Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/2oLmZrtPPtsY4DVjAPzilcJZYbM.roa
File: 2oLmZrtPPtsY4DVjAPzilcJZYbM.roa (raw, json)
Hash identifier: Wpi7Vo2MbWUQhDo/CU+SZnPZkYHeQJLpfAYVmB8Jg/I=
Subject key identifier: DA:82:E6:66:BB:4F:3E:DB:18:E0:35:63:00:FC:E2:95:C2:59:61:B3
Certificate issuer: /CN=fc83525d142fbf4b94b3d169445365c66ddfddfd
Certificate serial: 0194219596C45D2357545EDCAAB8F71AAB37
Authority key identifier: FC:83:52:5D:14:2F:BF:4B:94:B3:D1:69:44:53:65:C6:6D:DF:DD:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_INSXRQvv0uUs9FpRFNlxm3f3f0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/2oLmZrtPPtsY4DVjAPzilcJZYbM.roa
Signing time: Wed 01 Jan 2025 11:17:19 +0000
ROA not before: Wed 01 Jan 2025 11:17:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47603
IP address blocks: 185.84.226.0/24 maxlen: 27
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:95:96:c4:5d:23:57:54:5e:dc:aa:b8:f7:1a:ab:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc83525d142fbf4b94b3d169445365c66ddfddfd
Validity
Not Before: Jan 1 11:17:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da82e666bb4f3edb18e0356300fce295c25961b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c1:cd:47:24:58:f6:3e:56:7b:7b:4a:cd:4d:
9c:55:23:39:74:08:46:e9:ef:95:88:a5:6b:c3:58:
fb:cf:49:37:47:34:e1:62:91:0a:d3:87:6d:9a:82:
da:bf:b0:1b:45:4a:76:1a:40:0e:e4:5c:1c:f2:d1:
86:61:c6:e2:f7:79:91:03:77:d5:85:86:ec:88:a0:
40:1d:ae:27:5a:c1:73:02:2c:e7:7a:10:dd:61:10:
fe:b3:60:f0:e1:3b:0d:75:2e:5b:42:c0:a6:5d:e1:
04:ca:ae:a1:b6:04:35:1f:6f:74:f4:65:8c:43:79:
6d:5f:14:8c:22:73:cc:24:d0:53:ae:5f:6c:45:52:
13:17:b4:d0:53:1e:b3:1f:02:75:1c:0e:64:d0:a1:
cb:1f:24:6d:4b:1e:bb:00:38:5a:e5:ef:da:fb:86:
b1:3e:4f:02:ba:b9:c8:73:cf:97:2b:a7:b0:a5:6a:
ac:45:51:da:13:29:65:f0:25:7a:fd:8b:9d:f1:11:
7a:e8:ea:c0:ec:ab:dd:d1:6a:39:8a:21:d6:2a:dc:
90:1e:24:e6:d9:4a:cf:33:dd:f9:36:d8:f3:f8:69:
f3:21:a6:c4:62:14:7b:e1:88:df:ff:cf:55:ee:20:
0a:f3:8f:26:df:c9:a7:e0:f5:00:4f:30:8b:43:4a:
1b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:82:E6:66:BB:4F:3E:DB:18:E0:35:63:00:FC:E2:95:C2:59:61:B3
X509v3 Authority Key Identifier:
keyid:FC:83:52:5D:14:2F:BF:4B:94:B3:D1:69:44:53:65:C6:6D:DF:DD:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_INSXRQvv0uUs9FpRFNlxm3f3f0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/2oLmZrtPPtsY4DVjAPzilcJZYbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/854e86-51bb-458c-a014-6923a7e61a6b/1/_INSXRQvv0uUs9FpRFNlxm3f3f0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.226.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:75:f3:2a:02:7c:f3:7b:91:d0:db:73:8b:2e:bf:1b:ae:e6:
91:4e:49:07:25:5d:54:7c:50:0b:9b:5e:69:20:1e:2e:9e:87:
dd:51:92:0a:29:a4:d7:fb:92:c2:5c:d3:f9:c7:a9:99:7e:62:
cc:99:0b:2c:a7:27:56:f3:e1:eb:a3:9e:b1:0e:bb:05:18:68:
6d:c3:50:73:71:34:9b:f8:60:63:ca:12:93:33:52:74:e5:53:
4a:c1:b8:78:e6:f4:7d:88:f2:6f:53:34:c4:64:1d:c8:6c:ae:
69:c7:3a:54:9d:df:31:c4:37:a8:3d:9c:c6:b0:ee:bb:1f:a2:
7b:e4:0c:19:43:b6:c8:d2:27:98:aa:5d:c4:2d:39:76:bc:cb:
a0:03:7c:2a:57:ae:99:ac:78:33:cc:56:19:fb:50:c0:03:b7:
0b:ce:78:8b:a3:70:4e:66:32:d1:c6:76:2a:a2:1c:1a:42:aa:
41:f9:9d:66:0e:ad:28:95:c0:3a:be:8b:71:f9:e2:a3:a6:d5:
9a:f0:6a:56:9b:6f:85:94:b3:21:c5:c6:ed:4c:d2:42:21:98:
f4:6e:d3:a5:44:0e:4c:fc:d3:1c:7b:21:48:93:df:0b:b1:88:
2f:ec:cb:cd:a8:20:25:2c:9d:be:78:75:78:53:0c:22:8d:de:
bb:e2:0f:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhlZbEXSNXVF7cqrj3Gqs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjODM1MjVkMTQyZmJmNGI5NGIzZDE2OTQ0NTM2NWM2NmRk
ZmRkZmQwHhcNMjUwMTAxMTExNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTgyZTY2NmJiNGYzZWRiMThlMDM1NjMwMGZjZTI5NWMyNTk2MWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98HNRyRY9j5We3tKzU2cVSM5dAhG
6e+ViKVrw1j7z0k3RzThYpEK04dtmoLav7AbRUp2GkAO5Fwc8tGGYcbi93mRA3fV
hYbsiKBAHa4nWsFzAiznehDdYRD+s2Dw4TsNdS5bQsCmXeEEyq6htgQ1H2909GWM
Q3ltXxSMInPMJNBTrl9sRVITF7TQUx6zHwJ1HA5k0KHLHyRtSx67ADha5e/a+4ax
Pk8CurnIc8+XK6ewpWqsRVHaEyll8CV6/Yud8RF66OrA7Kvd0Wo5iiHWKtyQHiTm
2UrPM935Ntjz+GnzIabEYhR74Yjf/89V7iAK848m38mn4PUATzCLQ0obIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqC5ma7Tz7bGOA1YwD84pXCWWGzMB8GA1UdIwQY
MBaAFPyDUl0UL79LlLPRaURTZcZt3939MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0lOU1hSUXZ2MHVVczlGcFJGTmx4bTNmM2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC84NTRlODYtNTFiYi00NThjLWEwMTQt
NjkyM2E3ZTYxYTZiLzEvMm9MbVpydFBQdHNZNERWakFQemlsY0paWWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC84NTRlODYtNTFiYi00NThjLWEwMTQtNjkyM2E3ZTYxYTZi
LzEvX0lOU1hSUXZ2MHVVczlGcFJGTmx4bTNmM2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVTiMA0G
CSqGSIb3DQEBCwUAA4IBAQAvdfMqAnzze5HQ23OLLr8bruaRTkkHJV1UfFALm15p
IB4unofdUZIKKaTX+5LCXNP5x6mZfmLMmQsspydW8+Hro56xDrsFGGhtw1BzcTSb
+GBjyhKTM1J05VNKwbh45vR9iPJvUzTEZB3IbK5pxzpUnd8xxDeoPZzGsO67H6J7
5AwZQ7bI0ieYql3ELTl2vMugA3wqV66ZrHgzzFYZ+1DAA7cLzniLo3BOZjLRxnYq
ohwaQqpB+Z1mDq0olcA6votx+eKjptWa8GpWm2+FlLMhxcbtTNJCIZj0btOlRA5M
/NMceyFIk98LsYgv7MvNqCAlLJ2+eHV4Uwwijd674g+T
-----END CERTIFICATE-----
Generated at Sun May 11 00:42:44 2025 by rpki-client