Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/x-8U_R7MCbBxUcVYMlbulNOpews.roa
File: x-8U_R7MCbBxUcVYMlbulNOpews.roa (raw, json)
Hash identifier: fOCP4OOvZ9i1uaBJxyryxy3RPgzn5IGMD07RtrEgVXc=
Subject key identifier: C7:EF:14:FD:1E:CC:09:B0:71:51:C5:58:32:56:EE:94:D3:A9:7B:0B
Certificate issuer: /CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Certificate serial: 018CC64ABDC764D9F5D221191FAEA11CE026
Authority key identifier: 16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/x-8U_R7MCbBxUcVYMlbulNOpews.roa
Signing time: Mon 01 Jan 2024 18:30:36 +0000
ROA not before: Mon 01 Jan 2024 18:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8695
IP address blocks: 185.1.39.0/24 maxlen: 24
2001:7f8:80::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:bd:c7:64:d9:f5:d2:21:19:1f:ae:a1:1c:e0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=169f4ed6620c8960521fbb81ff72e837dc0038af
Validity
Not Before: Jan 1 18:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7ef14fd1ecc09b07151c5583256ee94d3a97b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1d:c1:d6:a3:5e:f2:71:5f:a9:f2:9f:11:91:
e2:ba:b0:ea:e0:6e:f4:a2:80:6b:b2:6a:d3:13:81:
bb:63:e8:5e:52:62:a6:f2:0e:5c:cc:01:84:30:54:
d4:11:95:dc:93:c3:de:c7:28:9f:b6:c7:8b:ad:84:
41:b6:ec:a8:8e:db:40:2d:b6:df:ed:3d:d6:57:a5:
5c:a3:46:fe:ae:eb:57:a6:5a:0d:a1:f6:39:cd:9c:
f3:fd:af:66:b6:46:18:cf:ee:03:3a:c0:8f:a4:2d:
9c:63:9a:da:18:90:84:0d:d0:57:79:9f:ac:ad:e4:
39:06:0b:8a:16:c4:e7:a4:1a:d5:61:4c:58:62:5f:
2c:40:83:cc:0a:0a:6e:1f:91:1b:b5:07:17:fb:10:
98:be:f2:6f:da:2e:3e:d3:86:f6:bb:cd:bb:fb:0d:
0c:b5:ba:f1:d4:58:ce:a1:d7:96:fe:7d:c3:ae:10:
0b:6d:14:2b:90:8e:45:bc:5c:8f:27:0a:6c:3a:3c:
a8:9a:89:3a:5b:be:ed:eb:4f:a1:bc:a2:f6:70:2e:
7c:77:15:cf:71:7c:17:9e:19:3d:89:64:87:6a:0c:
57:7e:12:e9:ba:4d:f6:0f:df:05:d5:6d:6d:90:8d:
cd:91:7e:bf:6b:cd:59:9c:17:fd:f2:62:64:7e:13:
7e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:EF:14:FD:1E:CC:09:B0:71:51:C5:58:32:56:EE:94:D3:A9:7B:0B
X509v3 Authority Key Identifier:
keyid:16:9F:4E:D6:62:0C:89:60:52:1F:BB:81:FF:72:E8:37:DC:00:38:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/x-8U_R7MCbBxUcVYMlbulNOpews.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/bc6d1e-0146-4a35-8e9b-cf5fb042566a/1/Fp9O1mIMiWBSH7uB_3LoN9wAOK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.39.0/24
IPv6:
2001:7f8:80::/48
Signature Algorithm: sha256WithRSAEncryption
23:de:fb:fb:6d:ee:0a:95:64:27:cf:b3:5b:e9:07:24:28:ae:
20:bc:c0:fa:5d:4f:ce:07:1a:59:9d:30:b6:f9:4b:fb:9f:41:
ed:d0:14:0d:70:f7:3b:25:9d:6f:95:22:29:49:0b:c3:53:df:
06:09:5d:c0:08:e6:c9:c9:c1:41:7e:a1:94:a9:40:a8:d8:af:
79:c8:86:81:82:ce:43:2e:1c:9b:e7:6a:19:12:bd:41:c5:d1:
38:d3:7a:35:2b:8d:5e:86:03:40:01:b5:96:8b:5d:60:62:9a:
28:ef:a6:74:53:6b:cc:3e:aa:25:1d:6d:e3:d6:87:98:3b:57:
9e:b7:e5:1b:a2:02:58:de:66:4b:db:e2:66:98:9f:42:d7:38:
23:b8:57:e4:3c:5e:56:4a:bd:17:5f:a5:5a:e5:04:30:f0:51:
10:d3:19:3d:8f:31:09:61:a9:2e:48:22:30:09:53:4e:0d:7a:
2a:42:d9:e9:53:76:24:be:d7:a9:cc:4f:68:57:85:a5:7e:a8:
2c:62:70:74:db:a9:c4:ad:37:41:30:6d:9a:aa:7c:38:7c:de:
f4:e9:a2:08:37:45:db:41:77:8e:34:d7:21:9e:ea:e1:f1:49:
bc:c0:5c:26:c3:01:89:d4:67:77:c4:f3:af:fe:81:ec:43:80:
3c:04:f6:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSr3HZNn10iEZH66hHOAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OWY0ZWQ2NjIwYzg5NjA1MjFmYmI4MWZmNzJlODM3ZGMw
MDM4YWYwHhcNMjQwMTAxMTgzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2VmMTRmZDFlY2MwOWIwNzE1MWM1NTgzMjU2ZWU5NGQzYTk3YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh3B1qNe8nFfqfKfEZHiurDq4G70
ooBrsmrTE4G7Y+heUmKm8g5czAGEMFTUEZXck8PexyiftseLrYRBtuyojttALbbf
7T3WV6Vco0b+rutXploNofY5zZzz/a9mtkYYz+4DOsCPpC2cY5raGJCEDdBXeZ+s
reQ5BguKFsTnpBrVYUxYYl8sQIPMCgpuH5EbtQcX+xCYvvJv2i4+04b2u827+w0M
tbrx1FjOodeW/n3DrhALbRQrkI5FvFyPJwpsOjyomok6W77t60+hvKL2cC58dxXP
cXwXnhk9iWSHagxXfhLpuk32D98F1W1tkI3NkX6/a81ZnBf98mJkfhN+sQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMfvFP0ezAmwcVHFWDJW7pTTqXsLMB8GA1UdIwQY
MBaAFBafTtZiDIlgUh+7gf9y6DfcADivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWIt
Y2Y1ZmIwNDI1NjZhLzEveC04VV9SN01DYkJ4VWNWWU1sYnVsTk9wZXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iYzZkMWUtMDE0Ni00YTM1LThlOWItY2Y1ZmIwNDI1NjZh
LzEvRnA5TzFtSU1pV0JTSDd1Ql8zTG9OOXdBT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQEnMA8E
AgACMAkDBwAgAQf4AIAwDQYJKoZIhvcNAQELBQADggEBACPe+/tt7gqVZCfPs1vp
ByQoriC8wPpdT84HGlmdMLb5S/ufQe3QFA1w9zslnW+VIilJC8NT3wYJXcAI5snJ
wUF+oZSpQKjYr3nIhoGCzkMuHJvnahkSvUHF0TjTejUrjV6GA0ABtZaLXWBimijv
pnRTa8w+qiUdbePWh5g7V5635RuiAljeZkvb4maYn0LXOCO4V+Q8XlZKvRdfpVrl
BDDwURDTGT2PMQlhqS5IIjAJU04NeipC2elTdiS+16nMT2hXhaV+qCxicHTbqcSt
N0EwbZqqfDh83vTpogg3RdtBd4401yGe6uHxSbzAXCbDAYnUZ3fE86/+gexDgDwE
9vo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:14 2025 by rpki-client