Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/b-4QJwTP5XtIXyXe8OK0YDdAXL0.roa
File: b-4QJwTP5XtIXyXe8OK0YDdAXL0.roa (raw, json)
Hash identifier: mwpkP+kBSuY+UpHNMxwsRT9VVyzT8dgUfVeH6Qj/oSU=
Subject key identifier: 6F:EE:10:27:04:CF:E5:7B:48:5F:25:DE:F0:E2:B4:60:37:40:5C:BD
Certificate issuer: /CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Certificate serial: 019408022AF6F7E6EE3E856E95CD9D171FA6
Authority key identifier: C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/b-4QJwTP5XtIXyXe8OK0YDdAXL0.roa
Signing time: Fri 27 Dec 2024 12:05:47 +0000
ROA not before: Fri 27 Dec 2024 12:05:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51683
IP address blocks: 185.9.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:02:2a:f6:f7:e6:ee:3e:85:6e:95:cd:9d:17:1f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Validity
Not Before: Dec 27 12:05:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fee102704cfe57b485f25def0e2b46037405cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c2:3c:0b:d4:ce:e2:7d:0b:1e:9d:ad:ba:a3:
27:e6:6a:49:e6:96:11:8e:ca:9e:59:89:ab:31:57:
ea:eb:6a:2a:2f:64:e4:0b:be:76:55:e2:9b:71:73:
2c:71:88:1f:0c:2b:72:61:70:4a:79:c9:14:ad:04:
57:40:6e:b1:7e:1b:bf:f5:3f:f6:ae:9b:9e:4b:17:
69:0d:84:d5:8e:4e:4b:5a:a0:f9:60:e1:1c:ef:52:
4c:b2:7f:df:2f:a3:85:d3:4a:6a:8e:fc:cb:6b:39:
23:52:64:a6:21:50:a0:8a:62:6d:7b:eb:5f:9f:10:
69:02:5e:f4:ac:0e:09:4f:c9:44:66:5e:8f:40:9c:
63:27:bc:28:96:2f:e3:81:b9:4d:c5:1e:f3:c5:e0:
f1:04:a2:19:26:54:7b:d7:68:be:8c:2c:56:45:8c:
83:d7:54:75:9b:39:6b:8f:34:6f:ec:89:43:b9:75:
fb:19:3f:71:a6:6f:8d:f5:e2:d9:ff:b5:15:57:f3:
48:d0:76:36:10:0f:3d:fd:6e:1e:75:b1:c2:2a:11:
78:ad:cc:28:3c:5d:2a:83:62:35:0c:85:cf:dd:48:
5f:32:89:a8:50:62:cd:e8:52:c3:1b:7d:ea:74:8b:
7b:e8:aa:a6:e1:a1:8d:fc:b2:55:fe:70:52:17:0e:
e8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EE:10:27:04:CF:E5:7B:48:5F:25:DE:F0:E2:B4:60:37:40:5C:BD
X509v3 Authority Key Identifier:
keyid:C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/b-4QJwTP5XtIXyXe8OK0YDdAXL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:55:69:6d:55:c6:88:3c:ed:92:0d:b4:8b:83:6c:a9:e5:fe:
d9:ef:3e:21:2a:94:06:01:e5:e2:11:75:39:a0:ba:90:f0:3a:
37:b8:21:e4:56:7d:ff:b3:8c:54:38:6a:a5:91:61:54:3b:54:
f2:cd:66:54:11:7e:f2:68:03:a6:ae:a0:fe:65:0a:9a:12:1a:
35:9c:55:1e:c5:36:15:fe:81:5d:0e:d4:d7:23:a3:79:48:54:
ed:af:4b:49:db:82:fa:a9:f7:ac:b6:e0:d2:8d:a6:b9:b5:14:
6e:06:53:d3:55:53:9e:9d:29:a5:72:33:05:5b:a0:d4:7f:23:
ba:ca:82:f3:cf:1b:4b:45:55:10:3b:29:ea:bc:a9:c9:0d:3e:
c1:51:72:57:15:39:c5:87:fe:0a:21:82:b7:d7:0d:65:12:d0:
cb:1e:0d:73:76:c0:13:e5:da:04:a8:94:2b:78:af:ec:ce:ae:
68:43:2c:a4:be:dd:2b:db:68:2e:e7:28:79:c6:1c:54:ad:02:
69:65:e4:fa:8a:e5:46:b0:ec:69:99:f9:a6:67:27:25:ca:c0:
f8:3e:43:ff:41:b6:e3:ba:0e:e0:fc:7d:03:7d:e5:63:28:42:
a9:f6:ea:6d:06:a2:76:71:5d:79:f6:4c:0d:93:dd:84:3c:57:
dc:6d:3b:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQIAir29+buPoVulc2dFx+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOWJjMzBhNzQ4OTYwYjIyN2ExYmYyNjIxNjA2N2VkZDA1
YzFhN2QwHhcNMjQxMjI3MTIwNTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVlMTAyNzA0Y2ZlNTdiNDg1ZjI1ZGVmMGUyYjQ2MDM3NDA1Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3cI8C9TO4n0LHp2tuqMn5mpJ5pYR
jsqeWYmrMVfq62oqL2TkC752VeKbcXMscYgfDCtyYXBKeckUrQRXQG6xfhu/9T/2
rpueSxdpDYTVjk5LWqD5YOEc71JMsn/fL6OF00pqjvzLazkjUmSmIVCgimJte+tf
nxBpAl70rA4JT8lEZl6PQJxjJ7woli/jgblNxR7zxeDxBKIZJlR712i+jCxWRYyD
11R1mzlrjzRv7IlDuXX7GT9xpm+N9eLZ/7UVV/NI0HY2EA89/W4edbHCKhF4rcwo
PF0qg2I1DIXP3UhfMomoUGLN6FLDG33qdIt76Kqm4aGN/LJV/nBSFw7otwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/uECcEz+V7SF8l3vDitGA3QFy9MB8GA1UdIwQY
MBaAFMObwwp0iWCyJ6G/JiFgZ+3QXBp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgt
OTIwOWY3YjdlZjgxLzEvYi00UUp3VFA1WHRJWHlYZThPSzBZRGRBWEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgtOTIwOWY3YjdlZjgx
LzEvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQmKMA0G
CSqGSIb3DQEBCwUAA4IBAQArVWltVcaIPO2SDbSLg2yp5f7Z7z4hKpQGAeXiEXU5
oLqQ8Do3uCHkVn3/s4xUOGqlkWFUO1TyzWZUEX7yaAOmrqD+ZQqaEho1nFUexTYV
/oFdDtTXI6N5SFTtr0tJ24L6qfestuDSjaa5tRRuBlPTVVOenSmlcjMFW6DUfyO6
yoLzzxtLRVUQOynqvKnJDT7BUXJXFTnFh/4KIYK31w1lEtDLHg1zdsAT5doEqJQr
eK/szq5oQyykvt0r22gu5yh5xhxUrQJpZeT6iuVGsOxpmfmmZyclysD4PkP/Qbbj
ug7g/H0DfeVjKEKp9uptBqJ2cV159kwNk92EPFfcbTs5
-----END CERTIFICATE-----
Generated at Mon May 12 17:13:45 2025 by rpki-client