Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1vnTKHqU7AYEN1PflYKwjmpJbO8.roa
File: 1vnTKHqU7AYEN1PflYKwjmpJbO8.roa (raw, json)
Hash identifier: vqA28yP5joj8hHI9ay+XY7LpL7laDt0EGVa5Rim+GEM=
Subject key identifier: D6:F9:D3:28:7A:94:EC:06:04:37:53:DF:95:82:B0:8E:6A:49:6C:EF
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80134B2808EEB97C54D3E27360F2521
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1vnTKHqU7AYEN1PflYKwjmpJbO8.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202589
IP address blocks: 85.254.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:34:b2:80:8e:eb:97:c5:4d:3e:27:36:0f:25:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6f9d3287a94ec06043753df9582b08e6a496cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1f:11:74:4e:40:56:8d:1c:d0:bd:54:4d:38:
c3:40:45:5e:69:a6:8a:b2:ea:da:d4:b2:a0:b9:28:
a7:d8:b1:39:05:e9:2f:7e:fe:cc:d0:51:a1:40:c4:
f3:f2:2d:1e:2c:e2:13:8a:7b:af:30:b3:58:da:88:
20:f0:5e:b4:56:0e:1e:fa:f2:f7:0c:18:70:27:1a:
32:52:b4:e6:59:27:a4:13:c7:88:39:42:d1:c4:9a:
fe:ca:19:83:dc:65:77:4d:b0:aa:e7:33:33:59:37:
b8:e3:4d:33:bf:d1:73:35:06:59:aa:97:00:75:37:
89:75:42:ca:56:0e:98:7b:73:d5:ca:12:19:bc:3a:
b8:a8:a4:b0:83:ee:78:81:00:c2:8f:d8:a9:17:4b:
a8:63:ce:bf:d5:99:de:e3:80:6a:1b:9c:2b:07:78:
93:f8:38:72:69:80:70:29:bc:23:5b:88:c7:7e:71:
cb:7f:31:aa:99:b9:f0:c1:f7:2d:88:a6:21:35:b4:
cb:79:f9:4d:40:b9:0f:e3:98:0d:97:de:74:5b:a7:
af:9e:70:d7:65:02:2f:13:1e:e5:1f:60:b7:db:d1:
b3:26:0d:43:79:b7:49:f4:98:7f:cb:68:9c:10:db:
ec:6c:fa:a3:fa:f0:0a:5c:f1:53:ae:57:44:0b:a9:
8d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F9:D3:28:7A:94:EC:06:04:37:53:DF:95:82:B0:8E:6A:49:6C:EF
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1vnTKHqU7AYEN1PflYKwjmpJbO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.58.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2f:db:60:50:5a:1c:5c:fa:ce:f8:1e:2b:41:eb:77:54:1c:
6b:b6:2a:df:21:57:2e:b8:45:77:3b:24:2e:2a:cb:f7:39:9a:
c4:b3:49:42:97:b7:be:f0:6f:21:63:d1:f6:67:0b:34:39:09:
1d:b0:a8:23:6a:65:11:fb:f9:49:5b:59:ad:64:68:0b:17:70:
86:99:dd:3b:d3:fe:b4:78:b2:89:b5:9b:dc:bd:9d:1f:8e:5d:
e9:1e:62:61:b6:76:c8:4d:9d:53:92:83:a4:0e:93:42:1b:eb:
75:f3:22:57:76:66:2a:aa:91:5a:81:a5:05:7e:e4:a0:88:62:
cf:fc:ea:16:8a:48:3b:28:19:64:7d:9a:d9:6b:fe:81:01:9a:
37:78:c6:31:dc:6f:9f:8e:5b:78:bf:bb:1e:a3:9a:e8:61:5a:
7a:21:99:f0:19:6c:2e:28:30:07:9b:cf:a0:a7:56:57:ef:d7:
18:81:36:01:97:54:fd:45:f5:1b:2f:ae:f3:e6:4c:b3:03:74:
09:86:b1:c0:07:ef:d8:d6:12:30:33:c6:6c:04:71:1f:e4:d4:
49:d9:f1:d4:9c:53:9a:7c:40:4b:81:3f:3a:e9:20:76:17:59:
4b:ff:dd:01:b3:b7:6d:61:eb:aa:2a:c1:74:e0:a6:81:5c:5e:
8d:04:81:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIATSygI7rl8VNPic2DyUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmY5ZDMyODdhOTRlYzA2MDQzNzUzZGY5NTgyYjA4ZTZhNDk2Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR8RdE5AVo0c0L1UTTjDQEVeaaaK
sura1LKguSin2LE5Bekvfv7M0FGhQMTz8i0eLOITinuvMLNY2ogg8F60Vg4e+vL3
DBhwJxoyUrTmWSekE8eIOULRxJr+yhmD3GV3TbCq5zMzWTe4400zv9FzNQZZqpcA
dTeJdULKVg6Ye3PVyhIZvDq4qKSwg+54gQDCj9ipF0uoY86/1Zne44BqG5wrB3iT
+DhyaYBwKbwjW4jHfnHLfzGqmbnwwfctiKYhNbTLeflNQLkP45gNl950W6evnnDX
ZQIvEx7lH2C329GzJg1DebdJ9Jh/y2icENvsbPqj+vAKXPFTrldEC6mNmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNb50yh6lOwGBDdT35WCsI5qSWzvMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMXZuVEtIcVU3QVlFTjFQZmxZS3dqbXBKYk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf46MA0G
CSqGSIb3DQEBCwUAA4IBAQCYL9tgUFocXPrO+B4rQet3VBxrtirfIVcuuEV3OyQu
Ksv3OZrEs0lCl7e+8G8hY9H2Zws0OQkdsKgjamUR+/lJW1mtZGgLF3CGmd070/60
eLKJtZvcvZ0fjl3pHmJhtnbITZ1TkoOkDpNCG+t18yJXdmYqqpFagaUFfuSgiGLP
/OoWikg7KBlkfZrZa/6BAZo3eMYx3G+fjlt4v7seo5roYVp6IZnwGWwuKDAHm8+g
p1ZX79cYgTYBl1T9RfUbL67z5kyzA3QJhrHAB+/Y1hIwM8ZsBHEf5NRJ2fHUnFOa
fEBLgT866SB2F1lL/90Bs7dtYeuqKsF04KaBXF6NBIH7
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:48:34 2025 by rpki-client