Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hm2XXeMAtUUl4Kwe0zWIQvs9FMs.roa
File: hm2XXeMAtUUl4Kwe0zWIQvs9FMs.roa (raw, json)
Hash identifier: DyZpJHkde8cpenDyPnt31PXbIhXGtAnCz9Ovof7J+/Y=
Subject key identifier: 86:6D:97:5D:E3:00:B5:45:25:E0:AC:1E:D3:35:88:42:FB:3D:14:CB
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0195003FE72014C1A5A01D9CEE025920B5CB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hm2XXeMAtUUl4Kwe0zWIQvs9FMs.roa
Signing time: Thu 13 Feb 2025 16:59:02 +0000
ROA not before: Thu 13 Feb 2025 16:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 12:09:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:3f:e7:20:14:c1:a5:a0:1d:9c:ee:02:59:20:b5:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 13 16:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=866d975de300b54525e0ac1ed3358842fb3d14cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7d:18:9d:71:2a:c9:0a:7a:54:80:61:e9:a9:
4f:01:bf:72:b8:9a:9e:f5:f6:5b:98:75:b2:5d:b7:
f1:9c:3c:df:98:82:3b:0c:4a:83:ee:fa:0d:69:ee:
f0:b7:e9:71:78:11:0f:3e:89:8a:3b:5c:4d:fa:d2:
38:77:58:00:5d:55:1b:67:46:55:a5:36:34:2d:ee:
d5:1a:95:7a:47:5c:d0:79:83:ca:7b:9c:47:14:f8:
82:38:78:11:c6:5f:96:0d:aa:d7:e3:67:7d:b5:d7:
37:51:05:46:fe:8f:4d:c0:c3:b8:c5:52:5a:2c:66:
8a:e3:a2:bb:f3:39:1a:c1:48:59:9d:6d:0d:fa:2b:
bf:bd:36:ed:78:b3:cf:a9:e1:67:fe:1d:4c:7e:fd:
d4:ac:1e:c3:7b:3c:af:15:c3:37:c3:8b:17:75:de:
7c:22:d5:26:2c:fe:12:d0:ec:16:6e:ad:19:45:44:
24:6f:5a:bd:d7:31:33:fa:68:08:42:93:3f:d9:e4:
b9:bc:bc:80:14:3c:cf:11:b7:60:a9:db:3f:24:52:
d2:0c:17:9d:4a:f7:12:4b:a9:07:83:ae:35:7d:1b:
b2:1f:f5:64:c2:0c:12:3b:c7:f5:44:1c:ae:c5:7f:
d1:dd:88:68:ac:d9:ff:e3:63:da:27:a5:43:51:ab:
8e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6D:97:5D:E3:00:B5:45:25:E0:AC:1E:D3:35:88:42:FB:3D:14:CB
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hm2XXeMAtUUl4Kwe0zWIQvs9FMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.13.0-185.121.14.255
185.202.207.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
56:93:3a:21:58:30:3d:0d:dd:e2:40:a0:33:8f:cc:db:a5:09:
48:3f:97:65:04:fb:04:9c:31:aa:58:e4:c3:76:f6:3f:0e:a4:
4c:90:50:36:93:43:2f:0d:41:ee:e9:b5:74:3c:73:53:a0:52:
06:86:81:d3:58:f1:6b:5c:85:61:74:b3:97:8d:03:9a:53:66:
e2:bd:ba:5e:65:a5:3b:cd:b9:01:73:08:1e:e7:d9:26:f9:47:
8d:47:4f:88:c2:88:9f:23:74:92:c5:ae:cd:0c:c0:16:3e:ba:
e8:ff:be:1d:3a:06:c5:4d:86:59:68:72:6c:b9:57:d0:ce:6a:
bc:a1:60:3c:36:c0:09:10:7d:4f:ac:67:3b:ff:dc:47:93:45:
c5:08:2a:ba:9f:5d:49:9d:ef:fc:7c:ba:24:ec:fd:a9:99:fb:
43:12:9b:39:b9:e6:23:95:8f:8a:1e:cf:89:bc:7d:16:90:91:
8e:9d:b3:4f:64:ac:d3:90:aa:7c:3a:08:91:83:24:6c:5d:29:
39:c8:5e:2b:53:c8:f2:2a:0a:f3:ad:c4:4d:62:99:dc:55:03:
4c:1f:e1:0d:a3:6a:36:92:d7:b2:d4:50:fa:d1:86:b7:61:12:
55:32:5a:c3:21:17:3a:cd:cf:0e:36:9d:c7:7f:cb:5f:dd:9c:
cc:95:de:0c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZUAP+cgFMGloB2c7gJZILXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjEzMTY1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZkOTc1ZGUzMDBiNTQ1MjVlMGFjMWVkMzM1ODg0MmZiM2QxNGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX0YnXEqyQp6VIBh6alPAb9yuJqe
9fZbmHWyXbfxnDzfmII7DEqD7voNae7wt+lxeBEPPomKO1xN+tI4d1gAXVUbZ0ZV
pTY0Le7VGpV6R1zQeYPKe5xHFPiCOHgRxl+WDarX42d9tdc3UQVG/o9NwMO4xVJa
LGaK46K78zkawUhZnW0N+iu/vTbteLPPqeFn/h1Mfv3UrB7DezyvFcM3w4sXdd58
ItUmLP4S0OwWbq0ZRUQkb1q91zEz+mgIQpM/2eS5vLyAFDzPEbdgqds/JFLSDBed
SvcSS6kHg641fRuyH/VkwgwSO8f1RByuxX/R3YhorNn/42PaJ6VDUauOEwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFIZtl13jALVFJeCsHtM1iEL7PRTLMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaG0yWFhlTUF0VVVsNEt3ZTB6V0lRdnM5Rk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAC5eQ0D
BAC5eQ4DBAC5ys8DBAC56MwDBAC57BgwDAMEALnvjQMEALnvjgMEALn+njANBgkq
hkiG9w0BAQsFAAOCAQEAVpM6IVgwPQ3d4kCgM4/M26UJSD+XZQT7BJwxqljkw3b2
Pw6kTJBQNpNDLw1B7um1dDxzU6BSBoaB01jxa1yFYXSzl40DmlNm4r26XmWlO825
AXMIHufZJvlHjUdPiMKInyN0ksWuzQzAFj666P++HToGxU2GWWhybLlX0M5qvKFg
PDbACRB9T6xnO//cR5NFxQgqup9dSZ3v/Hy6JOz9qZn7QxKbObnmI5WPih7Pibx9
FpCRjp2zT2Ss05CqfDoIkYMkbF0pOcheK1PI8ioK863ETWKZ3FUDTB/hDaNqNpLX
stRQ+tGGt2ESVTJawyEXOs3PDjadx3/LX92czJXeDA==
-----END CERTIFICATE-----
Generated at Wed May 7 17:23:30 2025 by rpki-client