Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/0e0821-aee9-4b96-8776-590fb949d104/1/Cv3GseDw1SZWAgmgIYdEb2gG-UU.roa
File: Cv3GseDw1SZWAgmgIYdEb2gG-UU.roa (raw, json)
Hash identifier: xjz49tLEaQs7Qb2MWXjiNW7VzAx3mCSPBh+CYwN4KLQ=
Subject key identifier: 0A:FD:C6:B1:E0:F0:D5:26:56:02:09:A0:21:87:44:6F:68:06:F9:45
Certificate issuer: /CN=16a04ee04b12823e853ff243d36551e4ce683a73
Certificate serial: 018CC4937C0D7AA6678266377A811FAF1B6E
Authority key identifier: 16:A0:4E:E0:4B:12:82:3E:85:3F:F2:43:D3:65:51:E4:CE:68:3A:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FqBO4EsSgj6FP_JD02VR5M5oOnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/0e0821-aee9-4b96-8776-590fb949d104/1/Cv3GseDw1SZWAgmgIYdEb2gG-UU.roa
Signing time: Mon 01 Jan 2024 10:30:49 +0000
ROA not before: Mon 01 Jan 2024 10:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21459
IP address blocks: 185.203.60.0/22 maxlen: 24
217.68.64.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7c:0d:7a:a6:67:82:66:37:7a:81:1f:af:1b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16a04ee04b12823e853ff243d36551e4ce683a73
Validity
Not Before: Jan 1 10:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0afdc6b1e0f0d526560209a02187446f6806f945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f4:95:70:32:cb:69:99:77:93:93:30:f8:d0:
ec:5c:5f:13:3d:2b:39:5e:b6:5d:e5:f7:7c:fe:e5:
07:3a:ec:81:d2:26:89:e9:a5:a6:28:3f:56:a4:94:
e2:26:41:8c:00:3a:b8:43:df:5e:b7:c2:1e:81:72:
fa:8c:82:23:50:fb:6d:e7:0c:e8:7d:9e:c6:b6:52:
5f:56:b2:2e:3a:34:5c:39:9e:da:d1:37:d3:6c:29:
32:ff:3e:37:e5:6b:b6:d7:19:4c:24:bf:44:f2:e2:
fd:4a:83:95:5a:7a:b3:26:46:c5:c9:a6:9b:7f:9f:
5f:06:53:62:64:6d:ef:46:39:1e:3a:19:18:a7:48:
6b:2a:68:59:81:4e:1b:d6:56:37:52:e7:8c:39:c1:
07:dd:96:d4:0a:b3:91:59:46:48:7c:33:4c:08:70:
23:2f:d6:49:23:1e:33:ac:d7:b5:4d:a2:50:79:75:
92:09:8f:a1:c1:57:99:65:aa:50:c2:34:be:6b:25:
b2:b3:3f:65:e7:04:05:83:43:c6:0d:68:9f:13:77:
18:01:02:dd:fd:47:65:4e:1b:37:56:93:33:63:5f:
74:0f:cc:c0:2a:08:7a:e7:72:c9:52:b4:dc:18:68:
d0:72:8a:75:48:0e:47:ac:46:10:fb:c4:5e:b6:9c:
f0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FD:C6:B1:E0:F0:D5:26:56:02:09:A0:21:87:44:6F:68:06:F9:45
X509v3 Authority Key Identifier:
keyid:16:A0:4E:E0:4B:12:82:3E:85:3F:F2:43:D3:65:51:E4:CE:68:3A:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FqBO4EsSgj6FP_JD02VR5M5oOnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e0821-aee9-4b96-8776-590fb949d104/1/Cv3GseDw1SZWAgmgIYdEb2gG-UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/0e0821-aee9-4b96-8776-590fb949d104/1/FqBO4EsSgj6FP_JD02VR5M5oOnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.60.0/22
217.68.64.0/20
Signature Algorithm: sha256WithRSAEncryption
12:d5:82:5e:5b:d0:c1:eb:24:06:a1:26:69:5b:a4:78:51:78:
ca:1e:52:99:de:9a:02:63:35:0e:80:b8:0b:bb:f9:8e:09:87:
f1:21:9c:de:22:c3:20:69:47:c4:f8:86:e6:98:ce:aa:ec:78:
a1:f3:d8:98:c6:c8:64:ea:cd:1b:ea:c9:52:35:be:7d:33:54:
b0:84:c5:d9:5e:c4:6f:7b:b7:0d:24:1a:07:6e:c3:68:08:79:
b7:c4:85:99:92:2c:82:c7:c1:54:06:ce:82:8c:f6:b4:d4:38:
2d:88:49:fd:af:09:b7:4e:4a:8e:e6:02:49:6d:8a:b1:8d:af:
08:c6:a0:40:84:75:5c:e7:8b:14:06:73:5c:db:4a:54:28:6c:
8c:a1:7c:31:59:a2:0e:15:ea:db:e9:f9:bb:b6:8d:14:3a:7f:
4c:9a:42:19:4b:bc:5c:44:60:e0:fa:0f:f9:b6:66:3f:4c:de:
89:2b:00:ae:81:37:8a:c3:cb:a8:7f:93:f8:37:9e:97:17:d0:
25:9c:87:b9:4e:4c:d8:8f:e6:be:80:84:d5:32:34:6b:ad:31:
76:00:3a:b8:af:53:26:c3:c3:86:bd:ac:93:7c:50:b8:dd:49:
02:0e:b7:27:f8:db:58:d9:03:61:c2:0e:6b:d6:e7:98:7e:4b:
12:83:7f:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk3wNeqZngmY3eoEfrxtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YTA0ZWUwNGIxMjgyM2U4NTNmZjI0M2QzNjU1MWU0Y2U2
ODNhNzMwHhcNMjQwMTAxMTAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZkYzZiMWUwZjBkNTI2NTYwMjA5YTAyMTg3NDQ2ZjY4MDZmOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvSVcDLLaZl3k5Mw+NDsXF8TPSs5
XrZd5fd8/uUHOuyB0iaJ6aWmKD9WpJTiJkGMADq4Q99et8IegXL6jIIjUPtt5wzo
fZ7GtlJfVrIuOjRcOZ7a0TfTbCky/z435Wu21xlMJL9E8uL9SoOVWnqzJkbFyaab
f59fBlNiZG3vRjkeOhkYp0hrKmhZgU4b1lY3UueMOcEH3ZbUCrORWUZIfDNMCHAj
L9ZJIx4zrNe1TaJQeXWSCY+hwVeZZapQwjS+ayWysz9l5wQFg0PGDWifE3cYAQLd
/UdlThs3VpMzY190D8zAKgh653LJUrTcGGjQcop1SA5HrEYQ+8RetpzwxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAr9xrHg8NUmVgIJoCGHRG9oBvlFMB8GA1UdIwQY
MBaAFBagTuBLEoI+hT/yQ9NlUeTOaDpzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnFCTzRFc1NnajZGUF9KRDAyVlI1TTVvT25NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wZTA4MjEtYWVlOS00Yjk2LTg3NzYt
NTkwZmI5NDlkMTA0LzEvQ3YzR3NlRHcxU1pXQWdtZ0lZZEViMmdHLVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wZTA4MjEtYWVlOS00Yjk2LTg3NzYtNTkwZmI5NDlkMTA0
LzEvRnFCTzRFc1NnajZGUF9KRDAyVlI1TTVvT25NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucs8AwQE
2URAMA0GCSqGSIb3DQEBCwUAA4IBAQAS1YJeW9DB6yQGoSZpW6R4UXjKHlKZ3poC
YzUOgLgLu/mOCYfxIZzeIsMgaUfE+IbmmM6q7Hih89iYxshk6s0b6slSNb59M1Sw
hMXZXsRve7cNJBoHbsNoCHm3xIWZkiyCx8FUBs6CjPa01DgtiEn9rwm3TkqO5gJJ
bYqxja8IxqBAhHVc54sUBnNc20pUKGyMoXwxWaIOFerb6fm7to0UOn9MmkIZS7xc
RGDg+g/5tmY/TN6JKwCugTeKw8uof5P4N56XF9AlnIe5TkzYj+a+gITVMjRrrTF2
ADq4r1Mmw8OGvayTfFC43UkCDrcn+NtY2QNhwg5r1ueYfksSg3+b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:11 2025 by rpki-client