Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_VHh992tMxpBKEh6Z0dtmFQZ8pY.roa
File: _VHh992tMxpBKEh6Z0dtmFQZ8pY.roa (raw, json)
Hash identifier: CAU1FgOKbbQEmWv1hSraH0+Z4ZrZ0oE0U1pUJgIfUj0=
Subject key identifier: FD:51:E1:F7:DD:AD:33:1A:41:28:48:7A:67:47:6D:98:54:19:F2:96
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018D78960DDF7FC248B742C836BA74FCCA68
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_VHh992tMxpBKEh6Z0dtmFQZ8pY.roa
Signing time: Mon 05 Feb 2024 09:25:16 +0000
ROA not before: Mon 05 Feb 2024 09:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 85.254.8.0/21 maxlen: 21
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 05 Feb 2024 09:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:96:0d:df:7f:c2:48:b7:42:c8:36:ba:74:fc:ca:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 5 09:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd51e1f7ddad331a4128487a67476d985419f296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:f1:23:68:93:2f:b6:2c:bd:a1:07:17:2b:
69:87:58:10:b1:70:07:c6:c7:3f:bd:e5:c5:b6:5e:
36:de:b6:1b:cc:cd:89:61:37:f3:16:eb:30:73:d5:
56:7b:7b:83:44:81:e9:06:76:09:b8:a6:81:5d:66:
76:dc:b4:68:b7:34:13:22:b7:05:5e:3a:e2:e9:93:
17:86:82:da:cf:7d:d4:65:c8:a3:45:80:d8:06:bc:
32:94:37:33:05:f4:a8:8b:40:0b:05:d4:f3:7c:e1:
40:55:80:b3:18:2f:b4:06:0d:fd:67:3b:fc:13:73:
23:cd:d4:5e:88:2b:72:a0:8f:ab:34:3c:3c:0f:10:
1d:44:aa:ba:88:f3:8a:0d:b3:93:98:dd:73:19:8b:
8c:e4:ab:5b:c7:fc:30:db:dc:52:64:82:09:0b:dd:
ee:9c:6a:95:81:22:a1:90:18:03:d9:50:e0:2a:e1:
ad:fd:f5:25:dc:c4:f4:d8:13:4d:7c:23:16:fe:38:
96:7f:a4:94:5c:16:b9:0c:78:7e:9d:c8:36:9d:88:
17:d4:67:a9:07:64:e9:77:e0:ad:f0:18:8d:e5:ab:
9c:13:0f:9c:48:25:b9:a1:fb:a8:12:15:e4:01:02:
e4:a9:a9:48:9a:70:73:ce:9c:af:df:bd:d5:66:21:
e7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:51:E1:F7:DD:AD:33:1A:41:28:48:7A:67:47:6D:98:54:19:F2:96
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_VHh992tMxpBKEh6Z0dtmFQZ8pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.8.0/21
85.254.63.0/24
85.254.117.0-85.254.119.255
Signature Algorithm: sha256WithRSAEncryption
7d:32:40:d2:da:04:2d:7d:4f:c1:55:28:b5:d5:de:1e:99:ff:
be:a0:f3:8a:12:07:b0:f0:d9:7e:3b:a3:75:54:ff:77:4c:76:
02:b3:f1:33:6a:d3:67:f2:5c:4e:a1:1c:61:ab:5e:e2:c3:89:
c3:56:6f:2d:47:bb:14:89:10:1d:30:c4:e0:0e:22:bb:5b:60:
ae:12:8d:d1:70:6c:0c:99:85:db:62:ed:17:e6:db:a1:a1:76:
a2:3f:f6:17:f6:92:ea:0f:00:d2:6a:89:54:3b:a6:5b:ae:14:
cb:63:43:67:25:df:b6:b6:cc:10:a0:f8:fe:0a:f7:f6:d6:fe:
80:e7:f0:8b:95:a4:79:31:b8:91:9d:ed:f1:85:3d:b4:0c:ba:
42:9a:82:94:6c:85:83:9b:13:fe:3d:ee:90:8d:aa:e5:3c:14:
2a:54:c6:c3:16:d2:71:bf:de:6b:e5:6a:e4:ee:01:f9:f4:0e:
5d:62:16:f8:e4:91:0c:50:e9:88:70:5c:9e:d3:19:07:f0:9d:
10:8c:76:28:95:d2:a0:0c:db:43:58:cc:5f:60:c6:25:ff:22:
84:1b:ec:1f:95:98:b8:6e:b2:a2:4f:92:c1:ed:b7:52:23:0f:
44:92:c5:e6:ea:9f:11:7f:fd:ce:10:75:71:1e:e4:5d:49:5b:
4e:c8:75:a4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY14lg3ff8JIt0LINrp0/MpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMjA1MDkyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDUxZTFmN2RkYWQzMzFhNDEyODQ4N2E2NzQ3NmQ5ODU0MTlmMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqzxI2iTL7YsvaEHFytph1gQsXAH
xsc/veXFtl423rYbzM2JYTfzFuswc9VWe3uDRIHpBnYJuKaBXWZ23LRotzQTIrcF
Xjri6ZMXhoLaz33UZcijRYDYBrwylDczBfSoi0ALBdTzfOFAVYCzGC+0Bg39Zzv8
E3MjzdReiCtyoI+rNDw8DxAdRKq6iPOKDbOTmN1zGYuM5Ktbx/ww29xSZIIJC93u
nGqVgSKhkBgD2VDgKuGt/fUl3MT02BNNfCMW/jiWf6SUXBa5DHh+ncg2nYgX1Gep
B2Tpd+Ct8BiN5aucEw+cSCW5ofuoEhXkAQLkqalImnBzzpyv373VZiHnGQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP1R4ffdrTMaQShIemdHbZhUGfKWMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvX1ZIaDk5MnRNeHBCS0VoNlowZHRtRlFaOHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDVf4IAwQA
Vf4/MAwDBABV/nUDBANV/nAwDQYJKoZIhvcNAQELBQADggEBAH0yQNLaBC19T8FV
KLXV3h6Z/76g84oSB7Dw2X47o3VU/3dMdgKz8TNq02fyXE6hHGGrXuLDicNWby1H
uxSJEB0wxOAOIrtbYK4SjdFwbAyZhdti7Rfm26GhdqI/9hf2kuoPANJqiVQ7pluu
FMtjQ2cl37a2zBCg+P4K9/bW/oDn8IuVpHkxuJGd7fGFPbQMukKagpRshYObE/49
7pCNquU8FCpUxsMW0nG/3mvlauTuAfn0Dl1iFvjkkQxQ6YhwXJ7TGQfwnRCMdiiV
0qAM20NYzF9gxiX/IoQb7B+VmLhusqJPksHtt1IjD0SSxebqnxF//c4QdXEe5F1J
W07IdaQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:37:09 2025 by rpki-client