Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/8pP3G_4huW4_3tG_vA5tXPe49uM.roa
File: 8pP3G_4huW4_3tG_vA5tXPe49uM.roa (raw, json)
Hash identifier: 8RFCdblnKr1DqpFko1JQ5QboiS3xnj9z8FACeA8Mts4=
Subject key identifier: F2:93:F7:1B:FE:21:B9:6E:3F:DE:D1:BF:BC:0E:6D:5C:F7:B8:F6:E3
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0193CB2F6B7CE6DC4AD382EFAF45E0DD1C33
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/8pP3G_4huW4_3tG_vA5tXPe49uM.roa
Signing time: Sun 15 Dec 2024 16:38:22 +0000
ROA not before: Sun 15 Dec 2024 16:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199654
IP address blocks: 2.56.164.0/24 maxlen: 24
185.227.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cb:2f:6b:7c:e6:dc:4a:d3:82:ef:af:45:e0:dd:1c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Dec 15 16:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f293f71bfe21b96e3fded1bfbc0e6d5cf7b8f6e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5e:79:34:67:5f:b4:64:23:75:65:3b:39:fe:
66:27:60:7a:e0:ce:a6:94:6d:fb:56:c7:0e:8a:b3:
9c:35:55:2e:fc:01:7a:99:65:42:29:a8:a5:5e:29:
ac:92:22:fc:88:8c:eb:59:12:3e:85:55:e2:91:e1:
40:00:2f:a8:7f:15:c0:8d:6d:db:b2:24:af:8e:67:
99:bc:84:aa:43:b6:fb:3d:4c:1c:aa:52:a0:05:1a:
40:89:93:8e:ab:17:d1:40:89:ad:ac:69:9a:1e:f7:
f9:e1:ba:21:53:a6:55:eb:99:bd:83:c6:50:79:13:
12:62:b5:ee:c7:2f:8b:04:79:47:43:75:1b:ab:71:
98:33:b4:a4:a6:42:b6:b5:d4:02:c3:e2:c7:65:d0:
73:02:04:dc:5b:54:a1:06:49:82:05:2e:dc:23:82:
c0:58:5f:66:7f:e3:f1:10:8f:f4:8d:b4:1b:31:e3:
42:75:53:cb:34:9a:20:2b:8d:6d:76:43:01:37:2e:
8c:cb:ca:6d:16:64:c2:ce:76:22:f2:91:59:52:04:
ff:07:23:67:6c:02:33:3f:2a:2e:9d:3e:fd:4e:50:
0a:dd:bd:e7:c5:eb:ea:36:ff:3e:b2:f9:f2:19:69:
63:f7:d5:94:f7:a0:39:d8:7e:02:3a:31:b7:0f:f5:
27:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:93:F7:1B:FE:21:B9:6E:3F:DE:D1:BF:BC:0E:6D:5C:F7:B8:F6:E3
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/8pP3G_4huW4_3tG_vA5tXPe49uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/24
185.227.70.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:52:9a:3b:12:9c:b9:b3:99:a9:5f:35:93:f1:ac:07:5e:37:
24:a2:44:e9:d3:9a:57:f2:22:92:8a:b7:4f:93:bc:de:39:7d:
ef:18:78:9a:03:e6:c6:6c:d8:dc:68:8b:1e:df:7f:d1:f3:92:
cc:64:67:ba:f1:40:ed:8b:2f:90:a7:dd:da:43:84:36:d4:ab:
d8:c7:5b:03:e7:79:92:b7:60:2a:46:41:60:0c:b9:c4:d1:6a:
54:b5:70:03:f1:1d:40:0f:2d:4b:2c:3a:79:bb:ce:38:3f:d4:
9b:68:1e:87:55:34:83:e6:03:77:5f:3f:a7:7e:3e:69:85:db:
07:6b:c5:33:dd:c9:e7:98:3c:6d:8b:b3:ed:32:f0:52:20:76:
78:36:70:da:58:70:fc:ba:c9:7a:5d:ea:3d:68:d5:c5:60:85:
4a:38:72:cb:b7:b0:41:0d:ef:82:ec:4d:26:fd:d8:b7:b5:a2:
c2:0d:48:ac:e6:cc:71:76:ef:cc:4a:f7:01:8f:d2:ff:67:e0:
be:b7:c8:8a:fa:b2:8a:35:49:da:9e:9d:47:13:98:e0:f4:02:
bf:9e:92:8e:63:23:0f:49:b3:f1:60:c6:ee:ac:44:29:c7:1b:
70:b9:07:ff:30:f3:5d:63:85:91:bb:46:d2:47:dc:6a:c1:e6:
c1:63:26:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPLL2t85txK04Lvr0Xg3RwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQxMjE1MTYzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjkzZjcxYmZlMjFiOTZlM2ZkZWQxYmZiYzBlNmQ1Y2Y3YjhmNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl55NGdftGQjdWU7Of5mJ2B64M6m
lG37VscOirOcNVUu/AF6mWVCKailXimskiL8iIzrWRI+hVXikeFAAC+ofxXAjW3b
siSvjmeZvISqQ7b7PUwcqlKgBRpAiZOOqxfRQImtrGmaHvf54bohU6ZV65m9g8ZQ
eRMSYrXuxy+LBHlHQ3Ubq3GYM7SkpkK2tdQCw+LHZdBzAgTcW1ShBkmCBS7cI4LA
WF9mf+PxEI/0jbQbMeNCdVPLNJogK41tdkMBNy6My8ptFmTCznYi8pFZUgT/ByNn
bAIzPyounT79TlAK3b3nxevqNv8+svnyGWlj99WU96A52H4COjG3D/Un6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPKT9xv+IbluP97Rv7wObVz3uPbjMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvOHBQM0dfNGh1VzRfM3RHX3ZBNXRYUGU0OXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjikAwQA
ueNGMA0GCSqGSIb3DQEBCwUAA4IBAQBMUpo7Epy5s5mpXzWT8awHXjckokTp05pX
8iKSirdPk7zeOX3vGHiaA+bGbNjcaIse33/R85LMZGe68UDtiy+Qp93aQ4Q21KvY
x1sD53mSt2AqRkFgDLnE0WpUtXAD8R1ADy1LLDp5u844P9SbaB6HVTSD5gN3Xz+n
fj5phdsHa8Uz3cnnmDxti7PtMvBSIHZ4NnDaWHD8usl6Xeo9aNXFYIVKOHLLt7BB
De+C7E0m/di3taLCDUis5sxxdu/MSvcBj9L/Z+C+t8iK+rKKNUnanp1HE5jg9AK/
npKOYyMPSbPxYMburEQpxxtwuQf/MPNdY4WRu0bSR9xqwebBYyaj
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:26:23 2025 by rpki-client