0a:f7:4b:b3:46:69:
79:59:d7:3c:6d:89:56:c7:a9:e7:35:58:ac:2c:60:d9:46:61:
1e:94:cf:37:df:8b:68:a7:f4:3d:d3:20:74:3b:f3:0a:50:66:
19:a3:16:2e:44:7b:6f:c8:40:08:98:cb:49:55:5c:db:9b:25:
58:34:78:be:0b:0a:02:08:5d:2c:a8:54:2b:9d:f7:50:8c:8f:
6c:0b:50:8c:5b:96:45:0c:1e:0d:16:46:81:52:b4:19:ce:39:
9f:ed:27:fb:e7:28:82:41:d5:3d:fa:e6:b7:bf:ca:53:56:c1:
e2:10:a5:ff:9f:f7:0b:15:d0:5f:56:ed:93:f6:0d:78:51:09:
4f:6d:ac:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZsOvpGxi4qS6wHEmsegijbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3
Y2EyOGUwHhcNMjUwNDI1MDkxNTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzM4YzVlYjBlMmE4ZTIzZWNmZWQ5OTlhMTEyYzdjMTUwZDY1MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmxvrxzV32aPIRiTzcu0Q9gIa+Lm
S1Y+Hu8YeVKnPk+MpVlRqeYmQ89a1uPuPIxclGWBBOEh0w2lIt2Z7u4p5ZvPxrvc
pSOFZUtlqp2Yf/hkyxZ+YpH8IeII6J2S4gDOC39YorWLLBJcFMJ7OaJMP84bGyt8
5EvyvNejOuOm1y9ybm1lfWUQdfNH96SykijrJdRXbkz/y0lq3j/pQOPutP0qE59u
3+JYAEplJv9rde7euBlccyHItlqBRpx1XWj1oNI5ld8UVpyIHe44Acxf4rJ2rIN2
UFdGe6Lw1Lc3oPykEKo/OappS/j/HLmKVYJVd0R7s2BTwl+wkyyLLj39yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAw4xesOKo4j7P7ZmaESx8FQ1lJiMB8GA1UdIwQY
MBaAFPjdeuEtKjfyGqxvgbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNm
LTJiNGEzNTM4YzVlMy8xL0REakY2dzRxamlQc190bVpvUkxId1ZEV1VtSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVl
My8xLzEtTjE2NFMwcU5fSWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAC5HTww
DQQCAAIwBwMFAyoBiAAwDQYJKoZIhvcNAQELBQADggEBALU4pPaHQqDqGa9kfbCv
7CmUXft1R/o+j0+62UuUiqvIvng+bqUxg6caEAweul0pUGxU/HULMxCjrQHKgxTm
E+vKSqSr58kGimBSY9Gw4Sh75eWDMHE8nhLu+fk8tuBOOEPqfyc5JrB5hpCVRA7M
Wr1URWDfzS6tFAr3S7NGaXlZ1zxtiVbHqec1WKwsYNlGYR6Uzzffi2in9D3TIHQ7
8wpQZhmjFi5Ee2/IQAiYy0lVXNubJVg0eL4LCgIIXSyoVCud91CMj2wLUIxblkUM
Hg0WRoFStBnOOZ/tJ/vnKIJB1T365re/ylNWweIQpf+f9wsV0F9W7ZP2DXhRCU9t
rKE=
-----END CERTIFICATE-----
Generated at Sun May 11 13:43:40 2025 by rpki-client