Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iJEKi0TiL6Sa9PFCWOdzVVxLs2s.roa
File: iJEKi0TiL6Sa9PFCWOdzVVxLs2s.roa (raw, json)
Hash identifier: ozP9SVNlCfBtrop0h45wJcLlgDjSaMe9QDzZIXabjlM=
Subject key identifier: 88:91:0A:8B:44:E2:2F:A4:9A:F4:F1:42:58:E7:73:55:5C:4B:B3:6B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193DB8E6B20907FF01975B2A0DA186F5141
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iJEKi0TiL6Sa9PFCWOdzVVxLs2s.roa
Signing time: Wed 18 Dec 2024 20:56:04 +0000
ROA not before: Wed 18 Dec 2024 20:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50053
IP address blocks: 185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 11:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:db:8e:6b:20:90:7f:f0:19:75:b2:a0:da:18:6f:51:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 18 20:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88910a8b44e22fa49af4f14258e773555c4bb36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:70:31:88:0b:55:04:54:63:71:3b:11:ad:ed:
ca:95:1f:87:39:01:d4:32:3c:5f:83:8d:db:a0:12:
24:90:15:f0:1a:4b:2d:08:18:e9:07:b0:88:ba:99:
00:d1:00:ac:b7:43:0e:7a:3f:a8:d9:4f:5c:ea:ba:
a4:10:bb:6f:ca:6d:e8:05:79:53:b4:d9:bf:61:1e:
c6:5b:20:2c:3f:4c:72:7f:0b:19:f7:d0:71:a7:3c:
57:df:f3:05:3b:46:5a:16:16:80:0d:dc:dc:75:4d:
40:73:59:4a:81:20:7b:9f:de:e9:e7:8e:3b:ab:2c:
1d:71:f5:09:51:af:f0:ca:af:ed:52:f2:e0:8b:d4:
d4:90:b7:c6:c1:03:70:53:5c:78:59:35:56:c7:79:
2d:36:0c:ce:3e:60:88:10:db:23:96:b1:8e:08:af:
9c:97:fc:75:93:05:0e:56:b6:74:3f:30:28:8b:32:
6c:fb:66:81:07:97:6b:e2:26:90:56:22:b8:04:66:
9d:f8:b2:72:0d:76:cd:b1:44:e0:17:af:4b:8e:21:
8a:6d:b1:35:8b:3f:9c:3f:b9:34:04:c0:e0:5a:3c:
da:d0:80:a1:5f:5e:2a:ad:58:7a:33:d0:84:fa:4c:
5e:3d:1c:dc:08:09:dc:a2:cb:97:8a:43:ba:56:a5:
b3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:91:0A:8B:44:E2:2F:A4:9A:F4:F1:42:58:E7:73:55:5C:4B:B3:6B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iJEKi0TiL6Sa9PFCWOdzVVxLs2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.13.0-185.121.14.255
185.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
55:17:13:80:5d:b8:6a:9c:21:95:a3:6e:c0:ec:ba:c3:a7:a8:
27:72:c2:fc:4f:cf:92:f4:b0:ab:a2:36:4a:06:83:8f:58:d3:
ba:a8:b5:26:02:0f:db:b7:37:fc:b2:15:6d:04:a7:bf:8f:b6:
70:8b:b4:32:ea:02:09:da:35:37:13:b4:02:54:4d:de:93:7c:
85:33:2e:3d:ce:73:a8:7c:27:12:ae:12:6c:11:7e:d1:99:84:
4c:a7:35:f6:95:b0:5a:85:8a:6f:62:01:f8:70:c9:ef:6b:28:
72:e4:41:57:e7:64:4e:12:d0:3d:62:ef:95:ce:29:c9:67:4d:
47:c2:01:8f:0f:50:0a:ce:af:c1:08:e9:ed:95:07:dd:01:33:
9f:87:1a:88:27:b9:b8:be:19:70:cb:53:f5:31:82:d5:0d:dd:
56:b5:1c:bc:0f:ed:65:17:02:1f:e6:60:6c:3b:31:0b:d2:5f:
d0:16:29:58:25:2e:06:bc:5a:81:74:a9:c3:57:ad:af:6d:8b:
f7:76:e5:06:f9:1e:59:7b:60:41:64:96:90:59:aa:40:f9:0a:
80:70:56:fe:2f:c3:9e:5a:20:7f:11:32:78:c6:bd:78:d4:7c:
68:7c:6f:15:ca:0d:5f:b2:68:10:54:ba:c1:71:02:fe:4c:29:
48:a3:7b:fa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZPbjmsgkH/wGXWyoNoYb1FBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjE4MjA1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODkxMGE4YjQ0ZTIyZmE0OWFmNGYxNDI1OGU3NzM1NTVjNGJiMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnAxiAtVBFRjcTsRre3KlR+HOQHU
Mjxfg43boBIkkBXwGkstCBjpB7CIupkA0QCst0MOej+o2U9c6rqkELtvym3oBXlT
tNm/YR7GWyAsP0xyfwsZ99BxpzxX3/MFO0ZaFhaADdzcdU1Ac1lKgSB7n97p5447
qywdcfUJUa/wyq/tUvLgi9TUkLfGwQNwU1x4WTVWx3ktNgzOPmCIENsjlrGOCK+c
l/x1kwUOVrZ0PzAoizJs+2aBB5dr4iaQViK4BGad+LJyDXbNsUTgF69LjiGKbbE1
iz+cP7k0BMDgWjza0IChX14qrVh6M9CE+kxePRzcCAncosuXikO6VqWzmwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIiRCotE4i+kmvTxQljnc1VcS7NrMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaUpFS2kwVGlMNlNhOVBGQ1dPZHpWVnhMczJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5eQ0D
BAC5eQ4DBAC5/p4wDQYJKoZIhvcNAQELBQADggEBAFUXE4BduGqcIZWjbsDsusOn
qCdywvxPz5L0sKuiNkoGg49Y07qotSYCD9u3N/yyFW0Ep7+PtnCLtDLqAgnaNTcT
tAJUTd6TfIUzLj3Oc6h8JxKuEmwRftGZhEynNfaVsFqFim9iAfhwye9rKHLkQVfn
ZE4S0D1i75XOKclnTUfCAY8PUArOr8EI6e2VB90BM5+HGognubi+GXDLU/UxgtUN
3Va1HLwP7WUXAh/mYGw7MQvSX9AWKVglLga8WoF0qcNXra9ti/d25Qb5Hll7YEFk
lpBZqkD5CoBwVv4vw55aIH8RMnjGvXjUfGh8bxXKDV+yaBBUusFxAv5MKUije/o=
-----END CERTIFICATE-----
Generated at Thu May 8 22:34:49 2025 by rpki-client