Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/hd9PB0kYB6sqhK8rDQow9bRbvgI.roa
File: hd9PB0kYB6sqhK8rDQow9bRbvgI.roa (raw, json)
Hash identifier: 2cSId57jJDHM48gVarhYmfN9ze4MaA2ujVYED/yNgoQ=
Subject key identifier: 85:DF:4F:07:49:18:07:AB:2A:84:AF:2B:0D:0A:30:F5:B4:5B:BE:02
Certificate issuer: /CN=111b09710acdb72086d658e90d8f025fa6a111b1
Certificate serial: 018CC56E62FE9D8F7A464DDE8005DE9D0150
Authority key identifier: 11:1B:09:71:0A:CD:B7:20:86:D6:58:E9:0D:8F:02:5F:A6:A1:11:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERsJcQrNtyCG1ljpDY8CX6ahEbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/hd9PB0kYB6sqhK8rDQow9bRbvgI.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395743
IP address blocks: 185.101.14.0/24 maxlen: 24
185.101.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:62:fe:9d:8f:7a:46:4d:de:80:05:de:9d:01:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111b09710acdb72086d658e90d8f025fa6a111b1
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85df4f07491807ab2a84af2b0d0a30f5b45bbe02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:60:d4:65:a0:e5:81:58:65:5c:5d:02:65:95:
c4:92:6e:4c:64:87:10:8a:d2:2d:f8:e1:1f:ae:b2:
a9:25:a1:b6:ec:b7:e4:0a:85:35:15:fd:7e:20:5b:
78:65:c0:a7:f8:67:ab:c3:fd:51:c3:0e:60:3f:be:
08:4f:97:78:31:df:28:7e:79:97:b4:4b:cf:43:39:
39:1c:06:c9:c1:1e:b9:4a:8c:90:a1:f5:a6:d3:00:
ca:47:f8:6b:e8:1a:33:ab:f8:45:54:f1:4f:6a:35:
08:b4:c4:00:dc:e3:f9:69:10:97:70:86:5b:1e:c9:
c4:77:d7:0a:28:8f:51:4c:d8:21:3d:7a:0e:d1:26:
b1:f1:11:39:84:33:68:f3:ce:57:4b:1b:f9:a3:03:
57:dc:a8:e0:f4:ad:41:6a:86:b8:80:ac:96:5e:41:
f0:8c:27:06:6c:b3:60:e0:c4:1a:9c:70:ad:8c:ea:
19:76:41:b9:8f:29:8b:e9:7e:d1:9d:72:70:f9:be:
51:44:f4:59:ff:70:1f:3c:12:e8:75:26:cf:e8:94:
36:46:71:3e:2a:5b:2b:3c:30:cc:4f:6b:6a:15:93:
29:bb:77:2b:20:db:64:81:a0:2f:99:f4:99:1c:e9:
2d:63:77:6e:52:5f:30:30:1b:43:92:1b:f3:d0:27:
02:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DF:4F:07:49:18:07:AB:2A:84:AF:2B:0D:0A:30:F5:B4:5B:BE:02
X509v3 Authority Key Identifier:
keyid:11:1B:09:71:0A:CD:B7:20:86:D6:58:E9:0D:8F:02:5F:A6:A1:11:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERsJcQrNtyCG1ljpDY8CX6ahEbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/hd9PB0kYB6sqhK8rDQow9bRbvgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1cd134-4d03-4fcd-b229-7bf0356a6bab/1/ERsJcQrNtyCG1ljpDY8CX6ahEbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.12.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:6c:bb:2c:d2:cc:5c:64:5e:61:2e:6b:2f:90:dd:e7:59:82:
58:be:73:8b:24:c7:08:68:9b:c6:6e:83:d3:80:1d:61:6c:92:
36:55:36:90:c1:68:dc:bc:8b:ab:f7:08:d8:81:8e:c4:f6:93:
a9:05:e0:c9:13:50:4d:98:93:72:fe:59:a9:7c:88:34:f7:f1:
da:27:8b:4e:c1:0d:e6:06:d4:db:23:e0:26:f3:c5:61:53:a8:
25:f8:b3:3c:a3:c2:4f:74:cf:3d:cf:db:01:fc:02:cf:c8:f5:
da:d4:e6:9b:a7:54:40:35:f6:d8:67:c0:8a:b1:ec:4c:6d:fd:
1e:41:b5:eb:d7:cf:90:79:81:58:f3:14:c5:fc:9a:b2:48:ac:
0b:1b:7e:3f:c4:cd:64:aa:37:0c:c8:c2:7a:b4:40:9f:3d:0e:
8c:21:44:53:ee:b7:2b:56:20:bf:60:90:67:4d:9c:8b:59:cc:
91:30:49:e2:7a:cb:e3:5e:33:dd:de:15:96:88:2f:87:df:83:
08:4d:c2:e7:06:c7:4a:c5:c8:11:9e:94:17:a3:7f:87:11:54:
cd:86:24:d8:e3:81:5b:63:85:43:0c:a6:a4:93:bc:fc:e5:e2:
29:f9:f9:53:d9:04:1f:21:65:99:a5:4f:d6:ae:1a:3b:c4:69:
23:35:51:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbmL+nY96Rk3egAXenQFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWIwOTcxMGFjZGI3MjA4NmQ2NThlOTBkOGYwMjVmYTZh
MTExYjEwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRmNGYwNzQ5MTgwN2FiMmE4NGFmMmIwZDBhMzBmNWI0NWJiZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWDUZaDlgVhlXF0CZZXEkm5MZIcQ
itIt+OEfrrKpJaG27LfkCoU1Ff1+IFt4ZcCn+Gerw/1Rww5gP74IT5d4Md8ofnmX
tEvPQzk5HAbJwR65SoyQofWm0wDKR/hr6Bozq/hFVPFPajUItMQA3OP5aRCXcIZb
HsnEd9cKKI9RTNghPXoO0Sax8RE5hDNo885XSxv5owNX3Kjg9K1Baoa4gKyWXkHw
jCcGbLNg4MQanHCtjOoZdkG5jymL6X7RnXJw+b5RRPRZ/3AfPBLodSbP6JQ2RnE+
KlsrPDDMT2tqFZMpu3crINtkgaAvmfSZHOktY3duUl8wMBtDkhvz0CcCZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXfTwdJGAerKoSvKw0KMPW0W74CMB8GA1UdIwQY
MBaAFBEbCXEKzbcghtZY6Q2PAl+moRGxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJzSmNRck50eUNHMWxqcERZOENYNmFoRWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xY2QxMzQtNGQwMy00ZmNkLWIyMjkt
N2JmMDM1NmE2YmFiLzEvaGQ5UEIwa1lCNnNxaEs4ckRRb3c5YlJidmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xY2QxMzQtNGQwMy00ZmNkLWIyMjktN2JmMDM1NmE2YmFi
LzEvRVJzSmNRck50eUNHMWxqcERZOENYNmFoRWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWUMMA0G
CSqGSIb3DQEBCwUAA4IBAQA7bLss0sxcZF5hLmsvkN3nWYJYvnOLJMcIaJvGboPT
gB1hbJI2VTaQwWjcvIur9wjYgY7E9pOpBeDJE1BNmJNy/lmpfIg09/HaJ4tOwQ3m
BtTbI+Am88VhU6gl+LM8o8JPdM89z9sB/ALPyPXa1Oabp1RANfbYZ8CKsexMbf0e
QbXr18+QeYFY8xTF/JqySKwLG34/xM1kqjcMyMJ6tECfPQ6MIURT7rcrViC/YJBn
TZyLWcyRMEniesvjXjPd3hWWiC+H34MITcLnBsdKxcgRnpQXo3+HEVTNhiTY44Fb
Y4VDDKakk7z85eIp+flT2QQfIWWZpU/Wrho7xGkjNVHF
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:46:57 2025 by rpki-client