Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/bIZ74TIuRi7MOTRPukxdsBhXK1E.roa
File: bIZ74TIuRi7MOTRPukxdsBhXK1E.roa (raw, json)
Hash identifier: EjnBa0jfebG0N0I3J02p0J5fX/TYH6+0m0eTxbUE+Qo=
Subject key identifier: 6C:86:7B:E1:32:2E:46:2E:CC:39:34:4F:BA:4C:5D:B0:18:57:2B:51
Certificate issuer: /CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
Certificate serial: 018CC8DF16B0970CE994221A3FD840CC0804
Authority key identifier: C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/bIZ74TIuRi7MOTRPukxdsBhXK1E.roa
Signing time: Tue 02 Jan 2024 06:31:52 +0000
ROA not before: Tue 02 Jan 2024 06:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 185.136.128.0/22 maxlen: 24
2a03:a4e0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:16:b0:97:0c:e9:94:22:1a:3f:d8:40:cc:08:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c950d7b1975a3703ae27b31ad2f932ae46a4cc94
Validity
Not Before: Jan 2 06:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c867be1322e462ecc39344fba4c5db018572b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:41:1d:fc:dc:88:2f:59:97:be:85:90:74:20:
89:15:88:c4:49:b2:a3:b6:74:1e:96:0b:8d:5b:50:
04:65:96:68:d1:e1:f1:79:d9:b7:b6:76:14:a9:35:
45:f8:18:97:e0:4a:da:7f:46:19:49:bf:ea:e8:8d:
13:db:e9:8a:e5:c3:c7:2a:6b:21:d7:ab:2e:ea:c2:
6d:02:d7:69:c4:03:26:fb:ec:50:ad:48:95:1e:cf:
cd:88:d7:71:e0:49:45:9a:3f:60:20:4e:af:6f:f2:
e3:75:61:b4:ae:f5:77:e3:7c:5f:9c:fd:21:85:6b:
7f:c0:67:78:50:df:d8:a1:ba:b6:e8:39:72:8c:a8:
5e:1c:6e:f0:28:e7:b1:64:1d:b0:17:f8:45:4e:18:
a3:48:ff:3a:a7:36:92:9f:33:8e:e2:5c:bd:2b:0f:
e4:20:b5:45:9f:57:57:19:b1:20:40:77:8d:7b:fe:
af:e6:b4:84:0f:bf:aa:3d:9d:f3:c1:f5:2e:e9:de:
ad:3b:13:93:ce:f9:06:b5:14:83:7f:47:38:e7:f4:
31:6c:9f:25:4c:cc:a9:38:11:28:40:06:6c:00:f1:
49:e0:81:04:c9:13:34:be:ab:06:cb:3b:85:70:a5:
69:14:43:a9:b7:67:97:08:71:d6:e2:30:73:6f:7d:
be:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:86:7B:E1:32:2E:46:2E:CC:39:34:4F:BA:4C:5D:B0:18:57:2B:51
X509v3 Authority Key Identifier:
keyid:C9:50:D7:B1:97:5A:37:03:AE:27:B3:1A:D2:F9:32:AE:46:A4:CC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/bIZ74TIuRi7MOTRPukxdsBhXK1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0c7318-b348-4b24-b9e5-c6a8821adea9/1/yVDXsZdaNwOuJ7Ma0vkyrkakzJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.128.0/22
IPv6:
2a03:a4e0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:f5:4c:f2:4a:e2:f8:a2:fa:e7:92:a5:1b:44:e2:14:c6:01:
02:b3:39:da:1b:09:8b:6e:60:fd:0b:71:ef:cb:de:66:dc:d9:
d6:9a:58:13:df:58:ee:e0:7c:3c:fd:f3:8f:c9:24:1a:94:d9:
f9:98:8e:31:c3:b8:0a:e9:e2:32:6e:c9:66:56:21:4c:9c:44:
40:2c:f1:48:0b:ac:eb:37:17:aa:31:a8:69:14:97:5a:51:3f:
69:18:73:7e:04:cc:68:04:d1:75:99:6c:54:c6:0e:ee:c5:53:
5b:da:cb:f2:a6:2f:b8:43:20:5b:56:9c:19:6e:fd:9c:b6:97:
6b:f0:23:c2:a3:ba:f9:67:72:90:64:60:45:07:55:41:c0:0f:
26:a6:d0:6f:d9:4a:8f:78:c0:6c:5d:ea:6c:9d:82:52:5a:ed:
1e:33:48:95:be:40:34:13:09:20:f1:78:0d:17:af:11:c8:88:
31:b4:c5:2d:e2:1b:6e:93:9a:f1:7a:6d:12:a7:e7:f1:b3:e0:
11:fd:bf:3e:af:8f:e3:b4:5b:93:37:cb:46:68:69:4b:56:71:
f0:c3:f3:08:29:34:9c:ad:c8:a3:f5:7c:f5:fc:9e:1a:52:bd:
d0:d4:e7:39:0a:81:27:7a:3a:d0:6b:2c:8d:f4:b6:94:5f:2e:
8c:29:5e:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3xawlwzplCIaP9hAzAgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NTBkN2IxOTc1YTM3MDNhZTI3YjMxYWQyZjkzMmFlNDZh
NGNjOTQwHhcNMjQwMTAyMDYzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg2N2JlMTMyMmU0NjJlY2MzOTM0NGZiYTRjNWRiMDE4NTcyYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0Ed/NyIL1mXvoWQdCCJFYjESbKj
tnQelguNW1AEZZZo0eHxedm3tnYUqTVF+BiX4Eraf0YZSb/q6I0T2+mK5cPHKmsh
16su6sJtAtdpxAMm++xQrUiVHs/NiNdx4ElFmj9gIE6vb/LjdWG0rvV343xfnP0h
hWt/wGd4UN/Yobq26DlyjKheHG7wKOexZB2wF/hFThijSP86pzaSnzOO4ly9Kw/k
ILVFn1dXGbEgQHeNe/6v5rSED7+qPZ3zwfUu6d6tOxOTzvkGtRSDf0c45/QxbJ8l
TMypOBEoQAZsAPFJ4IEEyRM0vqsGyzuFcKVpFEOpt2eXCHHW4jBzb32+nwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGyGe+EyLkYuzDk0T7pMXbAYVytRMB8GA1UdIwQY
MBaAFMlQ17GXWjcDriezGtL5Mq5GpMyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVZEWHNaZGFOd091SjdNYTB2a3lya2FrekpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wYzczMTgtYjM0OC00YjI0LWI5ZTUt
YzZhODgyMWFkZWE5LzEvYklaNzRUSXVSaTdNT1RSUHVreGRzQmhYSzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wYzczMTgtYjM0OC00YjI0LWI5ZTUtYzZhODgyMWFkZWE5
LzEveVZEWHNaZGFOd091SjdNYTB2a3lya2FrekpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYiAMA0E
AgACMAcDBQAqA6TgMA0GCSqGSIb3DQEBCwUAA4IBAQBt9UzySuL4ovrnkqUbROIU
xgECsznaGwmLbmD9C3Hvy95m3NnWmlgT31ju4Hw8/fOPySQalNn5mI4xw7gK6eIy
bslmViFMnERALPFIC6zrNxeqMahpFJdaUT9pGHN+BMxoBNF1mWxUxg7uxVNb2svy
pi+4QyBbVpwZbv2ctpdr8CPCo7r5Z3KQZGBFB1VBwA8mptBv2UqPeMBsXepsnYJS
Wu0eM0iVvkA0Ewkg8XgNF68RyIgxtMUt4htuk5rxem0Sp+fxs+AR/b8+r4/jtFuT
N8tGaGlLVnHww/MIKTScrcij9Xz1/J4aUr3Q1Oc5CoEnejrQayyN9LaUXy6MKV4O
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:20:35 2025 by rpki-client