Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/88wO49Y78qOfTgNWS-x1axS1x9w.roa
File: 88wO49Y78qOfTgNWS-x1axS1x9w.roa (raw, json)
Hash identifier: D18sUf/rpIJpE0O+sLXW2OGDO1EWyOpWUZnRfwZcPFI=
Subject key identifier: F3:CC:0E:E3:D6:3B:F2:A3:9F:4E:03:56:4B:EC:75:6B:14:B5:C7:DC
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 018CC56E28AD999D8533364F6B2924645952
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/88wO49Y78qOfTgNWS-x1axS1x9w.roa
Signing time: Mon 01 Jan 2024 14:29:40 +0000
ROA not before: Mon 01 Jan 2024 14:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 185.252.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:28:ad:99:9d:85:33:36:4f:6b:29:24:64:59:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jan 1 14:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3cc0ee3d63bf2a39f4e03564bec756b14b5c7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:21:b6:35:18:80:0d:ff:6d:7f:f3:2f:d9:83:
59:f4:82:84:4d:85:40:8e:1e:7a:0d:54:50:2f:64:
91:fd:7e:54:a8:85:db:65:de:b1:49:9b:92:7b:c8:
bd:21:7a:5e:e6:7a:92:32:a3:bc:d7:bf:40:ba:be:
c7:56:29:9c:9e:b4:6e:0d:5b:6a:d6:d5:2d:ef:d3:
13:e4:b3:10:d4:26:3e:93:33:01:69:27:d8:b3:c0:
f1:fc:86:30:d8:46:af:60:08:c9:a1:d0:b8:c4:cb:
0a:3c:b4:d0:3a:8a:4a:34:3b:93:d4:fd:c2:fb:75:
85:94:24:c2:29:c3:24:c3:21:9d:bc:4b:70:aa:75:
33:e0:9b:c1:68:74:fc:72:8d:47:6e:3c:4d:6e:ce:
cc:ad:d6:48:7b:7b:60:64:49:ce:58:ce:34:c7:ff:
f4:18:d5:03:75:61:90:e5:aa:3a:a3:88:b5:5e:28:
84:f3:56:88:c2:13:42:24:6f:0b:ec:01:83:15:f8:
4a:e5:52:10:b5:ca:b7:b5:06:ce:6d:65:da:79:4a:
7c:24:f1:40:e5:9d:bc:d8:67:23:56:c1:b6:84:2c:
91:fb:d2:ac:e7:f6:75:54:73:d6:9b:0a:f0:56:aa:
0e:44:ea:c6:57:e6:4b:77:c7:9c:8a:7b:a4:3a:f3:
e0:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CC:0E:E3:D6:3B:F2:A3:9F:4E:03:56:4B:EC:75:6B:14:B5:C7:DC
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/88wO49Y78qOfTgNWS-x1axS1x9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.212.0/24
Signature Algorithm: sha256WithRSAEncryption
61:a0:6f:ec:e6:73:e6:de:a8:cb:ee:1c:a3:ce:99:c3:6a:7e:
f3:bd:3e:11:8a:4d:f0:72:50:1f:18:61:91:fb:63:25:89:42:
77:9f:7b:0f:c7:46:03:c8:2e:6c:55:d8:fa:be:ba:e8:d9:20:
b3:b0:fc:88:72:42:65:a8:b7:af:ca:59:25:18:83:bc:aa:d6:
de:a8:2d:dd:2b:b7:b6:57:11:17:50:2b:8d:4d:cb:99:75:89:
10:ee:8b:10:d6:04:00:1d:4c:c3:ab:40:f5:98:8a:7c:20:3a:
12:6c:c7:83:1f:6b:6d:c0:49:d3:d3:a4:db:6d:bf:36:e0:b0:
4f:3c:ab:72:87:19:20:de:2b:dc:e1:81:36:eb:e0:25:25:8f:
f7:b2:4b:98:90:1d:7c:3a:d1:99:5c:c8:28:4c:3c:ed:bd:e6:
f8:7f:88:00:1c:2e:41:05:2c:c3:c4:4a:2f:be:90:70:53:c9:
35:a8:0e:46:6c:1d:da:c4:56:dd:eb:13:12:a2:f8:63:59:db:
80:c8:95:23:86:be:c1:f7:c7:e4:f2:81:70:6b:f8:20:8a:70:
80:c6:ea:42:63:b4:dc:06:f8:0d:0c:be:c4:85:56:72:da:89:
ea:3e:8e:f3:5a:1f:97:36:72:37:98:7a:8f:07:f4:dd:72:19:
6f:75:77:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbiitmZ2FMzZPaykkZFlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjQwMTAxMTQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NjMGVlM2Q2M2JmMmEzOWY0ZTAzNTY0YmVjNzU2YjE0YjVjN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiG2NRiADf9tf/Mv2YNZ9IKETYVA
jh56DVRQL2SR/X5UqIXbZd6xSZuSe8i9IXpe5nqSMqO8179Aur7HVimcnrRuDVtq
1tUt79MT5LMQ1CY+kzMBaSfYs8Dx/IYw2EavYAjJodC4xMsKPLTQOopKNDuT1P3C
+3WFlCTCKcMkwyGdvEtwqnUz4JvBaHT8co1HbjxNbs7MrdZIe3tgZEnOWM40x//0
GNUDdWGQ5ao6o4i1XiiE81aIwhNCJG8L7AGDFfhK5VIQtcq3tQbObWXaeUp8JPFA
5Z282GcjVsG2hCyR+9Ks5/Z1VHPWmwrwVqoOROrGV+ZLd8ecinukOvPgZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPMDuPWO/Kjn04DVkvsdWsUtcfcMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvODh3TzQ5WTc4cU9mVGdOV1MteDFheFMxeDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufzUMA0G
CSqGSIb3DQEBCwUAA4IBAQBhoG/s5nPm3qjL7hyjzpnDan7zvT4Rik3wclAfGGGR
+2MliUJ3n3sPx0YDyC5sVdj6vrro2SCzsPyIckJlqLevylklGIO8qtbeqC3dK7e2
VxEXUCuNTcuZdYkQ7osQ1gQAHUzDq0D1mIp8IDoSbMeDH2ttwEnT06Tbbb824LBP
PKtyhxkg3ivc4YE26+AlJY/3skuYkB18OtGZXMgoTDztveb4f4gAHC5BBSzDxEov
vpBwU8k1qA5GbB3axFbd6xMSovhjWduAyJUjhr7B98fk8oFwa/gginCAxupCY7Tc
BvgNDL7EhVZy2onqPo7zWh+XNnI3mHqPB/TdchlvdXfB
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:41:07 2025 by rpki-client