Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/AThUA0zyTaIx5Et5HrMBK81_Ej4.roa
File: AThUA0zyTaIx5Et5HrMBK81_Ej4.roa (raw, json)
Hash identifier: gSzeBkdKxSStydiEYSIM2J5OFmWrvBgLzofjqK+a07Y=
Subject key identifier: 01:38:54:03:4C:F2:4D:A2:31:E4:4B:79:1E:B3:01:2B:CD:7F:12:3E
Certificate issuer: /CN=3f0a287bea92588fc5dae4f93fb25628f32d196d
Certificate serial: 01941F8C5D0ABE3A6C8105C97EFC3E5025C2
Authority key identifier: 3F:0A:28:7B:EA:92:58:8F:C5:DA:E4:F9:3F:B2:56:28:F3:2D:19:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/AThUA0zyTaIx5Et5HrMBK81_Ej4.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.12.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 12:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5d:0a:be:3a:6c:81:05:c9:7e:fc:3e:50:25:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f0a287bea92588fc5dae4f93fb25628f32d196d
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=013854034cf24da231e44b791eb3012bcd7f123e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bc:d0:84:fc:08:ed:29:34:2b:b3:ef:6a:c3:
ac:3e:d3:e4:77:a7:c0:fc:f8:4b:a1:d1:10:02:e4:
83:80:c2:2f:a0:44:fe:df:67:a7:87:d8:32:99:e7:
17:ce:8b:e9:45:47:3b:ab:61:d9:2f:4c:ac:60:55:
5d:9b:5f:59:75:36:7f:ec:56:64:5b:02:6d:ab:28:
8e:4f:41:ec:a4:d6:f3:4f:00:a0:08:e5:28:22:16:
07:a4:19:a3:77:8f:cf:a5:7f:f2:45:8f:56:f1:a6:
d1:11:d2:aa:3a:8e:05:49:76:f8:bb:46:b4:44:17:
41:f1:3b:f4:ec:eb:f7:4b:f8:1c:e3:92:d9:34:12:
eb:52:56:26:4f:80:68:b5:e0:71:ad:a8:5d:7a:39:
d6:ae:0e:99:55:7d:09:47:4a:50:b3:80:40:4e:79:
64:56:04:73:aa:06:37:f1:38:4e:67:f2:93:b7:ec:
54:c6:25:a9:54:63:33:bd:87:9b:19:94:50:57:cc:
57:a1:4d:ce:95:3a:af:0e:a2:df:b1:6e:a7:31:4b:
f8:a8:09:a8:dc:a9:e1:3c:af:88:8e:e5:d4:46:ba:
29:e6:6c:31:9a:9e:be:72:29:44:fc:e7:15:bd:52:
2f:94:6e:fe:57:6b:93:cd:d9:1f:09:8c:12:d8:d6:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:38:54:03:4C:F2:4D:A2:31:E4:4B:79:1E:B3:01:2B:CD:7F:12:3E
X509v3 Authority Key Identifier:
keyid:3F:0A:28:7B:EA:92:58:8F:C5:DA:E4:F9:3F:B2:56:28:F3:2D:19:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/AThUA0zyTaIx5Et5HrMBK81_Ej4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.141.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:ff:13:e0:b2:f2:8b:41:91:21:f5:19:90:6e:b8:60:0e:e2:
77:89:cc:52:b0:24:a6:8b:eb:02:cb:86:dd:67:9f:29:05:bf:
52:b9:d7:b7:38:74:3c:4b:32:79:5b:8c:47:fa:5c:a9:84:7e:
08:46:f5:b9:8e:72:46:0c:80:bc:dc:3b:dd:2a:bc:e9:da:c6:
77:a9:b1:d9:8e:90:b6:bc:a2:bf:ef:f8:a1:ac:da:09:bd:a7:
95:78:1a:6b:e1:c1:14:76:e9:b6:f6:b9:e3:a2:92:8c:06:ff:
7e:7e:b2:82:f3:a9:e8:32:0b:44:08:8d:52:e5:aa:86:d8:13:
33:2d:bf:34:f4:d8:2e:8c:cb:a2:f6:f1:4e:bd:da:81:db:b7:
08:ba:07:f7:12:34:de:d8:8c:62:67:dd:36:04:e8:63:17:91:
25:d0:62:93:72:c5:22:59:35:3a:98:c0:31:35:d2:dd:83:58:
7d:a8:b1:00:9a:66:23:a6:71:80:28:17:32:2c:e5:92:af:0f:
6b:2b:1e:cd:f7:8c:b6:c1:88:2d:6b:ff:bb:e5:0f:04:02:e2:
11:54:67:56:d6:25:64:7f:35:51:99:91:fe:2e:a4:77:5f:24:
30:1e:8c:0f:3a:26:ea:03:cc:dd:d7:8c:39:60:73:d1:ec:43:
2a:4f:55:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjF0KvjpsgQXJfvw+UCXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMGEyODdiZWE5MjU4OGZjNWRhZTRmOTNmYjI1NjI4ZjMy
ZDE5NmQwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTM4NTQwMzRjZjI0ZGEyMzFlNDRiNzkxZWIzMDEyYmNkN2YxMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7zQhPwI7Sk0K7PvasOsPtPkd6fA
/PhLodEQAuSDgMIvoET+32enh9gymecXzovpRUc7q2HZL0ysYFVdm19ZdTZ/7FZk
WwJtqyiOT0HspNbzTwCgCOUoIhYHpBmjd4/PpX/yRY9W8abREdKqOo4FSXb4u0a0
RBdB8Tv07Ov3S/gc45LZNBLrUlYmT4BoteBxrahdejnWrg6ZVX0JR0pQs4BATnlk
VgRzqgY38ThOZ/KTt+xUxiWpVGMzvYebGZRQV8xXoU3OlTqvDqLfsW6nMUv4qAmo
3KnhPK+IjuXURrop5mwxmp6+cilE/OcVvVIvlG7+V2uTzdkfCYwS2NZsdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAE4VANM8k2iMeRLeR6zASvNfxI+MB8GA1UdIwQY
MBaAFD8KKHvqkliPxdrk+T+yVijzLRltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdvb2UtcVNXSV9GMnVUNVA3SldLUE10R1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85MDE0YzMtMWE0OS00ZTYyLTkyNDMt
MjEzMzVkMTA2M2FmLzEvQVRoVUEwenlUYUl4NUV0NUhyTUJLODFfRWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85MDE0YzMtMWE0OS00ZTYyLTkyNDMtMjEzMzVkMTA2M2Fm
LzEvUHdvb2UtcVNXSV9GMnVUNVA3SldLUE10R1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQyNMA0G
CSqGSIb3DQEBCwUAA4IBAQDS/xPgsvKLQZEh9RmQbrhgDuJ3icxSsCSmi+sCy4bd
Z58pBb9Sude3OHQ8SzJ5W4xH+lyphH4IRvW5jnJGDIC83DvdKrzp2sZ3qbHZjpC2
vKK/7/ihrNoJvaeVeBpr4cEUdum29rnjopKMBv9+frKC86noMgtECI1S5aqG2BMz
Lb809NgujMui9vFOvdqB27cIugf3EjTe2IxiZ902BOhjF5El0GKTcsUiWTU6mMAx
NdLdg1h9qLEAmmYjpnGAKBcyLOWSrw9rKx7N94y2wYgta/+75Q8EAuIRVGdW1iVk
fzVRmZH+LqR3XyQwHowPOibqA8zd14w5YHPR7EMqT1Xx
-----END CERTIFICATE-----
Generated at Fri May 9 21:47:09 2025 by rpki-client