Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/9rcQSxc8Su7KFFZeGc8WdZH8B3Y.roa
File: 9rcQSxc8Su7KFFZeGc8WdZH8B3Y.roa (raw, json)
Hash identifier: 8XLn9SHppaxDUDKsxGlCs0TquXIRpQbO14mDxrRnMCM=
Subject key identifier: F6:B7:10:4B:17:3C:4A:EE:CA:14:56:5E:19:CF:16:75:91:FC:07:76
Certificate issuer: /CN=cbe970980d565cc74adb294aa68c7b06f5132890
Certificate serial: 018CC7276136B829558F48011D4881C0B825
Authority key identifier: CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/9rcQSxc8Su7KFFZeGc8WdZH8B3Y.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203195
IP address blocks: 185.141.80.0/22 maxlen: 22
2a03:a8a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:61:36:b8:29:55:8f:48:01:1d:48:81:c0:b8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe970980d565cc74adb294aa68c7b06f5132890
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6b7104b173c4aeeca14565e19cf167591fc0776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:9a:cb:e4:0f:0f:8c:02:52:40:42:11:cf:
b2:7e:99:7b:01:d3:0b:3e:ed:4d:95:4a:2e:d2:fd:
ff:47:df:d2:59:ff:c3:c9:dd:95:5a:19:a5:36:b2:
87:63:ee:ff:d7:ba:be:1c:71:0a:33:77:5e:6b:c0:
20:f3:b9:64:24:6e:8f:9d:57:50:e9:bb:4c:a1:23:
2d:5f:ad:f2:a4:4f:70:1b:21:94:00:2d:63:a7:df:
c4:9c:8e:e0:75:47:96:77:49:f7:6f:84:29:a7:04:
2e:fa:8a:cb:ca:29:25:d7:d0:3e:b7:05:08:16:c1:
7f:8f:e7:35:c0:a6:13:e4:de:53:6b:47:c4:85:82:
33:83:36:2a:63:ed:d7:05:bf:9f:bb:ec:7e:4e:fe:
18:6c:cc:e6:b8:47:57:6e:66:53:32:16:bb:41:ed:
43:e6:09:40:d3:c0:94:92:aa:69:6d:9b:86:4d:a5:
d7:1b:55:48:44:60:f8:94:ca:b1:c0:05:2b:5e:b4:
3a:da:16:24:d8:d3:57:c8:c5:d9:63:40:f8:51:2f:
96:f0:6f:6e:30:68:a9:37:98:7e:49:b8:d0:b1:5e:
af:05:a6:ab:37:b6:22:8f:28:46:af:2e:7e:03:84:
31:10:13:18:d1:63:5a:a7:e4:1c:92:61:f5:73:ff:
26:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B7:10:4B:17:3C:4A:EE:CA:14:56:5E:19:CF:16:75:91:FC:07:76
X509v3 Authority Key Identifier:
keyid:CB:E9:70:98:0D:56:5C:C7:4A:DB:29:4A:A6:8C:7B:06:F5:13:28:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-lwmA1WXMdK2ylKpox7BvUTKJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/9rcQSxc8Su7KFFZeGc8WdZH8B3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/3dcf7b-1703-459f-ac0b-756a08a4adda/1/y-lwmA1WXMdK2ylKpox7BvUTKJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.80.0/22
IPv6:
2a03:a8a0::/29
Signature Algorithm: sha256WithRSAEncryption
20:6a:9c:d1:e7:ac:3c:97:0e:67:39:0c:13:fb:39:50:9a:02:
bf:60:38:2d:02:35:0e:39:ea:32:5b:ce:a3:ae:d1:91:8b:45:
ff:6e:22:fc:d8:13:03:4c:69:ea:d9:14:45:ef:62:d7:04:9e:
cc:cc:db:6c:ce:77:15:90:77:e7:54:ee:a1:54:85:f5:8b:09:
99:13:ef:a3:e6:e2:39:02:7f:08:4f:f9:11:0d:40:64:a0:7c:
56:2f:03:fe:1c:bc:95:d3:52:ff:1c:8a:50:e6:45:7a:4c:fc:
ca:89:13:f3:75:7c:f0:a5:3d:8d:bf:c2:73:52:9b:74:c7:7f:
f2:61:4c:46:56:b5:96:a8:de:39:af:d5:31:6d:8a:db:ca:2e:
c1:3b:b7:52:95:86:4a:80:4e:b7:46:4b:f8:6c:31:a8:b3:a5:
7b:10:81:40:b1:0a:21:cf:92:ed:b0:72:5a:e8:c7:cf:55:d9:
e9:9a:50:0c:19:7b:77:79:49:45:e8:78:28:d1:f5:5c:21:6b:
4f:6d:94:51:f4:a6:1c:b3:84:02:0c:c8:73:67:07:89:f2:d6:
ae:f7:02:61:52:a6:d3:92:8c:cc:df:c9:1f:50:c7:f8:71:ea:
33:d4:eb:e8:75:1e:6d:0e:61:25:b1:11:2e:f0:66:e3:37:65:
7d:8c:cb:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJ2E2uClVj0gBHUiBwLglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTk3MDk4MGQ1NjVjYzc0YWRiMjk0YWE2OGM3YjA2ZjUx
MzI4OTAwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmI3MTA0YjE3M2M0YWVlY2ExNDU2NWUxOWNmMTY3NTkxZmMwNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/6ay+QPD4wCUkBCEc+yfpl7AdML
Pu1NlUou0v3/R9/SWf/Dyd2VWhmlNrKHY+7/17q+HHEKM3dea8Ag87lkJG6PnVdQ
6btMoSMtX63ypE9wGyGUAC1jp9/EnI7gdUeWd0n3b4QppwQu+orLyikl19A+twUI
FsF/j+c1wKYT5N5Ta0fEhYIzgzYqY+3XBb+fu+x+Tv4YbMzmuEdXbmZTMha7Qe1D
5glA08CUkqppbZuGTaXXG1VIRGD4lMqxwAUrXrQ62hYk2NNXyMXZY0D4US+W8G9u
MGipN5h+SbjQsV6vBaarN7YijyhGry5+A4QxEBMY0WNap+QckmH1c/8mHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPa3EEsXPEruyhRWXhnPFnWR/Ad2MB8GA1UdIwQY
MBaAFMvpcJgNVlzHStspSqaMewb1EyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGIt
NzU2YTA4YTRhZGRhLzEvOXJjUVN4YzhTdTdLRkZaZUdjOFdkWkg4QjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8zZGNmN2ItMTcwMy00NTlmLWFjMGItNzU2YTA4YTRhZGRh
LzEveS1sd21BMVdYTWRLMnlsS3BveDdCdlVUS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY1QMA0E
AgACMAcDBQMqA6igMA0GCSqGSIb3DQEBCwUAA4IBAQAgapzR56w8lw5nOQwT+zlQ
mgK/YDgtAjUOOeoyW86jrtGRi0X/biL82BMDTGnq2RRF72LXBJ7MzNtszncVkHfn
VO6hVIX1iwmZE++j5uI5An8IT/kRDUBkoHxWLwP+HLyV01L/HIpQ5kV6TPzKiRPz
dXzwpT2Nv8JzUpt0x3/yYUxGVrWWqN45r9UxbYrbyi7BO7dSlYZKgE63Rkv4bDGo
s6V7EIFAsQohz5LtsHJa6MfPVdnpmlAMGXt3eUlF6Hgo0fVcIWtPbZRR9KYcs4QC
DMhzZweJ8tau9wJhUqbTkozM38kfUMf4ceoz1OvodR5tDmElsREu8GbjN2V9jMuL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:34 2025 by rpki-client