Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8mcsS_kfFBgXsYlwA4YqJd3Ob7M.roa
File: 8mcsS_kfFBgXsYlwA4YqJd3Ob7M.roa (raw, json)
Hash identifier: kHErlDviF1YJ68eY5MUirJuy/Rt+gIQ3Zy0jIwBQs58=
Subject key identifier: F2:67:2C:4B:F9:1F:14:18:17:B1:89:70:03:86:2A:25:DD:CE:6F:B3
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 019428269FDD1C2D5CB815CE346222DDD704
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8mcsS_kfFBgXsYlwA4YqJd3Ob7M.roa
Signing time: Thu 02 Jan 2025 17:53:27 +0000
ROA not before: Thu 02 Jan 2025 17:53:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200174
IP address blocks: 194.40.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 13:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:9f:dd:1c:2d:5c:b8:15:ce:34:62:22:dd:d7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 2 17:53:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2672c4bf91f141817b1897003862a25ddce6fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:02:cf:83:51:09:1d:03:fa:6b:36:a9:10:8a:
c7:f2:04:ab:53:55:24:9b:66:99:2b:dd:d8:9b:43:
c5:63:15:fe:e4:20:47:6a:db:47:54:95:af:ee:6f:
08:c5:c7:24:34:cc:e3:06:b2:10:b7:02:6d:18:c2:
0d:a4:16:6c:a9:54:e6:5c:10:fc:10:05:18:ee:e9:
8e:6d:eb:a4:49:24:cb:4d:3e:17:2d:db:6f:6d:1f:
cd:d5:23:60:3f:3b:98:ef:80:fb:3e:81:2f:1d:2f:
e0:8c:60:51:7b:33:4b:69:39:11:06:e7:7c:db:df:
f9:37:17:6c:39:28:32:ab:3e:37:9b:28:03:4d:f1:
d8:b4:c8:20:73:b8:ee:31:fd:1e:eb:5a:1a:0a:21:
48:51:6f:d8:b7:4f:57:ce:3d:25:a4:8e:c3:2b:0a:
d2:83:cc:5f:4f:db:73:b1:82:7e:91:37:9f:56:52:
19:60:1c:03:17:d7:a7:19:63:bb:cf:ff:58:ca:cf:
64:28:23:da:40:16:ea:11:2d:f5:3f:59:a8:b6:2d:
b6:d0:65:13:0f:d5:e2:fe:c3:07:11:f4:e3:61:d5:
f4:b6:cc:b3:0d:74:78:82:73:4c:3e:7a:b6:02:bd:
43:2a:00:b8:a5:14:65:61:2d:7b:f1:d6:24:7b:0d:
11:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:67:2C:4B:F9:1F:14:18:17:B1:89:70:03:86:2A:25:DD:CE:6F:B3
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/8mcsS_kfFBgXsYlwA4YqJd3Ob7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.40.242.0/24
Signature Algorithm: sha256WithRSAEncryption
65:af:2d:e0:0d:dc:73:ed:01:fa:32:62:64:20:0d:83:c3:0a:
29:30:26:a8:25:04:2b:c1:59:d2:4c:fe:84:5f:ef:5f:6a:b3:
38:70:83:20:c8:97:85:32:00:5a:66:2b:33:b3:b4:17:03:2a:
02:77:04:3b:ea:8c:21:c7:c0:2f:c0:bb:7f:5a:9f:cf:de:cd:
79:0d:60:fa:47:29:ff:ba:49:f3:ed:b7:e7:ff:8b:ff:c0:ac:
d5:3c:07:f5:fc:7a:46:08:72:8b:2e:f7:5e:5e:8e:ab:fc:f3:
00:55:d1:f4:a0:77:82:03:76:7a:84:df:f7:bd:68:30:6e:45:
6f:e8:52:b0:91:e9:0e:2e:d6:02:03:d4:7f:37:81:bd:8d:f2:
8d:12:35:bb:90:40:46:c1:83:b7:09:5f:54:21:cb:38:f6:c2:
32:5d:ac:de:68:68:42:81:96:24:65:95:c0:04:c7:c0:c0:8d:
d4:25:64:77:3d:4a:c1:cb:d4:b5:2c:cf:87:e3:13:56:fc:0c:
07:df:96:54:28:20:a2:02:0e:0f:db:b0:8d:fe:4f:1b:37:ec:
a8:3e:1a:6a:9e:49:fd:77:b0:0e:d1:a3:51:48:d7:3b:22:92:
6e:39:fa:3e:01:78:7f:15:41:0d:de:fa:47:fa:55:54:1e:40:
1e:fd:c5:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJp/dHC1cuBXONGIi3dcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMTAyMTc1MzI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY3MmM0YmY5MWYxNDE4MTdiMTg5NzAwMzg2MmEyNWRkY2U2ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgLPg1EJHQP6azapEIrH8gSrU1Uk
m2aZK93Ym0PFYxX+5CBHattHVJWv7m8IxcckNMzjBrIQtwJtGMINpBZsqVTmXBD8
EAUY7umObeukSSTLTT4XLdtvbR/N1SNgPzuY74D7PoEvHS/gjGBRezNLaTkRBud8
29/5NxdsOSgyqz43mygDTfHYtMggc7juMf0e61oaCiFIUW/Yt09Xzj0lpI7DKwrS
g8xfT9tzsYJ+kTefVlIZYBwDF9enGWO7z/9Yys9kKCPaQBbqES31P1moti220GUT
D9Xi/sMHEfTjYdX0tsyzDXR4gnNMPnq2Ar1DKgC4pRRlYS178dYkew0ReQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJnLEv5HxQYF7GJcAOGKiXdzm+zMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvOG1jc1Nfa2ZGQmdYc1lsd0E0WXFKZDNPYjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwijyMA0G
CSqGSIb3DQEBCwUAA4IBAQBlry3gDdxz7QH6MmJkIA2DwwopMCaoJQQrwVnSTP6E
X+9farM4cIMgyJeFMgBaZiszs7QXAyoCdwQ76owhx8AvwLt/Wp/P3s15DWD6Ryn/
uknz7bfn/4v/wKzVPAf1/HpGCHKLLvdeXo6r/PMAVdH0oHeCA3Z6hN/3vWgwbkVv
6FKwkekOLtYCA9R/N4G9jfKNEjW7kEBGwYO3CV9UIcs49sIyXazeaGhCgZYkZZXA
BMfAwI3UJWR3PUrBy9S1LM+H4xNW/AwH35ZUKCCiAg4P27CN/k8bN+yoPhpqnkn9
d7AO0aNRSNc7IpJuOfo+AXh/FUEN3vpH+lVUHkAe/cWG
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:07:18 2025 by rpki-client