Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/cb-Dhm2S7yuwCNWsNScfaBo6oXw.roa
File: cb-Dhm2S7yuwCNWsNScfaBo6oXw.roa (raw, json)
Hash identifier: J+KyWBF8H7wOSns7EevIqdAKoxcTuVx5xXIDZNTfJqM=
Subject key identifier: 71:BF:83:86:6D:92:EF:2B:B0:08:D5:AC:35:27:1F:68:1A:3A:A1:7C
Certificate issuer: /CN=11bfa2961fa0e0b07041293ddc0c3693a9e0a238
Certificate serial: 018CC26D71D87DAF8A81D5F0F98C4A5A0799
Authority key identifier: 11:BF:A2:96:1F:A0:E0:B0:70:41:29:3D:DC:0C:36:93:A9:E0:A2:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eb-ilh-g4LBwQSk93Aw2k6ngojg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/cb-Dhm2S7yuwCNWsNScfaBo6oXw.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208892
IP address blocks: 46.22.171.0/24 maxlen: 24
80.82.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:71:d8:7d:af:8a:81:d5:f0:f9:8c:4a:5a:07:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bfa2961fa0e0b07041293ddc0c3693a9e0a238
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71bf83866d92ef2bb008d5ac35271f681a3aa17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:ce:2b:14:25:45:42:80:7d:0c:89:12:1f:
d8:f1:b7:a1:70:38:ef:1f:18:8f:4f:55:84:ae:99:
43:1e:ed:61:e6:b1:ad:ae:8d:80:8d:39:2d:f8:73:
62:7d:9a:19:2f:fd:8d:6c:23:8a:53:e8:63:f9:11:
11:2b:fb:19:76:7a:8d:de:f1:0c:17:49:02:1b:bd:
2f:df:da:3c:f7:1c:d4:ca:9b:f4:97:9e:3c:74:90:
f5:7a:ed:10:a0:27:b4:45:cd:d2:1c:c1:23:50:ec:
be:5c:a8:a2:4b:2a:d5:c9:12:b0:0b:3c:f6:5c:86:
7a:e8:9e:24:d5:53:bb:52:8c:e9:91:fb:c3:3f:67:
10:6f:d3:7f:80:14:39:07:e2:24:03:2e:a6:ab:01:
ee:5b:e2:5f:1e:e9:52:70:fc:d1:34:4e:ab:9f:49:
94:62:bc:bd:29:e4:f7:f1:d5:8f:f8:e8:6c:79:6a:
87:cd:ff:92:ba:a8:30:02:c9:03:84:b9:3a:1c:42:
d8:9a:98:b3:46:03:58:1f:d7:2f:3c:a3:86:ce:8c:
9d:22:13:8b:db:62:b0:84:9b:7a:e9:2d:5e:d9:8d:
43:ad:98:51:e4:1f:cc:90:12:35:ec:98:50:a5:f6:
f9:6a:fd:2f:f1:5b:f6:8b:77:65:54:73:87:bd:d5:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BF:83:86:6D:92:EF:2B:B0:08:D5:AC:35:27:1F:68:1A:3A:A1:7C
X509v3 Authority Key Identifier:
keyid:11:BF:A2:96:1F:A0:E0:B0:70:41:29:3D:DC:0C:36:93:A9:E0:A2:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eb-ilh-g4LBwQSk93Aw2k6ngojg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/cb-Dhm2S7yuwCNWsNScfaBo6oXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/Eb-ilh-g4LBwQSk93Aw2k6ngojg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.171.0/24
80.82.23.0/24
Signature Algorithm: sha256WithRSAEncryption
50:d0:92:0b:39:7c:b6:50:43:30:28:a4:2d:07:e0:d1:1f:f5:
63:4b:13:f9:ae:6b:92:b7:0e:b4:bd:f6:6d:ad:fb:d6:9d:75:
c2:46:72:06:70:ac:84:4c:98:ed:90:85:d0:e3:5c:f0:7b:b5:
71:1d:2c:e3:89:4b:52:f0:d4:d5:26:c1:4a:34:95:a7:07:d7:
74:c2:b2:5d:e5:28:f7:37:18:7e:df:2f:13:ea:f5:e0:a9:79:
ca:0d:96:46:75:42:25:17:c9:cb:ef:e8:e7:90:1f:d9:c0:e2:
e4:97:ef:ee:39:d0:d3:31:49:e3:b7:cf:47:09:dc:6c:36:ee:
1d:31:8e:d8:d4:4d:fa:a1:57:88:71:b6:da:27:c3:35:de:07:
4f:a1:3a:b6:40:f5:80:40:07:50:59:3b:35:b6:5a:76:e5:70:
aa:17:bf:c5:8a:00:38:3d:7e:bf:4d:29:e3:b2:8c:a6:6f:05:
5e:2e:87:50:67:6c:a7:68:19:e7:b9:db:10:74:fa:7f:98:9f:
b3:0a:35:8f:39:fc:a2:b3:6d:db:d4:7e:60:4c:de:4a:ae:26:
0d:fb:95:75:44:b0:1e:5b:c7:49:77:48:fc:26:bd:58:f2:ea:
bb:8e:a7:74:e7:18:f5:3f:6b:02:eb:49:ed:b9:13:08:e9:2c:
fc:37:11:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbXHYfa+KgdXw+YxKWgeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmZhMjk2MWZhMGUwYjA3MDQxMjkzZGRjMGMzNjkzYTll
MGEyMzgwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWJmODM4NjZkOTJlZjJiYjAwOGQ1YWMzNTI3MWY2ODFhM2FhMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVPOKxQlRUKAfQyJEh/Y8behcDjv
HxiPT1WErplDHu1h5rGtro2AjTkt+HNifZoZL/2NbCOKU+hj+RERK/sZdnqN3vEM
F0kCG70v39o89xzUypv0l548dJD1eu0QoCe0Rc3SHMEjUOy+XKiiSyrVyRKwCzz2
XIZ66J4k1VO7UozpkfvDP2cQb9N/gBQ5B+IkAy6mqwHuW+JfHulScPzRNE6rn0mU
Yry9KeT38dWP+OhseWqHzf+SuqgwAskDhLk6HELYmpizRgNYH9cvPKOGzoydIhOL
22KwhJt66S1e2Y1DrZhR5B/MkBI17JhQpfb5av0v8Vv2i3dlVHOHvdVonwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHG/g4Ztku8rsAjVrDUnH2gaOqF8MB8GA1UdIwQY
MBaAFBG/opYfoOCwcEEpPdwMNpOp4KI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWItaWxoLWc0TEJ3UVNrOTNBdzJrNm5nb2pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xNzMxNzMtODE5Zi00YmM5LTkyZDgt
Nzg3OTFjOTM1NmEzLzEvY2ItRGhtMlM3eXV3Q05Xc05TY2ZhQm82b1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xNzMxNzMtODE5Zi00YmM5LTkyZDgtNzg3OTFjOTM1NmEz
LzEvRWItaWxoLWc0TEJ3UVNrOTNBdzJrNm5nb2pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALharAwQA
UFIXMA0GCSqGSIb3DQEBCwUAA4IBAQBQ0JILOXy2UEMwKKQtB+DRH/VjSxP5rmuS
tw60vfZtrfvWnXXCRnIGcKyETJjtkIXQ41zwe7VxHSzjiUtS8NTVJsFKNJWnB9d0
wrJd5Sj3Nxh+3y8T6vXgqXnKDZZGdUIlF8nL7+jnkB/ZwOLkl+/uOdDTMUnjt89H
CdxsNu4dMY7Y1E36oVeIcbbaJ8M13gdPoTq2QPWAQAdQWTs1tlp25XCqF7/FigA4
PX6/TSnjsoymbwVeLodQZ2ynaBnnudsQdPp/mJ+zCjWPOfyis23b1H5gTN5KriYN
+5V1RLAeW8dJd0j8Jr1Y8uq7jqd05xj1P2sC60ntuRMI6Sz8NxGh
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:57:13 2025 by rpki-client