Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bk_XqdLZdZins69TCv56TMjWT7c.roa
File: Bk_XqdLZdZins69TCv56TMjWT7c.roa (raw, json)
Hash identifier: kOHNSotONSWw8mkChxMi1s+ALaLjC7hNEp8J3W9DqJg=
Subject key identifier: 06:4F:D7:A9:D2:D9:75:98:A7:B3:AF:53:0A:FE:7A:4C:C8:D6:4F:B7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192B4A3AA2DC5E6EF54719A9B0BD91DCBBE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bk_XqdLZdZins69TCv56TMjWT7c.roa
Signing time: Tue 22 Oct 2024 14:31:17 +0000
ROA not before: Tue 22 Oct 2024 14:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 85.217.164.0/22 maxlen: 22
85.217.180.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:a3:aa:2d:c5:e6:ef:54:71:9a:9b:0b:d9:1d:cb:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 22 14:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=064fd7a9d2d97598a7b3af530afe7a4cc8d64fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e0:7a:50:d1:c4:8d:83:75:6b:2c:70:32:85:
d1:7b:59:0f:3c:9c:cc:bc:fd:9c:01:dd:a7:25:6e:
1b:e6:2c:9b:a6:0c:10:70:50:24:ec:50:ec:9d:de:
26:2b:97:09:ea:aa:fe:41:fb:c3:66:d1:80:d2:7a:
94:10:98:0f:e4:a4:b8:66:58:85:62:6e:b4:47:79:
c3:38:d1:e4:99:8d:f8:86:23:82:98:7a:c8:72:dd:
e9:67:eb:b8:17:8f:22:6d:21:1e:f5:a2:7a:ff:d4:
d5:55:8d:69:18:51:52:66:49:9c:5f:a5:e5:4f:6d:
e6:eb:6a:15:69:4c:2e:3f:5f:59:b0:d3:60:b2:a4:
9b:74:72:e4:90:0a:97:20:3b:df:91:55:9c:ab:d4:
11:ba:27:20:82:fc:f4:29:28:1b:d7:12:d3:f4:f4:
30:91:de:07:ce:5b:b2:b7:b7:1c:8e:5a:0d:58:63:
78:c4:4b:97:7a:19:0d:5b:3a:a3:bf:77:c1:5e:53:
fd:54:6b:0f:be:a4:b3:8b:69:98:15:9c:0b:58:c4:
e6:65:55:bc:ab:22:0e:e2:62:f9:ed:38:3b:7a:26:
52:2a:b8:d8:7b:db:1a:b2:38:f7:2e:1b:a9:a7:9d:
06:b5:e7:8a:11:3c:81:00:ad:3b:86:38:ba:97:65:
3e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4F:D7:A9:D2:D9:75:98:A7:B3:AF:53:0A:FE:7A:4C:C8:D6:4F:B7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bk_XqdLZdZins69TCv56TMjWT7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/22
85.217.180.0/22
Signature Algorithm: sha256WithRSAEncryption
09:52:26:1c:d3:41:21:d2:ec:34:69:48:49:b1:55:99:a4:21:
a5:1b:48:de:72:08:ea:1a:1b:b3:12:bb:c1:8a:5a:26:11:0b:
8e:1f:3c:e6:c2:5e:81:e8:a2:ca:c0:58:3d:a8:90:49:1b:1c:
f9:7f:5e:8b:b5:2b:4e:cd:42:11:7d:be:d4:ec:31:1c:8b:53:
e3:fa:2b:6c:81:67:f1:7e:93:96:69:69:47:9e:23:52:20:7d:
45:a0:86:f6:e5:3e:f3:c6:ee:55:70:17:bc:66:9e:7d:01:0b:
a0:1e:56:14:3a:de:e9:97:0f:86:ce:1c:35:1a:1c:11:1c:df:
1d:94:03:ec:b3:30:c8:be:7d:03:69:fb:40:0d:86:ed:e5:3b:
91:2f:da:8a:63:44:66:15:1f:65:e3:39:c4:1e:10:85:72:cf:
e5:50:b8:1c:ea:bf:b8:92:5d:26:05:90:ea:81:9e:bd:48:e6:
1c:61:50:02:08:a0:d1:21:e2:b2:5c:30:8e:41:0c:5e:eb:3a:
80:47:6a:6d:91:ab:ee:ce:21:91:e1:32:d6:08:47:c2:d0:ed:
06:85:af:cc:14:22:58:f2:bf:95:9d:84:37:ef:92:53:ef:90:
4b:f0:14:59:d0:b7:5a:43:c2:6a:ec:2d:8c:e9:00:0d:75:b8:
a0:e7:d4:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK0o6otxebvVHGamwvZHcu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIyMTQzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjRmZDdhOWQyZDk3NTk4YTdiM2FmNTMwYWZlN2E0Y2M4ZDY0ZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+B6UNHEjYN1ayxwMoXRe1kPPJzM
vP2cAd2nJW4b5iybpgwQcFAk7FDsnd4mK5cJ6qr+QfvDZtGA0nqUEJgP5KS4ZliF
Ym60R3nDONHkmY34hiOCmHrIct3pZ+u4F48ibSEe9aJ6/9TVVY1pGFFSZkmcX6Xl
T23m62oVaUwuP19ZsNNgsqSbdHLkkAqXIDvfkVWcq9QRuicggvz0KSgb1xLT9PQw
kd4Hzluyt7ccjloNWGN4xEuXehkNWzqjv3fBXlP9VGsPvqSzi2mYFZwLWMTmZVW8
qyIO4mL57Tg7eiZSKrjYe9sasjj3Lhupp50GteeKETyBAK07hji6l2U+mQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAZP16nS2XWYp7OvUwr+ekzI1k+3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQmtfWHFkTFpkWmluczY5VEN2NTZUTWpXVDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVdmkAwQC
Vdm0MA0GCSqGSIb3DQEBCwUAA4IBAQAJUiYc00Eh0uw0aUhJsVWZpCGlG0jecgjq
GhuzErvBilomEQuOHzzmwl6B6KLKwFg9qJBJGxz5f16LtStOzUIRfb7U7DEci1Pj
+itsgWfxfpOWaWlHniNSIH1FoIb25T7zxu5VcBe8Zp59AQugHlYUOt7plw+Gzhw1
GhwRHN8dlAPsszDIvn0DaftADYbt5TuRL9qKY0RmFR9l4znEHhCFcs/lULgc6r+4
kl0mBZDqgZ69SOYcYVACCKDRIeKyXDCOQQxe6zqAR2ptkavuziGR4TLWCEfC0O0G
ha/MFCJY8r+VnYQ375JT75BL8BRZ0LdaQ8Jq7C2M6QANdbig59RM
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:33:18 2025 by rpki-client