Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/0m9Tl2KxxdugoY8slL_I6t7dh7M.roa
File: 0m9Tl2KxxdugoY8slL_I6t7dh7M.roa (raw, json)
Hash identifier: MmAiieCZpiGpJCvJbIGBO6rNdHyAUGq9lEn0mpZD9y0=
Subject key identifier: D2:6F:53:97:62:B1:C5:DB:A0:A1:8F:2C:94:BF:C8:EA:DE:DD:87:B3
Certificate issuer: /CN=64757185472f16d53eeb68a140e3513fa31c31d8
Certificate serial: 0195B7DAE152597EDF700E97938876B09A25
Authority key identifier: 64:75:71:85:47:2F:16:D5:3E:EB:68:A1:40:E3:51:3F:A3:1C:31:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHVxhUcvFtU-62ihQONRP6McMdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/0m9Tl2KxxdugoY8slL_I6t7dh7M.roa
Signing time: Fri 21 Mar 2025 08:38:49 +0000
ROA not before: Fri 21 Mar 2025 08:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39010
IP address blocks: 185.70.224.0/24 maxlen: 24
185.70.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 08:43:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b7:da:e1:52:59:7e:df:70:0e:97:93:88:76:b0:9a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64757185472f16d53eeb68a140e3513fa31c31d8
Validity
Not Before: Mar 21 08:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d26f539762b1c5dba0a18f2c94bfc8eadedd87b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f1:ca:37:9d:63:59:d8:70:08:3e:29:5b:20:
6a:16:88:db:fd:73:ae:09:fb:a4:24:a6:bb:7e:a9:
72:cd:c8:b4:fe:76:df:2b:d2:aa:30:26:66:0a:6e:
d6:ec:0c:9c:0c:ff:08:11:9a:9e:38:a1:5b:74:09:
39:a7:f1:55:f1:c0:bc:18:9e:7c:da:30:5d:11:89:
ff:22:7b:18:03:fb:9c:16:a7:ff:21:6e:51:88:1f:
81:cf:e0:57:41:aa:ac:e3:da:13:0b:e0:5f:17:7d:
8f:3f:0b:5f:44:e6:02:89:9c:f4:0e:14:60:71:14:
0c:ec:f9:28:fc:9b:1c:2c:82:b2:43:1f:3e:78:82:
2e:e6:0e:29:15:cb:98:72:b3:7f:5e:27:ee:96:7f:
aa:ac:17:2f:96:b8:0f:ec:a5:35:5a:80:54:46:72:
12:07:7f:50:93:30:d1:fc:61:c1:fe:e1:f4:a2:20:
6d:bf:0c:ff:5a:ce:61:7e:64:27:8e:cc:4e:ea:37:
0d:64:8a:ac:55:fb:fa:58:fb:c0:c3:e2:93:53:77:
6b:8b:8b:45:33:e6:37:61:06:98:80:c7:48:de:c2:
2e:2d:a3:53:09:f5:17:d0:d9:dd:2e:4d:6f:40:95:
de:76:17:68:9d:0b:48:9c:7d:71:f3:1c:d4:91:cb:
5b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6F:53:97:62:B1:C5:DB:A0:A1:8F:2C:94:BF:C8:EA:DE:DD:87:B3
X509v3 Authority Key Identifier:
keyid:64:75:71:85:47:2F:16:D5:3E:EB:68:A1:40:E3:51:3F:A3:1C:31:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHVxhUcvFtU-62ihQONRP6McMdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/0m9Tl2KxxdugoY8slL_I6t7dh7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/121447-d2c8-4ca8-96c7-81d10073dee4/1/ZHVxhUcvFtU-62ihQONRP6McMdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.224.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:5e:d7:0a:6d:eb:d7:dc:8d:74:47:4e:80:5f:17:97:a1:ac:
d4:06:85:e0:38:66:fb:e9:77:63:dd:11:1f:c2:49:ce:ac:31:
54:9c:10:4b:af:82:22:d8:d6:be:3e:5e:2e:e6:97:61:8f:28:
c2:a3:00:a6:e9:9d:07:93:8c:31:2b:f8:02:5b:1f:42:0c:ae:
96:b9:42:3f:f8:d1:af:e1:c4:1c:f7:94:f2:3a:f3:90:28:07:
9f:d5:cf:7a:d3:44:b6:72:0e:66:44:7d:1e:cd:71:d8:0d:5e:
4c:08:16:d7:9d:9c:2e:6d:40:1b:1e:84:99:59:92:4f:28:d7:
f4:77:71:e6:03:96:e7:ef:de:dd:2d:3a:ce:27:99:18:30:41:
65:1b:87:30:ea:15:b2:7f:c5:03:df:52:96:01:68:20:bf:22:
0c:37:ab:a5:2c:f5:dc:c3:c3:3a:25:f0:f6:87:19:30:39:15:
45:8f:c3:c0:40:cf:ad:9b:62:d5:32:99:a3:7c:4a:34:1f:99:
cb:26:a1:2f:43:7d:7c:2f:31:c3:9a:27:b4:8c:78:94:66:5e:
81:67:47:47:46:ff:b8:10:10:a7:58:89:c0:98:59:85:0b:43:
ae:ee:c9:eb:6d:18:e2:7d:0e:06:53:dc:60:50:76:dd:81:de:
b9:57:a5:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW32uFSWX7fcA6Xk4h2sJolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NzU3MTg1NDcyZjE2ZDUzZWViNjhhMTQwZTM1MTNmYTMx
YzMxZDgwHhcNMjUwMzIxMDgzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZmNTM5NzYyYjFjNWRiYTBhMThmMmM5NGJmYzhlYWRlZGQ4N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/HKN51jWdhwCD4pWyBqFojb/XOu
CfukJKa7fqlyzci0/nbfK9KqMCZmCm7W7AycDP8IEZqeOKFbdAk5p/FV8cC8GJ58
2jBdEYn/InsYA/ucFqf/IW5RiB+Bz+BXQaqs49oTC+BfF32PPwtfROYCiZz0DhRg
cRQM7Pko/JscLIKyQx8+eIIu5g4pFcuYcrN/Xifuln+qrBcvlrgP7KU1WoBURnIS
B39QkzDR/GHB/uH0oiBtvwz/Ws5hfmQnjsxO6jcNZIqsVfv6WPvAw+KTU3dri4tF
M+Y3YQaYgMdI3sIuLaNTCfUX0NndLk1vQJXedhdonQtInH1x8xzUkctboQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJvU5discXboKGPLJS/yOre3YezMB8GA1UdIwQY
MBaAFGR1cYVHLxbVPutooUDjUT+jHDHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkhWeGhVY3ZGdFUtNjJpaFFPTlJQNk1jTWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xMjE0NDctZDJjOC00Y2E4LTk2Yzct
ODFkMTAwNzNkZWU0LzEvMG05VGwyS3h4ZHVnb1k4c2xMX0k2dDdkaDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xMjE0NDctZDJjOC00Y2E4LTk2YzctODFkMTAwNzNkZWU0
LzEvWkhWeGhVY3ZGdFUtNjJpaFFPTlJQNk1jTWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUbgMA0G
CSqGSIb3DQEBCwUAA4IBAQC0XtcKbevX3I10R06AXxeXoazUBoXgOGb76Xdj3REf
wknOrDFUnBBLr4Ii2Na+Pl4u5pdhjyjCowCm6Z0Hk4wxK/gCWx9CDK6WuUI/+NGv
4cQc95TyOvOQKAef1c9600S2cg5mRH0ezXHYDV5MCBbXnZwubUAbHoSZWZJPKNf0
d3HmA5bn797dLTrOJ5kYMEFlG4cw6hWyf8UD31KWAWggvyIMN6ulLPXcw8M6JfD2
hxkwORVFj8PAQM+tm2LVMpmjfEo0H5nLJqEvQ318LzHDmie0jHiUZl6BZ0dHRv+4
EBCnWInAmFmFC0Ou7snrbRjifQ4GU9xgUHbdgd65V6VW
-----END CERTIFICATE-----
Generated at Sat May 10 16:05:14 2025 by rpki-client