Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/fe0bf2-f838-408b-9843-6598910202a2/1/UR8gLV029eHOhSg0z5huwMLT81M.roa
File: UR8gLV029eHOhSg0z5huwMLT81M.roa (raw, json)
Hash identifier: zwL6QdpXPrh5b2zwjiyRSEGkF7qcu2xp5gghkPQNNp8=
Subject key identifier: 51:1F:20:2D:5D:36:F5:E1:CE:85:28:34:CF:98:6E:C0:C2:D3:F3:53
Certificate issuer: /CN=74e0d585f1ac85f54492cfc95e1dce0fc2f7970f
Certificate serial: 0193E4CE370F34282FC808A4B392334786C6
Authority key identifier: 74:E0:D5:85:F1:AC:85:F5:44:92:CF:C9:5E:1D:CE:0F:C2:F7:97:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dODVhfGshfVEks_JXh3OD8L3lw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/fe0bf2-f838-408b-9843-6598910202a2/1/UR8gLV029eHOhSg0z5huwMLT81M.roa
Signing time: Fri 20 Dec 2024 16:02:19 +0000
ROA not before: Fri 20 Dec 2024 16:02:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209080
IP address blocks: 185.239.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:ce:37:0f:34:28:2f:c8:08:a4:b3:92:33:47:86:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e0d585f1ac85f54492cfc95e1dce0fc2f7970f
Validity
Not Before: Dec 20 16:02:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=511f202d5d36f5e1ce852834cf986ec0c2d3f353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:3a:50:d8:21:6f:e7:25:60:31:9c:2f:c5:
f5:21:47:69:af:d1:35:20:fd:8c:b8:fc:bb:62:ac:
26:f3:ed:86:d9:3f:58:84:24:36:cb:c9:32:06:aa:
a7:3b:bd:81:e8:c6:cc:ab:db:72:2c:fd:d0:f6:86:
3c:df:ab:48:d8:49:01:ca:ed:cd:00:4b:4a:68:e7:
3a:0c:91:e3:a1:27:8e:6e:ec:20:9d:a4:5c:f7:a4:
c3:a6:81:7a:e4:f8:8d:ca:c8:1a:7e:d0:ad:ec:a2:
02:d4:0e:14:3b:d0:56:2b:68:40:01:1d:18:bd:44:
f6:56:88:63:d8:68:31:47:84:d1:ff:f8:f3:c8:27:
58:d0:93:f3:a7:c6:34:00:9f:c2:b4:eb:4e:f1:2c:
e0:65:79:6d:93:1b:88:46:d9:27:fb:ec:f4:4e:f9:
df:4c:33:f1:55:0d:71:9f:55:e8:de:7e:50:ca:a0:
b9:56:6d:f7:a1:2f:bc:61:45:d3:1a:bc:67:25:6f:
8e:f6:f4:e4:74:c2:af:ed:6b:87:c6:44:91:ba:79:
01:48:61:9e:4b:c4:07:1f:0d:91:fd:b8:80:05:2e:
1a:54:dd:7b:70:5c:11:57:85:0c:e2:0b:12:a9:db:
b2:bb:b0:eb:e0:2c:17:a2:93:dd:9f:b3:b7:da:bc:
cb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1F:20:2D:5D:36:F5:E1:CE:85:28:34:CF:98:6E:C0:C2:D3:F3:53
X509v3 Authority Key Identifier:
keyid:74:E0:D5:85:F1:AC:85:F5:44:92:CF:C9:5E:1D:CE:0F:C2:F7:97:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dODVhfGshfVEks_JXh3OD8L3lw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/fe0bf2-f838-408b-9843-6598910202a2/1/UR8gLV029eHOhSg0z5huwMLT81M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/fe0bf2-f838-408b-9843-6598910202a2/1/dODVhfGshfVEks_JXh3OD8L3lw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.112.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:30:5b:d0:41:dd:8f:e0:0e:47:e5:30:90:01:ae:05:af:fa:
6d:40:4b:ed:58:09:2f:dd:6b:57:b9:4c:16:3b:12:61:89:ec:
1f:bc:ff:27:3c:61:6c:58:21:d1:ff:aa:06:0e:65:48:4d:15:
a2:b7:24:11:28:16:18:1a:bb:21:34:b9:06:f7:63:37:f7:da:
0b:1c:2a:da:25:f8:9b:8d:37:66:fd:2c:1d:8a:5e:9f:f1:f8:
cd:2c:93:6e:dc:69:8c:fb:1c:e3:dc:0d:01:50:43:f7:85:9a:
9a:13:72:61:4a:55:ab:f3:c0:38:d2:ca:4a:07:f6:d6:9f:85:
6d:0f:20:80:87:c1:3e:af:2f:e7:ca:a1:ba:fa:2c:2e:df:98:
c0:e2:64:19:56:e0:30:94:d2:b2:17:7f:89:48:f3:50:db:42:
7b:46:2a:6a:53:87:7e:28:98:8c:73:56:ed:9e:57:cb:a6:b7:
04:37:f3:ca:14:a6:ec:c1:13:24:c6:f7:07:d4:84:69:51:dd:
45:91:f4:a9:b0:67:bc:52:e5:76:e0:d1:71:0b:0f:5b:c9:11:
61:26:03:71:ff:6e:3c:41:18:b8:98:11:94:c2:6c:d2:25:71:
24:3c:96:c2:6c:fd:c5:c0:55:b3:55:30:9b:be:34:73:24:51:
97:75:e1:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPkzjcPNCgvyAiks5IzR4bGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTBkNTg1ZjFhYzg1ZjU0NDkyY2ZjOTVlMWRjZTBmYzJm
Nzk3MGYwHhcNMjQxMjIwMTYwMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFmMjAyZDVkMzZmNWUxY2U4NTI4MzRjZjk4NmVjMGMyZDNmMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygU6UNghb+clYDGcL8X1IUdpr9E1
IP2MuPy7Yqwm8+2G2T9YhCQ2y8kyBqqnO72B6MbMq9tyLP3Q9oY836tI2EkByu3N
AEtKaOc6DJHjoSeObuwgnaRc96TDpoF65PiNysgaftCt7KIC1A4UO9BWK2hAAR0Y
vUT2Vohj2GgxR4TR//jzyCdY0JPzp8Y0AJ/CtOtO8SzgZXltkxuIRtkn++z0Tvnf
TDPxVQ1xn1Xo3n5QyqC5Vm33oS+8YUXTGrxnJW+O9vTkdMKv7WuHxkSRunkBSGGe
S8QHHw2R/biABS4aVN17cFwRV4UM4gsSqduyu7Dr4CwXopPdn7O32rzLewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEfIC1dNvXhzoUoNM+YbsDC0/NTMB8GA1UdIwQY
MBaAFHTg1YXxrIX1RJLPyV4dzg/C95cPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9EVmhmR3NoZlZFa3NfSlhoM09EOEwzbHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9mZTBiZjItZjgzOC00MDhiLTk4NDMt
NjU5ODkxMDIwMmEyLzEvVVI4Z0xWMDI5ZUhPaFNnMHo1aHV3TUxUODFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9mZTBiZjItZjgzOC00MDhiLTk4NDMtNjU5ODkxMDIwMmEy
LzEvZE9EVmhmR3NoZlZFa3NfSlhoM09EOEwzbHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue9wMA0G
CSqGSIb3DQEBCwUAA4IBAQDTMFvQQd2P4A5H5TCQAa4Fr/ptQEvtWAkv3WtXuUwW
OxJhiewfvP8nPGFsWCHR/6oGDmVITRWityQRKBYYGrshNLkG92M399oLHCraJfib
jTdm/Swdil6f8fjNLJNu3GmM+xzj3A0BUEP3hZqaE3JhSlWr88A40spKB/bWn4Vt
DyCAh8E+ry/nyqG6+iwu35jA4mQZVuAwlNKyF3+JSPNQ20J7RipqU4d+KJiMc1bt
nlfLprcEN/PKFKbswRMkxvcH1IRpUd1FkfSpsGe8UuV24NFxCw9byRFhJgNx/248
QRi4mBGUwmzSJXEkPJbCbP3FwFWzVTCbvjRzJFGXdeE0
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:20:30 2025 by rpki-client