Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/8_lshC7Vrqh7P8_d_l97X4dPSNI.roa
File: 8_lshC7Vrqh7P8_d_l97X4dPSNI.roa (raw, json)
Hash identifier: MtEsj9acWfXz3tn+oJotBurvYZaSW3G+OeBHKMYnGgg=
Subject key identifier: F3:F9:6C:84:2E:D5:AE:A8:7B:3F:CF:DD:FE:5F:7B:5F:87:4F:48:D2
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: 019420D612592E51AFA4FF6037AE9C342B94
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/8_lshC7Vrqh7P8_d_l97X4dPSNI.roa
Signing time: Wed 01 Jan 2025 07:48:07 +0000
ROA not before: Wed 01 Jan 2025 07:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60372
IP address blocks: 185.4.252.0/24 maxlen: 24
185.4.253.0/24 maxlen: 24
185.4.254.0/24 maxlen: 24
185.4.255.0/24 maxlen: 24
185.4.255.112/29 maxlen: 29
185.156.212.0/24 maxlen: 24
185.156.212.8/29 maxlen: 29
185.156.212.24/29 maxlen: 29
185.156.213.0/24 maxlen: 24
185.156.214.0/24 maxlen: 24
185.156.215.0/24 maxlen: 24
2a02:7740::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:19:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:12:59:2e:51:af:a4:ff:60:37:ae:9c:34:2b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Jan 1 07:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3f96c842ed5aea87b3fcfddfe5f7b5f874f48d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:41:35:22:73:d7:23:4b:1d:71:ea:15:8b:47:
8c:79:1a:1d:40:07:04:36:27:82:53:9e:a1:a2:5a:
ea:d9:a6:7f:9a:b9:1b:97:49:10:cb:5a:a9:db:3a:
bf:e3:3d:5e:8d:db:6f:2b:2d:c2:1f:69:0a:23:68:
f8:a0:4d:bf:1a:c1:39:88:a5:3b:72:84:a1:9d:29:
fd:c8:8e:fb:18:92:cc:3b:c3:23:bb:e4:09:55:00:
00:39:36:ec:95:48:8b:4d:65:1d:92:67:36:5d:98:
1f:23:f3:8f:0e:08:a2:e8:6f:f9:12:e4:28:f2:56:
e2:7e:52:76:a7:6e:1f:c6:48:57:07:46:e8:e8:44:
8d:41:04:26:1a:dd:36:b7:49:6f:b1:27:dc:84:07:
f5:e0:14:f1:3d:03:9c:fd:34:b0:45:a7:b9:3d:3d:
07:40:d2:91:52:04:81:f8:dc:a2:b8:bc:28:79:05:
bb:1c:81:58:51:22:0e:ef:3b:a5:3f:b7:23:4b:2f:
dc:cf:d3:90:f7:2f:d5:fd:68:b4:d0:58:eb:a7:a0:
b9:a7:b2:06:52:e8:5a:75:2d:24:13:fa:7e:59:17:
9e:89:d7:b0:a8:0f:d4:00:12:04:75:69:49:f5:91:
c9:dd:73:f8:7f:7a:5d:c5:09:2d:52:6b:f8:ae:e5:
b1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F9:6C:84:2E:D5:AE:A8:7B:3F:CF:DD:FE:5F:7B:5F:87:4F:48:D2
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/8_lshC7Vrqh7P8_d_l97X4dPSNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.252.0/22
185.156.212.0/22
IPv6:
2a02:7740::/32
Signature Algorithm: sha256WithRSAEncryption
11:6b:96:34:5b:ca:98:9e:4a:ab:a0:3f:e4:da:d2:4b:23:c6:
15:54:a1:56:42:b5:77:2e:3a:99:82:ea:0b:ce:e5:ee:b6:37:
18:a9:92:8c:25:68:aa:a4:37:58:38:d7:39:17:e9:5b:e5:86:
2a:ee:cd:52:21:b0:f7:3e:57:a7:38:67:54:b0:b6:1e:4c:dd:
13:e8:6b:2d:58:9d:a8:a0:0d:53:44:0d:f1:03:a7:c6:17:13:
34:c0:40:e2:b0:30:95:bd:da:fe:9f:65:40:3e:df:b5:08:2c:
c3:1e:cb:e3:2d:2a:c5:63:0d:fc:ea:48:73:f4:6e:f2:e8:0a:
49:06:a9:8a:aa:09:38:88:93:a1:50:f6:47:11:18:a4:7d:05:
e4:dc:8f:fe:eb:fb:94:b9:9c:25:34:95:60:49:73:73:8b:59:
b0:59:20:a1:82:bb:16:fd:65:40:72:2f:a3:8d:2b:aa:f6:8f:
5b:9f:37:3c:30:01:d0:0d:9c:46:9c:67:ad:17:02:16:46:bd:
bf:5a:83:fd:ba:86:17:3f:4f:ae:57:30:34:fc:97:e3:0f:4d:
b5:28:91:64:de:b1:fd:bd:a7:a2:f4:2c:86:26:36:79:63:18:
26:a2:ee:2f:71:f9:b1:05:df:e9:a5:aa:60:ab:72:ea:cc:ad:
a1:62:8a:b3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1hJZLlGvpP9gN66cNCuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTAyNDNmOTg2MzZmYWEwZmI2YzVhZTZiYWQ5YjBhYmFk
MjM0MzgwHhcNMjUwMTAxMDc0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2Y5NmM4NDJlZDVhZWE4N2IzZmNmZGRmZTVmN2I1Zjg3NGY0OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEE1InPXI0sdceoVi0eMeRodQAcE
NieCU56holrq2aZ/mrkbl0kQy1qp2zq/4z1ejdtvKy3CH2kKI2j4oE2/GsE5iKU7
coShnSn9yI77GJLMO8Mju+QJVQAAOTbslUiLTWUdkmc2XZgfI/OPDgii6G/5EuQo
8lbiflJ2p24fxkhXB0bo6ESNQQQmGt02t0lvsSfchAf14BTxPQOc/TSwRae5PT0H
QNKRUgSB+NyiuLwoeQW7HIFYUSIO7zulP7cjSy/cz9OQ9y/V/Wi00Fjrp6C5p7IG
UuhadS0kE/p+WReeidewqA/UABIEdWlJ9ZHJ3XP4f3pdxQktUmv4ruWx2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPP5bIQu1a6oez/P3f5fe1+HT0jSMB8GA1UdIwQY
MBaAFMsQJD+YY2+qD7bFrmutmwq60jQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAt
NDhmMTUxYjUyMzFmLzEvOF9sc2hDN1ZycWg3UDhfZF9sOTdYNGRQU05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAtNDhmMTUxYjUyMzFm
LzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQT8AwQC
uZzUMA0EAgACMAcDBQAqAndAMA0GCSqGSIb3DQEBCwUAA4IBAQARa5Y0W8qYnkqr
oD/k2tJLI8YVVKFWQrV3LjqZguoLzuXutjcYqZKMJWiqpDdYONc5F+lb5YYq7s1S
IbD3PlenOGdUsLYeTN0T6GstWJ2ooA1TRA3xA6fGFxM0wEDisDCVvdr+n2VAPt+1
CCzDHsvjLSrFYw386khz9G7y6ApJBqmKqgk4iJOhUPZHERikfQXk3I/+6/uUuZwl
NJVgSXNzi1mwWSChgrsW/WVAci+jjSuq9o9bnzc8MAHQDZxGnGetFwIWRr2/WoP9
uoYXP0+uVzA0/JfjD021KJFk3rH9vaei9CyGJjZ5Yxgmou4vcfmxBd/ppapgq3Lq
zK2hYoqz
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:32:17 2025 by rpki-client