Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/2sFgbXZBNEBLWSxVl7KzzTfq0xI.roa
File: 2sFgbXZBNEBLWSxVl7KzzTfq0xI.roa (raw, json)
Hash identifier: 3KPdSZFnyDgJqwk+xU0zgQOyGiY2vza5I4U96+f0XyI=
Subject key identifier: DA:C1:60:6D:76:41:34:40:4B:59:2C:55:97:B2:B3:CD:37:EA:D3:12
Certificate issuer: /CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Certificate serial: 0194274732FAE4B83760D87CEF47F1B5004D
Authority key identifier: C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/2sFgbXZBNEBLWSxVl7KzzTfq0xI.roa
Signing time: Thu 02 Jan 2025 13:49:24 +0000
ROA not before: Thu 02 Jan 2025 13:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51683
IP address blocks: 185.9.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 09:29:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:32:fa:e4:b8:37:60:d8:7c:ef:47:f1:b5:00:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Validity
Not Before: Jan 2 13:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dac1606d764134404b592c5597b2b3cd37ead312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:07:16:77:58:60:e5:38:27:45:c4:fe:93:f6:
ab:ec:e1:63:97:3e:a6:77:d2:ee:10:28:76:df:cd:
fb:7b:e7:7c:b4:81:cc:20:81:7e:6a:22:9a:3a:92:
75:74:30:2f:8f:bd:c4:be:3e:d2:bf:07:52:98:4f:
e7:11:03:34:b3:4c:53:f8:91:e7:d0:b1:88:f3:24:
66:71:1f:73:84:eb:33:e7:95:c0:41:c6:e1:e9:58:
81:3b:e4:97:a3:53:7f:07:21:42:63:21:96:da:3b:
da:58:c2:ec:2c:05:00:ea:05:52:b9:4d:26:27:8d:
77:7a:69:68:cb:91:82:7f:c3:b2:da:0d:9d:e5:01:
b1:41:55:7f:dd:23:ce:9b:2a:26:80:71:26:8c:08:
ba:95:a0:8a:20:48:da:61:5e:f6:49:17:cc:52:12:
fc:b1:04:2f:59:2e:79:eb:99:5e:9a:a2:f0:d7:bb:
fe:6b:f0:18:a3:cc:b8:e6:43:29:0f:e7:be:00:ac:
1d:98:9c:21:2a:67:df:12:bd:7a:5d:da:6a:0e:06:
60:2b:21:67:b5:29:f3:f6:b5:d3:22:61:17:78:85:
ae:2a:49:c4:a2:83:c0:f8:3e:1d:c3:4d:61:b4:e0:
37:f8:7c:da:be:c5:6c:f9:75:74:62:2b:d5:31:7f:
09:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C1:60:6D:76:41:34:40:4B:59:2C:55:97:B2:B3:CD:37:EA:D3:12
X509v3 Authority Key Identifier:
keyid:C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/2sFgbXZBNEBLWSxVl7KzzTfq0xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.138.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e5:d3:7a:f1:55:eb:2e:f5:56:22:cb:32:dc:a9:cd:d8:13:
5b:59:65:a7:7d:1a:e6:da:d2:c7:88:57:e1:60:0e:f0:24:ae:
64:3b:8d:1e:d0:c3:e7:e7:5e:00:d6:ce:09:ca:c4:5d:7c:bd:
89:a4:ce:94:13:15:18:29:76:95:3d:f5:61:b6:39:45:d1:a3:
16:c1:ef:9c:fa:db:12:33:2f:08:bc:48:4f:83:e6:a9:fe:54:
c1:f9:6c:7d:9b:a1:41:9b:7f:b0:0c:7f:84:0e:01:77:85:b8:
a1:74:e5:02:f3:5f:cb:dd:90:dd:10:a4:10:34:af:4e:c2:35:
e7:78:1e:5d:02:fd:95:c7:8f:f7:c4:48:dc:57:52:63:c1:6a:
07:da:d0:2a:16:eb:83:4f:27:90:54:89:e7:e9:37:bc:10:b9:
4b:39:67:96:d1:68:fe:e8:d6:39:50:e4:32:b8:a7:81:fe:ba:
4e:73:a1:a9:fe:e1:95:da:fe:56:87:b7:b1:81:b9:71:40:c0:
90:69:39:40:51:36:8d:ca:04:6c:ed:52:74:4a:3e:32:26:bc:
9a:7f:a6:8f:ec:2d:9b:7a:14:39:4d:01:1a:b7:54:34:2f:2c:
e6:5e:a6:fc:c7:fd:93:f3:02:bd:8e:01:91:cd:72:38:d5:c2:
92:d3:20:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRzL65Lg3YNh870fxtQBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOWJjMzBhNzQ4OTYwYjIyN2ExYmYyNjIxNjA2N2VkZDA1
YzFhN2QwHhcNMjUwMTAyMTM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMxNjA2ZDc2NDEzNDQwNGI1OTJjNTU5N2IyYjNjZDM3ZWFkMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwcWd1hg5TgnRcT+k/ar7OFjlz6m
d9LuECh23837e+d8tIHMIIF+aiKaOpJ1dDAvj73Evj7SvwdSmE/nEQM0s0xT+JHn
0LGI8yRmcR9zhOsz55XAQcbh6ViBO+SXo1N/ByFCYyGW2jvaWMLsLAUA6gVSuU0m
J413emloy5GCf8Oy2g2d5QGxQVV/3SPOmyomgHEmjAi6laCKIEjaYV72SRfMUhL8
sQQvWS5565lemqLw17v+a/AYo8y45kMpD+e+AKwdmJwhKmffEr16XdpqDgZgKyFn
tSnz9rXTImEXeIWuKknEooPA+D4dw01htOA3+HzavsVs+XV0YivVMX8J0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrBYG12QTRAS1ksVZeys8036tMSMB8GA1UdIwQY
MBaAFMObwwp0iWCyJ6G/JiFgZ+3QXBp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgt
OTIwOWY3YjdlZjgxLzEvMnNGZ2JYWkJORUJMV1N4Vmw3S3p6VGZxMHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgtOTIwOWY3YjdlZjgx
LzEvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQmKMA0G
CSqGSIb3DQEBCwUAA4IBAQBN5dN68VXrLvVWIssy3KnN2BNbWWWnfRrm2tLHiFfh
YA7wJK5kO40e0MPn514A1s4JysRdfL2JpM6UExUYKXaVPfVhtjlF0aMWwe+c+tsS
My8IvEhPg+ap/lTB+Wx9m6FBm3+wDH+EDgF3hbihdOUC81/L3ZDdEKQQNK9OwjXn
eB5dAv2Vx4/3xEjcV1JjwWoH2tAqFuuDTyeQVInn6Te8ELlLOWeW0Wj+6NY5UOQy
uKeB/rpOc6Gp/uGV2v5Wh7exgblxQMCQaTlAUTaNygRs7VJ0Sj4yJryaf6aP7C2b
ehQ5TQEat1Q0LyzmXqb8x/2T8wK9jgGRzXI41cKS0yAQ
-----END CERTIFICATE-----
Generated at Mon May 12 17:24:18 2025 by rpki-client