Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/OR-awUpoQ9ckq5oc92z31q3t5Nc.roa
File: OR-awUpoQ9ckq5oc92z31q3t5Nc.roa (raw, json)
Hash identifier: 1oh/TWPnM2RQnYa/1xloOY+vhK5/5JlyzCQhMRGz4lI=
Subject key identifier: 39:1F:9A:C1:4A:68:43:D7:24:AB:9A:1C:F7:6C:F7:D6:AD:ED:E4:D7
Certificate issuer: /CN=e9c4cd4118ddffee56e885663795547a1de3f98a
Certificate serial: 018CC64A17C1F9D97FDBBE804F286CBE4A68
Authority key identifier: E9:C4:CD:41:18:DD:FF:EE:56:E8:85:66:37:95:54:7A:1D:E3:F9:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6cTNQRjd_-5W6IVmN5VUeh3j-Yo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/OR-awUpoQ9ckq5oc92z31q3t5Nc.roa
Signing time: Mon 01 Jan 2024 18:29:53 +0000
ROA not before: Mon 01 Jan 2024 18:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35426
IP address blocks: 85.208.144.0/22 maxlen: 24
2a09:8740::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:17:c1:f9:d9:7f:db:be:80:4f:28:6c:be:4a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9c4cd4118ddffee56e885663795547a1de3f98a
Validity
Not Before: Jan 1 18:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391f9ac14a6843d724ab9a1cf76cf7d6adede4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9d:bc:e1:26:11:fb:b3:39:55:cb:f8:1c:af:
95:34:bd:27:03:47:aa:ea:36:0d:c2:ff:9f:08:5c:
db:70:bc:39:bd:98:b2:00:af:1f:8a:c6:db:9a:16:
45:61:fa:40:b9:1e:6d:b7:34:7c:fa:61:6b:ab:ab:
b7:c8:8c:1f:6c:23:a3:11:e6:0c:34:07:e0:bb:9a:
c3:12:f3:e5:40:f8:40:e9:2f:cd:2a:93:78:df:39:
30:a0:e0:00:6f:9f:ff:df:52:e0:77:88:90:e8:af:
98:65:df:de:17:78:be:0c:4e:f3:90:c1:a1:81:8f:
98:2e:0c:00:31:c1:a0:7f:e9:c3:7f:79:dc:36:ad:
06:a0:e1:db:d2:d0:1e:94:bb:c6:5a:df:af:67:5b:
8f:af:18:dc:aa:48:05:61:7e:e2:35:f7:a0:47:35:
1d:2b:03:d6:c0:f6:1a:ae:c5:47:fc:10:02:2e:4a:
8c:c5:39:47:f2:db:58:6e:84:f6:a7:42:1d:c3:8f:
a4:30:76:f7:05:5e:46:3b:fa:14:40:93:7f:45:f3:
da:d1:a5:e2:22:1b:b8:ee:94:21:ab:ba:70:b1:d4:
5e:3e:3e:bb:38:5c:e1:5c:0f:2a:d6:0b:25:2c:2a:
59:83:7d:38:03:de:83:02:8e:74:6e:8d:76:c3:86:
68:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1F:9A:C1:4A:68:43:D7:24:AB:9A:1C:F7:6C:F7:D6:AD:ED:E4:D7
X509v3 Authority Key Identifier:
keyid:E9:C4:CD:41:18:DD:FF:EE:56:E8:85:66:37:95:54:7A:1D:E3:F9:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6cTNQRjd_-5W6IVmN5VUeh3j-Yo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/OR-awUpoQ9ckq5oc92z31q3t5Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3f7da4-3631-4b03-ba84-6cb2d3b4437c/1/6cTNQRjd_-5W6IVmN5VUeh3j-Yo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.144.0/22
IPv6:
2a09:8740::/29
Signature Algorithm: sha256WithRSAEncryption
6d:7d:7e:a5:cd:69:0c:05:31:44:30:c9:d3:d3:95:52:f6:26:
db:8e:f3:b8:d7:b3:5a:3d:ef:5e:06:78:07:d2:55:f9:04:3a:
85:44:3b:d3:29:9f:83:4b:e2:0c:ff:f7:98:de:0b:36:07:5d:
0d:c0:2b:af:48:0e:c4:a7:0f:e1:11:8e:78:fb:0f:7b:9f:5c:
e1:d2:c1:01:6a:59:6d:22:d7:e3:a2:f8:03:73:e8:a1:c2:1c:
f9:ab:13:1d:ad:13:ce:b1:37:5f:55:28:2a:5c:f1:9e:f1:80:
4e:2b:cb:e4:64:68:2a:c0:a5:2c:ae:4f:38:e2:0f:a2:dc:18:
c1:df:2f:e7:31:b7:f2:f6:54:4c:a6:2d:e4:a2:7b:82:fe:a6:
48:fe:df:1b:52:30:87:9f:52:91:91:1b:79:17:85:e1:f0:fe:
c0:4b:79:07:25:7c:69:0b:69:f3:de:e0:bc:c3:52:a7:4f:89:
c5:3c:c9:d4:5e:37:c5:41:61:8f:bd:bb:61:dc:1e:4e:99:98:
1a:3a:3a:17:8b:17:6c:86:e2:33:63:61:f3:c9:bf:cb:4d:ff:
e5:26:3e:74:14:4d:54:c5:7b:d2:1b:2e:5f:a0:18:d7:c1:59:
14:b5:61:9d:56:66:72:ee:1f:83:b3:7d:3a:03:4a:c0:a5:ae:
65:e6:c2:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGShfB+dl/276ATyhsvkpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YzRjZDQxMThkZGZmZWU1NmU4ODU2NjM3OTU1NDdhMWRl
M2Y5OGEwHhcNMjQwMTAxMTgyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTFmOWFjMTRhNjg0M2Q3MjRhYjlhMWNmNzZjZjdkNmFkZWRlNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ284SYR+7M5Vcv4HK+VNL0nA0eq
6jYNwv+fCFzbcLw5vZiyAK8fisbbmhZFYfpAuR5ttzR8+mFrq6u3yIwfbCOjEeYM
NAfgu5rDEvPlQPhA6S/NKpN43zkwoOAAb5//31Lgd4iQ6K+YZd/eF3i+DE7zkMGh
gY+YLgwAMcGgf+nDf3ncNq0GoOHb0tAelLvGWt+vZ1uPrxjcqkgFYX7iNfegRzUd
KwPWwPYarsVH/BACLkqMxTlH8ttYboT2p0Idw4+kMHb3BV5GO/oUQJN/RfPa0aXi
Ihu47pQhq7pwsdRePj67OFzhXA8q1gslLCpZg304A96DAo50bo12w4ZoWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDkfmsFKaEPXJKuaHPds99at7eTXMB8GA1UdIwQY
MBaAFOnEzUEY3f/uVuiFZjeVVHod4/mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmNUTlFSamRfLTVXNklWbU41VlVlaDNqLVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zZjdkYTQtMzYzMS00YjAzLWJhODQt
NmNiMmQzYjQ0MzdjLzEvT1ItYXdVcG9ROWNrcTVvYzkyejMxcTN0NU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zZjdkYTQtMzYzMS00YjAzLWJhODQtNmNiMmQzYjQ0Mzdj
LzEvNmNUTlFSamRfLTVXNklWbU41VlVlaDNqLVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdCQMA0E
AgACMAcDBQMqCYdAMA0GCSqGSIb3DQEBCwUAA4IBAQBtfX6lzWkMBTFEMMnT05VS
9ibbjvO417NaPe9eBngH0lX5BDqFRDvTKZ+DS+IM//eY3gs2B10NwCuvSA7Epw/h
EY54+w97n1zh0sEBalltItfjovgDc+ihwhz5qxMdrRPOsTdfVSgqXPGe8YBOK8vk
ZGgqwKUsrk844g+i3BjB3y/nMbfy9lRMpi3konuC/qZI/t8bUjCHn1KRkRt5F4Xh
8P7AS3kHJXxpC2nz3uC8w1KnT4nFPMnUXjfFQWGPvbth3B5OmZgaOjoXixdshuIz
Y2Hzyb/LTf/lJj50FE1UxXvSGy5foBjXwVkUtWGdVmZy7h+Ds306A0rApa5l5sL+
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:50:30 2025 by rpki-client