Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/2WfNa7eHv-vnanINgiVCStxqrVM.roa
File: 2WfNa7eHv-vnanINgiVCStxqrVM.roa (raw, json)
Hash identifier: cyUGPojhw148GTwg+sjtF3ANybiNjWSQinoLXDVghS8=
Subject key identifier: D9:67:CD:6B:B7:87:BF:EB:E7:6A:72:0D:82:25:42:4A:DC:6A:AD:53
Certificate issuer: /CN=8afc31f36c97777f906b93e83ae657f00aeb3099
Certificate serial: 018CC492FBB08992F9C4182D9AF31F6C25F2
Authority key identifier: 8A:FC:31:F3:6C:97:77:7F:90:6B:93:E8:3A:E6:57:F0:0A:EB:30:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/2WfNa7eHv-vnanINgiVCStxqrVM.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205164
IP address blocks: 185.214.192.0/22 maxlen: 32
2a0c:f600::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fb:b0:89:92:f9:c4:18:2d:9a:f3:1f:6c:25:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8afc31f36c97777f906b93e83ae657f00aeb3099
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d967cd6bb787bfebe76a720d8225424adc6aad53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:68:31:0e:3f:84:e4:fe:d3:2e:f3:fc:f8:aa:
46:98:6d:4b:bb:cd:01:0c:01:a4:43:48:d4:b7:6d:
5e:44:24:c5:fe:f7:23:b4:c1:e5:8e:1e:2a:a3:04:
85:06:86:0a:a2:1b:67:4e:4c:96:71:26:02:9c:59:
4f:5f:a1:8f:a5:7c:1c:fd:36:a7:8a:22:7e:ca:c4:
46:42:c4:7c:e2:6d:88:71:bc:a3:1b:36:ba:80:64:
01:31:77:01:7e:8e:fe:7a:19:2f:7a:f7:e6:61:d9:
73:09:af:01:a7:1b:90:06:03:28:df:08:41:a6:4c:
12:8d:2f:f0:35:d2:7c:f1:1d:65:97:7a:46:d0:c3:
6b:b1:94:bd:3b:97:2f:03:26:bb:6f:43:7b:bd:39:
f7:15:45:31:35:3d:c9:ba:09:b7:40:a6:d2:90:48:
a3:d1:3d:42:d3:61:35:a9:0e:97:8d:87:a7:67:12:
ed:9e:22:49:05:5d:96:f4:1f:00:5a:33:25:ca:ff:
0b:28:84:95:d6:5b:cb:32:1e:d0:ce:ab:83:7c:c4:
a1:9c:3e:22:d7:e8:e6:4c:32:8d:38:6d:f3:d8:43:
59:11:41:2d:4d:1f:01:1a:d2:94:67:b0:83:52:8e:
41:49:da:db:2e:ce:27:30:a2:be:af:8d:09:4d:cd:
9b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:67:CD:6B:B7:87:BF:EB:E7:6A:72:0D:82:25:42:4A:DC:6A:AD:53
X509v3 Authority Key Identifier:
keyid:8A:FC:31:F3:6C:97:77:7F:90:6B:93:E8:3A:E6:57:F0:0A:EB:30:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/2WfNa7eHv-vnanINgiVCStxqrVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/ivwx82yXd3-Qa5PoOuZX8ArrMJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.192.0/22
IPv6:
2a0c:f600::/29
Signature Algorithm: sha256WithRSAEncryption
c3:d9:c0:b8:e5:7d:0c:dd:9e:65:4c:0f:0e:6c:7e:78:81:b9:
13:03:3e:a3:96:2e:fe:ae:bd:e8:59:bc:61:d7:ca:d7:fe:72:
dd:80:28:d8:fa:42:69:b4:bb:6d:f3:7e:a6:6e:6f:2f:ea:7a:
9d:a1:b5:ee:1e:34:84:c0:6b:4e:12:58:2f:43:34:62:04:f7:
b0:86:8f:dd:fc:ce:e7:04:6f:3a:83:4d:56:87:d8:c3:15:0a:
a3:39:eb:ba:4f:a5:ef:13:fe:43:c7:8d:26:34:92:0c:81:3c:
e9:78:a9:42:44:7c:dc:89:19:8b:5e:4b:02:5a:51:ac:2e:d4:
ee:f8:b8:2b:61:97:91:78:34:b8:f7:d6:0d:9a:d7:20:6a:dc:
d6:d8:f8:6e:5d:ab:c6:03:06:04:2d:6f:23:e4:33:bb:4e:f6:
cd:b9:6f:d5:1a:82:48:68:3d:48:1a:7d:7a:ce:ad:a2:76:bd:
00:16:c7:3c:8a:8c:b3:cd:34:b6:08:cc:56:a6:09:ca:7a:08:
a9:11:c3:09:80:4b:9f:ea:b8:14:ca:e2:7f:f5:c9:26:95:91:
3f:3f:11:8b:f5:68:e8:96:97:ae:34:4c:47:a3:86:b1:2a:b6:
1d:84:1a:ce:dd:73:4a:27:e8:95:b6:ed:0e:ec:8a:ba:00:29:
89:7a:8f:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkvuwiZL5xBgtmvMfbCXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZmMzMWYzNmM5Nzc3N2Y5MDZiOTNlODNhZTY1N2YwMGFl
YjMwOTkwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTY3Y2Q2YmI3ODdiZmViZTc2YTcyMGQ4MjI1NDI0YWRjNmFhZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2gxDj+E5P7TLvP8+KpGmG1Lu80B
DAGkQ0jUt21eRCTF/vcjtMHljh4qowSFBoYKohtnTkyWcSYCnFlPX6GPpXwc/Tan
iiJ+ysRGQsR84m2IcbyjGza6gGQBMXcBfo7+ehkvevfmYdlzCa8BpxuQBgMo3whB
pkwSjS/wNdJ88R1ll3pG0MNrsZS9O5cvAya7b0N7vTn3FUUxNT3Jugm3QKbSkEij
0T1C02E1qQ6XjYenZxLtniJJBV2W9B8AWjMlyv8LKISV1lvLMh7QzquDfMShnD4i
1+jmTDKNOG3z2ENZEUEtTR8BGtKUZ7CDUo5BSdrbLs4nMKK+r40JTc2bjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNlnzWu3h7/r52pyDYIlQkrcaq1TMB8GA1UdIwQY
MBaAFIr8MfNsl3d/kGuT6DrmV/AK6zCZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZ3eDgyeVhkMy1RYTVQb091Wlg4QXJyTUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kOWEwMDQtYjk1My00YzczLTgxZTQt
MDcxMTY5NDAwMGEwLzEvMldmTmE3ZUh2LXZuYW5JTmdpVkNTdHhxclZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kOWEwMDQtYjk1My00YzczLTgxZTQtMDcxMTY5NDAwMGEw
LzEvaXZ3eDgyeVhkMy1RYTVQb091Wlg4QXJyTUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudbAMA0E
AgACMAcDBQMqDPYAMA0GCSqGSIb3DQEBCwUAA4IBAQDD2cC45X0M3Z5lTA8ObH54
gbkTAz6jli7+rr3oWbxh18rX/nLdgCjY+kJptLtt836mbm8v6nqdobXuHjSEwGtO
ElgvQzRiBPewho/d/M7nBG86g01Wh9jDFQqjOeu6T6XvE/5Dx40mNJIMgTzpeKlC
RHzciRmLXksCWlGsLtTu+LgrYZeReDS499YNmtcgatzW2PhuXavGAwYELW8j5DO7
TvbNuW/VGoJIaD1IGn16zq2idr0AFsc8ioyzzTS2CMxWpgnKegipEcMJgEuf6rgU
yuJ/9ckmlZE/PxGL9WjolpeuNExHo4axKrYdhBrO3XNKJ+iVtu0O7Iq6ACmJeo+W
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:57 2025 by rpki-client