Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/cflZIpBjjq-knuZUftB-PrPriIw.roa
File: cflZIpBjjq-knuZUftB-PrPriIw.roa (raw, json)
Hash identifier: STWpVg/3ivX/jNH2975EsFbl33v2uPQLg/MD/7P3ylM=
Subject key identifier: 71:F9:59:22:90:63:8E:AF:A4:9E:E6:54:7E:D0:7E:3E:B3:EB:88:8C
Certificate issuer: /CN=4020f4d4c7528d8a827ec724918fe2df534bd905
Certificate serial: 018F548A13A8CA08A9FA20210E6841B25FD2
Authority key identifier: 40:20:F4:D4:C7:52:8D:8A:82:7E:C7:24:91:8F:E2:DF:53:4B:D9:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCD01MdSjYqCfsckkY_i31NL2QU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/cflZIpBjjq-knuZUftB-PrPriIw.roa
Signing time: Tue 07 May 2024 19:31:26 +0000
ROA not before: Tue 07 May 2024 19:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40866
IP address blocks: 185.115.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 16:43:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:54:8a:13:a8:ca:08:a9:fa:20:21:0e:68:41:b2:5f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4020f4d4c7528d8a827ec724918fe2df534bd905
Validity
Not Before: May 7 19:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71f9592290638eafa49ee6547ed07e3eb3eb888c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:40:1a:6c:e8:5d:8c:51:f7:94:b1:b1:8d:
97:25:0c:2a:81:81:14:1e:f5:b2:22:89:24:a0:55:
d1:26:75:c2:16:8c:38:69:02:91:19:f5:6b:e2:d6:
fa:bb:dc:e0:9f:5c:58:63:1d:c5:ad:af:9b:a7:ac:
47:f9:9b:cc:d4:f5:6e:bb:c0:67:bc:ce:2a:91:89:
9f:b1:62:0c:3a:c2:46:bf:2a:ed:c4:65:1c:06:b1:
7f:f6:ba:c7:7f:ec:9e:c8:22:47:28:90:a9:7f:34:
e2:b1:7b:ea:86:03:69:d8:38:80:e9:75:76:b0:de:
cf:5f:8f:32:ea:3e:4c:8d:ce:c2:51:42:a2:a1:b4:
c2:be:ad:09:6a:68:79:8a:b2:d3:a5:81:fc:71:65:
24:dc:95:fd:9b:6b:a6:f2:0f:b8:ab:00:9f:5d:8a:
82:93:b5:eb:50:08:43:53:e5:97:a0:7f:b2:7c:e9:
68:62:39:d5:3c:8e:da:8e:0b:a5:7b:74:39:94:7f:
83:59:e5:3d:b2:dc:dc:1f:5d:f5:bb:82:07:2f:09:
b9:d0:b9:c8:d7:8e:c9:b7:c0:41:09:0d:23:b9:36:
62:c2:6c:9d:86:64:04:1b:a9:11:a5:7f:a3:ab:25:
88:2e:29:9c:96:07:84:63:62:13:fd:28:92:19:7e:
b3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F9:59:22:90:63:8E:AF:A4:9E:E6:54:7E:D0:7E:3E:B3:EB:88:8C
X509v3 Authority Key Identifier:
keyid:40:20:F4:D4:C7:52:8D:8A:82:7E:C7:24:91:8F:E2:DF:53:4B:D9:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCD01MdSjYqCfsckkY_i31NL2QU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/cflZIpBjjq-knuZUftB-PrPriIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/2f7a6e-e8c1-4f62-95f9-64bfb79900d6/1/QCD01MdSjYqCfsckkY_i31NL2QU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.160.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:61:03:94:1f:50:4c:e9:db:4a:06:cc:3d:63:df:d4:3f:9f:
42:93:ee:d2:be:d2:69:a8:00:0f:e2:82:d5:3c:3d:3f:31:31:
ec:e1:17:58:d2:09:ab:42:86:17:bd:d1:2f:f1:98:35:06:42:
77:bc:a6:8d:0d:bb:43:ac:78:2d:59:bd:56:55:bb:4a:70:3a:
58:4a:9b:16:e5:04:a7:ef:ea:6c:e9:02:97:4c:25:f8:37:88:
9d:b3:f0:4f:4d:60:28:58:47:7e:b5:d9:79:69:68:7e:af:19:
e8:2a:ac:3c:e4:2c:c2:18:37:48:01:58:ba:67:8e:a2:7a:11:
18:98:a9:24:ac:8c:23:65:5c:53:96:79:dc:b7:0c:2b:0a:7e:
04:47:2e:31:17:26:4f:9e:fa:f1:ff:ab:04:84:e5:ac:a4:71:
13:90:0d:bb:0c:72:d1:be:c9:44:74:e4:11:cf:7c:93:04:de:
79:49:1d:47:72:06:7d:1d:d6:ed:b7:a3:0e:3e:06:5f:0c:f8:
21:1c:c7:dd:14:f2:ac:eb:22:ff:f1:c3:0d:dd:ef:5a:df:c1:
ac:b7:e5:93:19:4f:63:55:c4:db:64:70:18:81:8e:ce:de:d4:
32:94:fd:c7:8c:95:41:2d:ef:31:26:6f:66:64:aa:d4:f1:69:
31:ef:6e:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9UihOoygip+iAhDmhBsl/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjBmNGQ0Yzc1MjhkOGE4MjdlYzcyNDkxOGZlMmRmNTM0
YmQ5MDUwHhcNMjQwNTA3MTkzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY5NTkyMjkwNjM4ZWFmYTQ5ZWU2NTQ3ZWQwN2UzZWIzZWI4ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIRAGmzoXYxR95SxsY2XJQwqgYEU
HvWyIokkoFXRJnXCFow4aQKRGfVr4tb6u9zgn1xYYx3Fra+bp6xH+ZvM1PVuu8Bn
vM4qkYmfsWIMOsJGvyrtxGUcBrF/9rrHf+yeyCJHKJCpfzTisXvqhgNp2DiA6XV2
sN7PX48y6j5Mjc7CUUKiobTCvq0Jamh5irLTpYH8cWUk3JX9m2um8g+4qwCfXYqC
k7XrUAhDU+WXoH+yfOloYjnVPI7ajgule3Q5lH+DWeU9stzcH131u4IHLwm50LnI
147Jt8BBCQ0juTZiwmydhmQEG6kRpX+jqyWILimclgeEY2IT/SiSGX6zwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHH5WSKQY46vpJ7mVH7Qfj6z64iMMB8GA1UdIwQY
MBaAFEAg9NTHUo2Kgn7HJJGP4t9TS9kFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNEMDFNZFNqWXFDZnNja2tZX2kzMU5MMlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yZjdhNmUtZThjMS00ZjYyLTk1Zjkt
NjRiZmI3OTkwMGQ2LzEvY2ZsWklwQmpqcS1rbnVaVWZ0Qi1QclByaUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8yZjdhNmUtZThjMS00ZjYyLTk1ZjktNjRiZmI3OTkwMGQ2
LzEvUUNEMDFNZFNqWXFDZnNja2tZX2kzMU5MMlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXOgMA0G
CSqGSIb3DQEBCwUAA4IBAQA/YQOUH1BM6dtKBsw9Y9/UP59Ck+7SvtJpqAAP4oLV
PD0/MTHs4RdY0gmrQoYXvdEv8Zg1BkJ3vKaNDbtDrHgtWb1WVbtKcDpYSpsW5QSn
7+ps6QKXTCX4N4ids/BPTWAoWEd+tdl5aWh+rxnoKqw85CzCGDdIAVi6Z46iehEY
mKkkrIwjZVxTlnnctwwrCn4ERy4xFyZPnvrx/6sEhOWspHETkA27DHLRvslEdOQR
z3yTBN55SR1HcgZ9Hdbtt6MOPgZfDPghHMfdFPKs6yL/8cMN3e9a38Gst+WTGU9j
VcTbZHAYgY7O3tQylP3HjJVBLe8xJm9mZKrU8Wkx725T
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:48:58 2025 by rpki-client