Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/26oa8CODwn2vMfUhIfkvEo_0bts.roa
File: 26oa8CODwn2vMfUhIfkvEo_0bts.roa (raw, json)
Hash identifier: zAAptls4e58p0KM3V5DO5eCsrFwuIjwcEtcH1B8u6TE=
Subject key identifier: DB:AA:1A:F0:23:83:C2:7D:AF:31:F5:21:21:F9:2F:12:8F:F4:6E:DB
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 018CC3B6F47858B62B400BC9A6970CD12037
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/26oa8CODwn2vMfUhIfkvEo_0bts.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200449
IP address blocks: 185.104.208.0/22 maxlen: 24
2a06:3340::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Nov 2024 21:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f4:78:58:b6:2b:40:0b:c9:a6:97:0c:d1:20:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbaa1af02383c27daf31f52121f92f128ff46edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:36:c2:b3:72:d2:79:fc:db:68:a0:c9:23:83:
8a:0b:7b:0e:df:2a:0a:37:68:9e:dc:f4:50:87:74:
82:62:cb:e4:54:c5:6b:55:fa:ab:87:7c:a7:88:80:
12:b9:ea:eb:0e:f8:d2:9e:dd:c2:ed:41:79:6f:aa:
43:10:e8:7f:ab:05:1a:17:7a:64:b7:20:c8:32:ec:
11:24:7e:96:a5:7b:84:42:e6:24:c7:0c:c0:84:7a:
ac:22:3e:5e:05:5f:37:ad:53:c0:93:49:32:50:a8:
59:76:41:73:a1:9b:8d:af:99:e0:27:0b:ec:44:b3:
4f:a1:29:bc:51:9a:76:63:44:dc:24:01:36:68:80:
f1:63:f4:d6:70:a3:95:6c:a4:ab:47:9d:78:02:a1:
da:b6:44:e6:43:6d:6b:5a:af:19:71:76:61:c4:0b:
a6:64:ad:23:2f:cb:05:94:32:a3:d7:16:2d:68:60:
36:1c:c4:42:c7:a9:38:e3:c0:89:2b:8c:be:51:d7:
68:7f:54:95:f1:1b:61:c7:ef:90:ba:e3:03:06:a0:
8a:ad:1f:75:78:80:7b:fc:11:99:6f:91:3d:8d:58:
a1:78:18:9b:2d:f4:b6:0d:83:16:b6:f5:de:d2:ea:
5b:84:f5:9c:f0:83:33:0c:0d:f8:cd:6c:6a:9a:20:
6b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AA:1A:F0:23:83:C2:7D:AF:31:F5:21:21:F9:2F:12:8F:F4:6E:DB
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/26oa8CODwn2vMfUhIfkvEo_0bts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.208.0/22
IPv6:
2a06:3340::/29
Signature Algorithm: sha256WithRSAEncryption
1f:df:f1:28:84:88:8c:43:3b:b0:85:f7:72:71:ae:8b:d8:cc:
ce:16:3e:3c:b8:58:1f:e3:16:b2:da:99:fa:cd:e0:51:ff:da:
6f:0f:82:0b:67:92:42:53:94:b2:39:d8:7e:41:be:e7:e3:a6:
51:f5:91:66:ef:79:67:8b:7d:92:e2:49:7f:ac:21:0f:c0:1b:
65:4b:d8:95:a1:e1:89:1f:36:69:31:67:bd:4a:6e:e0:06:0e:
e8:ef:0b:e0:85:e9:36:dd:9a:ea:e8:4e:6f:59:b4:e3:a9:a3:
db:e8:a2:28:8d:ff:02:a8:8c:26:17:9c:6d:28:4f:cf:a4:c5:
0a:0c:d7:25:a0:19:73:c8:e1:b8:67:01:1d:d7:9a:35:4c:94:
3d:2b:56:fd:db:3b:81:4d:f5:e7:e4:99:c9:3d:23:b9:3f:97:
9d:8d:b0:fa:85:c2:3b:3d:d0:b4:a5:7f:46:b4:9e:a7:55:5d:
4b:cb:9d:8d:b4:a2:eb:68:aa:25:60:36:c1:da:50:46:e0:74:
d9:2d:f4:49:79:a6:46:fd:6f:00:98:dc:34:0e:e3:f3:62:b3:
e0:bb:01:b6:82:cc:46:88:96:05:1b:2b:e3:7a:69:17:a0:cd:
59:7e:74:06:cc:2c:4d:e3:1c:ef:7a:47:1c:31:dd:4f:d7:f2:
3c:98:89:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtvR4WLYrQAvJppcM0SA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmFhMWFmMDIzODNjMjdkYWYzMWY1MjEyMWY5MmYxMjhmZjQ2ZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDbCs3LSefzbaKDJI4OKC3sO3yoK
N2ie3PRQh3SCYsvkVMVrVfqrh3yniIASuerrDvjSnt3C7UF5b6pDEOh/qwUaF3pk
tyDIMuwRJH6WpXuEQuYkxwzAhHqsIj5eBV83rVPAk0kyUKhZdkFzoZuNr5ngJwvs
RLNPoSm8UZp2Y0TcJAE2aIDxY/TWcKOVbKSrR514AqHatkTmQ21rWq8ZcXZhxAum
ZK0jL8sFlDKj1xYtaGA2HMRCx6k448CJK4y+Uddof1SV8Rthx++QuuMDBqCKrR91
eIB7/BGZb5E9jViheBibLfS2DYMWtvXe0upbhPWc8IMzDA34zWxqmiBr9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNuqGvAjg8J9rzH1ISH5LxKP9G7bMB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvMjZvYThDT0R3bjJ2TWZVaElma3ZFb18wYnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWjQMA0E
AgACMAcDBQMqBjNAMA0GCSqGSIb3DQEBCwUAA4IBAQAf3/EohIiMQzuwhfdyca6L
2MzOFj48uFgf4xay2pn6zeBR/9pvD4ILZ5JCU5SyOdh+Qb7n46ZR9ZFm73lni32S
4kl/rCEPwBtlS9iVoeGJHzZpMWe9Sm7gBg7o7wvghek23Zrq6E5vWbTjqaPb6KIo
jf8CqIwmF5xtKE/PpMUKDNcloBlzyOG4ZwEd15o1TJQ9K1b92zuBTfXn5JnJPSO5
P5edjbD6hcI7PdC0pX9GtJ6nVV1Ly52NtKLraKolYDbB2lBG4HTZLfRJeaZG/W8A
mNw0DuPzYrPguwG2gsxGiJYFGyvjemkXoM1ZfnQGzCxN4xzvekccMd1P1/I8mIlO
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:03:18 2025 by rpki-client