Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/_8UvTQczkckQmKfNzFcO8jwRytI.roa
File: _8UvTQczkckQmKfNzFcO8jwRytI.roa (raw, json)
Hash identifier: vHSpmowShMoTbGM5upNXORJrTNtSvVg63fbOJM8Zhyw=
Subject key identifier: FF:C5:2F:4D:07:33:91:C9:10:98:A7:CD:CC:57:0E:F2:3C:11:CA:D2
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 018CC6B7AEDF624C17074795DE2557FF84DE
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/_8UvTQczkckQmKfNzFcO8jwRytI.roa
Signing time: Mon 01 Jan 2024 20:29:35 +0000
ROA not before: Mon 01 Jan 2024 20:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207241
IP address blocks: 185.203.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 12:16:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ae:df:62:4c:17:07:47:95:de:25:57:ff:84:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 1 20:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffc52f4d073391c91098a7cdcc570ef23c11cad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:62:af:f3:42:6a:44:11:2c:49:18:6d:83:bd:
d6:0e:13:58:4a:e0:b8:4e:e9:6f:7a:bd:2f:c0:08:
cd:fa:c3:c2:7e:17:f8:58:87:26:e4:c4:d7:aa:5b:
f1:dd:ac:56:2d:a1:14:87:f6:57:b5:76:10:6a:6d:
9b:b9:e5:8d:93:6b:21:cb:57:7b:e2:89:aa:4a:35:
39:3b:2f:4d:b3:b2:38:fd:4b:3b:84:54:b9:59:5c:
4c:63:64:63:8a:92:2e:4c:f0:f6:ec:6b:4b:19:16:
43:69:58:b0:b9:20:35:35:21:60:74:a2:f8:4b:db:
dc:f2:f8:3f:bd:f1:75:80:11:fd:1d:e2:08:42:d3:
a3:5d:84:e3:a4:42:23:76:ee:ae:af:44:ee:cd:d0:
03:54:49:a5:a2:b0:24:b1:fd:59:0b:a1:d2:10:1c:
31:f2:3b:7f:74:b6:e6:b8:4f:63:f7:17:0a:40:90:
77:b2:96:3c:96:86:71:20:7a:8f:44:d6:40:c5:d1:
5c:ab:7c:5c:5f:af:48:68:39:86:d5:7a:6c:1f:e0:
5a:61:fb:6e:71:34:c9:ff:8d:13:1f:27:ac:65:7b:
d7:d0:1c:72:3b:db:83:5c:cf:9e:28:9a:f3:ec:49:
8b:71:96:e9:ae:9a:69:b9:1b:33:ca:2f:4e:a3:7f:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C5:2F:4D:07:33:91:C9:10:98:A7:CD:CC:57:0E:F2:3C:11:CA:D2
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/_8UvTQczkckQmKfNzFcO8jwRytI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.199.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:38:0b:ab:5d:d8:be:4b:94:0a:62:90:31:cc:3d:6e:2f:f6:
d8:05:c9:8f:09:eb:de:25:80:a1:85:66:7c:af:0f:c6:46:43:
d7:67:2d:47:af:40:cf:5c:ad:35:27:7a:d1:9c:51:fe:94:eb:
ac:39:d4:f5:11:f7:24:70:a1:22:87:97:81:21:65:ba:c4:e6:
60:40:81:0b:05:96:28:ee:56:0f:ea:7d:45:65:af:3b:4c:5e:
5a:09:95:10:7c:a2:9f:28:2e:a7:c4:cc:c4:7b:cf:72:61:61:
5b:ca:aa:29:df:3c:e8:d0:69:07:de:8a:49:4a:cf:2d:8e:e1:
65:18:89:67:e3:d4:e0:1d:6d:c6:e9:4d:52:58:45:3c:58:06:
12:af:64:4c:dc:05:c4:52:7a:b2:b7:df:f6:0c:b4:64:92:7b:
1d:39:f2:28:9f:88:cd:42:b5:61:bf:a9:65:8b:f6:95:85:c5:
ad:87:db:6b:bd:5b:8f:70:dc:bb:5b:43:5b:08:b3:8b:8e:d8:
ca:50:2b:8e:ef:99:54:b0:15:8d:6e:0d:56:ff:51:05:99:2f:
b1:63:6c:27:c3:b1:46:f8:3d:6c:33:46:e3:c6:3b:4d:7f:24:
dc:f4:c6:48:93:97:1e:5b:ec:1c:8d:8a:a6:17:53:6d:2b:71:
8d:e4:4b:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt67fYkwXB0eV3iVX/4TeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjQwMTAxMjAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmM1MmY0ZDA3MzM5MWM5MTA5OGE3Y2RjYzU3MGVmMjNjMTFjYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWKv80JqRBEsSRhtg73WDhNYSuC4
Tulver0vwAjN+sPCfhf4WIcm5MTXqlvx3axWLaEUh/ZXtXYQam2bueWNk2shy1d7
4omqSjU5Oy9Ns7I4/Us7hFS5WVxMY2RjipIuTPD27GtLGRZDaViwuSA1NSFgdKL4
S9vc8vg/vfF1gBH9HeIIQtOjXYTjpEIjdu6ur0TuzdADVEmlorAksf1ZC6HSEBwx
8jt/dLbmuE9j9xcKQJB3spY8loZxIHqPRNZAxdFcq3xcX69IaDmG1XpsH+BaYftu
cTTJ/40THyesZXvX0BxyO9uDXM+eKJrz7EmLcZbprpppuRszyi9Oo38vKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/FL00HM5HJEJinzcxXDvI8EcrSMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvXzhVdlRRY3prY2tRbUtmTnpGY084andSeXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucvHMA0G
CSqGSIb3DQEBCwUAA4IBAQBKOAurXdi+S5QKYpAxzD1uL/bYBcmPCeveJYChhWZ8
rw/GRkPXZy1Hr0DPXK01J3rRnFH+lOusOdT1EfckcKEih5eBIWW6xOZgQIELBZYo
7lYP6n1FZa87TF5aCZUQfKKfKC6nxMzEe89yYWFbyqop3zzo0GkH3opJSs8tjuFl
GIln49TgHW3G6U1SWEU8WAYSr2RM3AXEUnqyt9/2DLRkknsdOfIon4jNQrVhv6ll
i/aVhcWth9trvVuPcNy7W0NbCLOLjtjKUCuO75lUsBWNbg1W/1EFmS+xY2wnw7FG
+D1sM0bjxjtNfyTc9MZIk5ceW+wcjYqmF1NtK3GN5EuQ
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:04:09 2025 by rpki-client