Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Cu07IdavkyGupqHGT6qA7B-bdoU.roa
File: Cu07IdavkyGupqHGT6qA7B-bdoU.roa (raw, json)
Hash identifier: XpvaFEIAkcg+7MntSR8UkmfGJTf9+7FkZP7SJBVJ6Nk=
Subject key identifier: 0A:ED:3B:21:D6:AF:93:21:AE:A6:A1:C6:4F:AA:80:EC:1F:9B:76:85
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 01942826A2BC585B329FCC6266E9120F2935
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Cu07IdavkyGupqHGT6qA7B-bdoU.roa
Signing time: Thu 02 Jan 2025 17:53:28 +0000
ROA not before: Thu 02 Jan 2025 17:53:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 185.224.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Jan 2025 21:29:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:a2:bc:58:5b:32:9f:cc:62:66:e9:12:0f:29:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 2 17:53:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aed3b21d6af9321aea6a1c64faa80ec1f9b7685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:19:84:e1:ad:59:0c:f5:09:09:51:bd:9f:91:
32:da:45:3c:9f:33:50:ff:22:4e:62:e9:bc:ba:bc:
9c:a4:c9:bd:39:57:94:53:8c:be:13:82:92:5f:4a:
45:28:2f:14:c7:fa:42:e0:46:14:99:eb:71:e2:55:
2a:fc:d1:39:f5:a1:a9:b6:ea:cd:55:fe:fc:86:49:
17:a0:7f:c0:3c:d5:d8:2e:b2:40:53:15:63:95:dc:
98:6a:35:56:eb:9d:59:f7:c3:a7:f1:aa:44:40:8d:
6b:d0:d5:34:71:4a:a2:c8:61:f9:3d:cc:f4:2a:d1:
a7:2a:e4:93:37:47:94:e4:0e:6f:d3:b1:f4:28:8a:
9f:c7:54:3d:2a:96:d3:69:d8:f9:df:b1:9e:00:8c:
74:8b:74:cb:ff:97:ce:ea:0b:b0:9c:75:d0:ac:1d:
28:ee:37:ee:fd:c0:97:82:d4:97:9e:b4:8b:5e:e6:
46:1d:de:f7:ad:b2:49:9d:75:06:f6:5e:85:f4:c0:
59:99:29:4a:68:56:16:09:42:44:1f:19:63:1e:67:
c3:83:5d:90:1f:a7:01:60:b6:4d:2b:60:6b:88:e9:
f1:65:2e:9d:b6:74:41:fe:19:0d:93:ee:88:7e:28:
53:20:dd:1c:48:f3:d1:6d:c0:4f:66:1d:3b:ed:4e:
07:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:ED:3B:21:D6:AF:93:21:AE:A6:A1:C6:4F:AA:80:EC:1F:9B:76:85
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/Cu07IdavkyGupqHGT6qA7B-bdoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.217.0/24
Signature Algorithm: sha256WithRSAEncryption
37:19:b5:9e:8d:23:0d:83:cb:9a:cd:05:16:6a:3a:1f:70:42:
fb:82:e4:82:03:7e:f3:30:5a:a1:48:c6:ba:de:17:a1:ad:d3:
67:63:af:b1:1b:c2:58:35:fe:28:4f:4e:a6:87:2e:9d:4a:90:
64:99:18:42:92:4b:84:23:ef:4e:e0:d6:fc:7a:99:13:0d:35:
49:64:2a:fd:4e:37:05:9d:17:e0:fa:ce:12:8c:d1:eb:2c:67:
34:3b:89:bb:41:39:b8:99:78:98:55:97:98:b9:68:2a:fb:36:
a1:e8:5f:e5:c9:26:1b:0b:bc:98:ff:2a:e2:2c:26:7f:f9:7d:
c9:96:de:ae:6e:8e:26:27:0d:fb:86:57:ff:52:91:97:60:15:
57:40:75:c8:84:d6:0b:f7:a8:c6:5c:33:e1:9e:fc:f2:44:a8:
b6:4d:c2:e7:8b:20:54:58:6f:01:81:bf:80:d3:89:57:1c:b5:
95:58:fb:f0:95:f6:54:d2:73:c2:74:4c:d0:72:f5:22:28:20:
9f:92:cf:90:35:b1:ef:6c:d1:c5:42:6c:8d:d2:c8:ef:a4:91:
a7:e2:32:a2:8a:5c:2e:d4:63:1b:f1:39:7f:d4:0e:60:dc:6d:
5a:4d:60:97:46:7d:c1:c2:76:6d:a8:c0:d6:4b:1b:67:28:67:
89:f8:ab:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJqK8WFsyn8xiZukSDyk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjUwMTAyMTc1MzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVkM2IyMWQ2YWY5MzIxYWVhNmExYzY0ZmFhODBlYzFmOWI3Njg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hmE4a1ZDPUJCVG9n5Ey2kU8nzNQ
/yJOYum8urycpMm9OVeUU4y+E4KSX0pFKC8Ux/pC4EYUmetx4lUq/NE59aGpturN
Vf78hkkXoH/APNXYLrJAUxVjldyYajVW651Z98On8apEQI1r0NU0cUqiyGH5Pcz0
KtGnKuSTN0eU5A5v07H0KIqfx1Q9KpbTadj537GeAIx0i3TL/5fO6guwnHXQrB0o
7jfu/cCXgtSXnrSLXuZGHd73rbJJnXUG9l6F9MBZmSlKaFYWCUJEHxljHmfDg12Q
H6cBYLZNK2BriOnxZS6dtnRB/hkNk+6IfihTIN0cSPPRbcBPZh077U4HkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArtOyHWr5Mhrqahxk+qgOwfm3aFMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvQ3UwN0lkYXZreUd1cHFIR1Q2cUE3Qi1iZG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueDZMA0G
CSqGSIb3DQEBCwUAA4IBAQA3GbWejSMNg8uazQUWajofcEL7guSCA37zMFqhSMa6
3hehrdNnY6+xG8JYNf4oT06mhy6dSpBkmRhCkkuEI+9O4Nb8epkTDTVJZCr9TjcF
nRfg+s4SjNHrLGc0O4m7QTm4mXiYVZeYuWgq+zah6F/lySYbC7yY/yriLCZ/+X3J
lt6ubo4mJw37hlf/UpGXYBVXQHXIhNYL96jGXDPhnvzyRKi2TcLniyBUWG8Bgb+A
04lXHLWVWPvwlfZU0nPCdEzQcvUiKCCfks+QNbHvbNHFQmyN0sjvpJGn4jKiilwu
1GMb8Tl/1A5g3G1aTWCXRn3BwnZtqMDWSxtnKGeJ+Kuj
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:01:33 2025 by rpki-client