Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fagVPm2G75ZssciuyHliBzoKcvA.roa
File: fagVPm2G75ZssciuyHliBzoKcvA.roa (raw, json)
Hash identifier: 2j1VLsIaqmROe8en13yirnX8SRUC710VEU2RyoP0Nu8=
Subject key identifier: 7D:A8:15:3E:6D:86:EF:96:6C:B1:C8:AE:C8:79:62:07:3A:0A:72:F0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019634998ADE9E5FEC7145D3CF1C85231EB0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fagVPm2G75ZssciuyHliBzoKcvA.roa
Signing time: Mon 14 Apr 2025 13:59:59 +0000
ROA not before: Mon 14 Apr 2025 13:59:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 07:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:99:8a:de:9e:5f:ec:71:45:d3:cf:1c:85:23:1e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 14 13:59:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7da8153e6d86ef966cb1c8aec87962073a0a72f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7c:f3:b0:8d:67:e0:c1:ef:09:6c:9a:6b:d2:
99:35:8d:f5:09:d9:7f:7c:03:8e:14:92:f7:a7:3f:
96:3d:b6:15:44:cf:d7:95:f8:1d:84:18:51:c1:ad:
2f:28:c0:a8:67:9f:84:69:0b:f9:b3:d8:13:d8:40:
a1:2c:65:18:32:a0:72:c5:53:08:52:10:a4:6d:24:
e8:27:66:2a:f3:e4:85:28:7e:0d:45:f2:a8:dd:5e:
f2:5c:61:e6:1f:e4:70:5f:ad:e7:bf:11:eb:c4:c5:
7e:6d:39:9e:86:db:d8:3a:08:53:f1:5e:cb:60:91:
44:2d:96:0a:d1:7e:54:c6:0e:17:f0:7b:e4:b3:0b:
b5:86:9e:71:45:ef:1c:aa:21:9c:4c:8f:2b:49:63:
9e:ca:d7:e3:46:9c:b4:81:0c:cb:30:2d:8e:fe:d9:
2d:d1:58:99:0a:7c:4a:2a:bb:dc:68:47:54:e7:ab:
88:4f:9d:12:de:45:a0:e1:5e:f9:e0:94:6e:07:04:
61:77:13:3e:41:a3:fb:eb:86:53:71:a8:19:57:98:
a8:55:01:0f:36:66:23:ba:3a:d3:9a:94:bf:e8:56:
92:37:c5:7c:fe:23:e0:7e:91:01:00:c7:61:f0:ef:
41:38:c4:0e:3b:13:45:ac:d8:a1:e1:ad:be:59:d8:
85:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A8:15:3E:6D:86:EF:96:6C:B1:C8:AE:C8:79:62:07:3A:0A:72:F0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fagVPm2G75ZssciuyHliBzoKcvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/24
185.209.73.0/24
185.210.233.0/24
185.210.235.0/24
185.218.20.0/24
185.222.29.0-185.222.30.255
Signature Algorithm: sha256WithRSAEncryption
4f:6f:77:c7:ec:9b:99:77:a2:cb:ec:85:25:94:4a:9d:d7:50:
47:17:e1:a2:b6:06:c4:d6:a7:e8:5a:5f:6e:e1:30:52:78:c1:
b4:df:a8:44:9a:b7:7a:cb:d8:e3:7e:0b:98:6f:8c:38:13:6a:
84:3e:e8:a3:bd:f3:00:07:a5:4a:10:5a:b6:92:66:37:7b:f4:
cd:15:2d:45:ac:6b:f9:57:89:99:63:da:58:1f:fa:b6:26:d4:
d5:a3:93:67:16:ae:73:77:a8:ce:98:43:f3:2d:a4:47:56:7a:
81:d0:d9:6d:04:68:90:2a:60:c9:ed:c2:89:91:10:22:75:a0:
e5:56:9b:a4:a4:b6:8b:de:0e:f7:e0:ee:c0:9d:de:68:b4:ef:
20:c3:61:60:4a:d9:7b:46:2e:f4:5a:d9:42:27:76:62:0d:ce:
89:c4:25:62:68:4b:1e:87:77:db:75:f7:d4:45:17:e1:ad:73:
ce:ac:7b:db:ef:3e:68:34:8e:a8:99:55:08:74:3d:86:47:2d:
ed:67:5c:58:a2:2c:ea:00:ee:d2:4f:2b:9c:a6:09:80:96:c5:
fa:3d:18:34:fc:de:fd:10:32:43:21:83:7b:6e:34:e0:6a:cf:
04:47:1e:94:0e:fb:1b:9f:17:1c:b8:cb:4e:f6:b5:9b:7f:fd:
4e:d3:bc:c6
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZY0mYrenl/scUXTzxyFIx6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDE0MTM1OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGE4MTUzZTZkODZlZjk2NmNiMWM4YWVjODc5NjIwNzNhMGE3MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXzzsI1n4MHvCWyaa9KZNY31Cdl/
fAOOFJL3pz+WPbYVRM/XlfgdhBhRwa0vKMCoZ5+EaQv5s9gT2EChLGUYMqByxVMI
UhCkbSToJ2Yq8+SFKH4NRfKo3V7yXGHmH+RwX63nvxHrxMV+bTmehtvYOghT8V7L
YJFELZYK0X5Uxg4X8Hvkswu1hp5xRe8cqiGcTI8rSWOeytfjRpy0gQzLMC2O/tkt
0ViZCnxKKrvcaEdU56uIT50S3kWg4V754JRuBwRhdxM+QaP764ZTcagZV5ioVQEP
NmYjujrTmpS/6FaSN8V8/iPgfpEBAMdh8O9BOMQOOxNFrNih4a2+WdiFSQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFH2oFT5thu+WbLHIrsh5Ygc6CnLwMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZmFnVlBtMkc3NVpzc2NpdXlIbGlCem9LY3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAudEmAwQA
udFJAwQAudLpAwQAudLrAwQAudoUMAwDBAC53h0DBAC53h4wDQYJKoZIhvcNAQEL
BQADggEBAE9vd8fsm5l3osvshSWUSp3XUEcX4aK2BsTWp+haX27hMFJ4wbTfqESa
t3rL2ON+C5hvjDgTaoQ+6KO98wAHpUoQWraSZjd79M0VLUWsa/lXiZlj2lgf+rYm
1NWjk2cWrnN3qM6YQ/MtpEdWeoHQ2W0EaJAqYMntwomRECJ1oOVWm6SktoveDvfg
7sCd3mi07yDDYWBK2XtGLvRa2UIndmINzonEJWJoSx6Hd9t199RFF+Gtc86se9vv
Pmg0jqiZVQh0PYZHLe1nXFiiLOoA7tJPK5ymCYCWxfo9GDT83v0QMkMhg3tuNOBq
zwRHHpQO+xufFxy4y072tZt//U7TvMY=
-----END CERTIFICATE-----
Generated at Sat May 10 13:10:56 2025 by rpki-client