Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/y6ImEtUKxlbDmnYA9zzCvNTl8Q0.roa
File: y6ImEtUKxlbDmnYA9zzCvNTl8Q0.roa (raw, json)
Hash identifier: HdQVUCDY/Il6jlxa1Ie8V3VBLGFB9Fr5QnuCblut3ig=
Subject key identifier: CB:A2:26:12:D5:0A:C6:56:C3:9A:76:00:F7:3C:C2:BC:D4:E5:F1:0D
Certificate issuer: /CN=dd6daef6664a7529b629f3fd65004915230f1be9
Certificate serial: 018CCA99D72DDF3BCD7A28A96BBBA25F0259
Authority key identifier: DD:6D:AE:F6:66:4A:75:29:B6:29:F3:FD:65:00:49:15:23:0F:1B:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3W2u9mZKdSm2KfP9ZQBJFSMPG-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/y6ImEtUKxlbDmnYA9zzCvNTl8Q0.roa
Signing time: Tue 02 Jan 2024 14:35:28 +0000
ROA not before: Tue 02 Jan 2024 14:35:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197851
IP address blocks: 185.136.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:d7:2d:df:3b:cd:7a:28:a9:6b:bb:a2:5f:02:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd6daef6664a7529b629f3fd65004915230f1be9
Validity
Not Before: Jan 2 14:35:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cba22612d50ac656c39a7600f73cc2bcd4e5f10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:79:14:7d:d5:ca:e3:2e:16:19:35:22:af:
9f:d5:6e:1e:b8:ba:af:7e:66:8a:38:5d:ad:79:3e:
5a:47:2d:1c:64:6f:31:18:ec:96:bc:a3:7f:b5:6f:
0c:3e:b3:d8:70:08:4e:a4:1a:c4:d2:e3:87:40:61:
36:05:0c:a0:14:77:04:5f:00:f2:e0:ef:e2:c4:2e:
01:af:20:34:df:98:41:99:b8:8b:d9:6f:5a:44:a0:
f3:f3:96:78:ab:09:71:42:b2:44:0a:c9:b9:ad:7e:
c0:0b:65:01:33:c3:9c:3c:b8:63:fb:28:5c:b2:b2:
fb:b2:e9:35:b9:1a:a3:d0:3d:ca:d7:e8:e5:e0:95:
91:d3:6a:07:90:bd:5f:70:4d:06:5c:bf:23:58:98:
e1:71:90:63:f5:9c:c1:cd:05:c1:41:f8:76:b7:95:
eb:65:99:47:47:b8:48:88:b0:16:cd:52:44:fd:3f:
b0:cb:1c:e1:10:71:ba:54:66:f9:5b:57:4d:1a:14:
db:8e:ea:a5:cf:66:6d:aa:29:a2:1c:e7:dd:ee:e0:
7b:c7:78:3f:18:25:15:e6:51:f3:e1:d9:3c:1c:f3:
57:9f:70:78:ab:e8:15:09:1f:b9:5d:fa:bb:64:8e:
d1:98:3d:e8:1e:7b:a4:ee:ad:5f:18:b5:8c:25:40:
26:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A2:26:12:D5:0A:C6:56:C3:9A:76:00:F7:3C:C2:BC:D4:E5:F1:0D
X509v3 Authority Key Identifier:
keyid:DD:6D:AE:F6:66:4A:75:29:B6:29:F3:FD:65:00:49:15:23:0F:1B:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3W2u9mZKdSm2KfP9ZQBJFSMPG-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/y6ImEtUKxlbDmnYA9zzCvNTl8Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/7dd42b-66ed-4c13-a336-cfe1335f27fb/1/3W2u9mZKdSm2KfP9ZQBJFSMPG-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.87.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:7a:e4:aa:8b:b7:78:3e:a1:9f:7b:de:95:c9:e0:ba:94:d8:
ef:5c:82:fd:f6:82:88:2e:39:4a:e3:9b:cc:f8:bb:42:76:1f:
0f:a0:b9:7b:ac:aa:ce:bf:71:0b:99:58:69:95:0e:e9:c8:5a:
51:fe:52:94:53:38:3f:b7:23:ec:9e:50:b2:a9:af:e3:de:f5:
63:e7:84:5c:51:99:4e:ce:52:3f:c8:a9:f4:de:cb:0d:c5:3c:
61:0e:10:f6:ed:40:cc:0d:80:76:f0:ce:b0:6f:4c:85:62:cc:
68:12:26:34:e9:b7:75:2c:3e:05:3a:81:a2:43:5b:11:35:9b:
37:1e:0a:04:b6:48:be:cd:92:62:d3:06:30:88:86:4e:e2:78:
74:53:5c:37:65:66:25:c2:fc:8b:1f:f4:ac:54:49:a0:2c:ad:
08:ff:bb:fc:88:3b:7e:2d:e5:c3:1e:4c:a0:03:2c:74:87:1a:
03:0a:28:84:54:0a:86:f8:1b:bf:62:c1:d3:98:ea:99:45:00:
33:6d:61:d4:fa:77:52:7f:c3:22:1e:47:67:5e:4b:58:02:0a:
f9:ba:97:23:17:f3:04:a9:ef:17:ae:18:df:06:3b:6b:76:b4:
81:68:4c:60:ee:ba:32:c9:74:dd:71:8f:50:67:24:b1:3e:38:
6d:78:9c:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmdct3zvNeiipa7uiXwJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNmRhZWY2NjY0YTc1MjliNjI5ZjNmZDY1MDA0OTE1MjMw
ZjFiZTkwHhcNMjQwMTAyMTQzNTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmEyMjYxMmQ1MGFjNjU2YzM5YTc2MDBmNzNjYzJiY2Q0ZTVmMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc15FH3VyuMuFhk1Iq+f1W4euLqv
fmaKOF2teT5aRy0cZG8xGOyWvKN/tW8MPrPYcAhOpBrE0uOHQGE2BQygFHcEXwDy
4O/ixC4BryA035hBmbiL2W9aRKDz85Z4qwlxQrJECsm5rX7AC2UBM8OcPLhj+yhc
srL7suk1uRqj0D3K1+jl4JWR02oHkL1fcE0GXL8jWJjhcZBj9ZzBzQXBQfh2t5Xr
ZZlHR7hIiLAWzVJE/T+wyxzhEHG6VGb5W1dNGhTbjuqlz2ZtqimiHOfd7uB7x3g/
GCUV5lHz4dk8HPNXn3B4q+gVCR+5Xfq7ZI7RmD3oHnuk7q1fGLWMJUAm/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuiJhLVCsZWw5p2APc8wrzU5fENMB8GA1UdIwQY
MBaAFN1trvZmSnUptinz/WUASRUjDxvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1cydTltWktkU20yS2ZQOVpRQkpGU01QRy1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83ZGQ0MmItNjZlZC00YzEzLWEzMzYt
Y2ZlMTMzNWYyN2ZiLzEveTZJbUV0VUt4bGJEbW5ZQTl6ekN2TlRsOFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83ZGQ0MmItNjZlZC00YzEzLWEzMzYtY2ZlMTMzNWYyN2Zi
LzEvM1cydTltWktkU20yS2ZQOVpRQkpGU01QRy1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYhXMA0G
CSqGSIb3DQEBCwUAA4IBAQBueuSqi7d4PqGfe96VyeC6lNjvXIL99oKILjlK45vM
+LtCdh8PoLl7rKrOv3ELmVhplQ7pyFpR/lKUUzg/tyPsnlCyqa/j3vVj54RcUZlO
zlI/yKn03ssNxTxhDhD27UDMDYB28M6wb0yFYsxoEiY06bd1LD4FOoGiQ1sRNZs3
HgoEtki+zZJi0wYwiIZO4nh0U1w3ZWYlwvyLH/SsVEmgLK0I/7v8iDt+LeXDHkyg
Ayx0hxoDCiiEVAqG+Bu/YsHTmOqZRQAzbWHU+ndSf8MiHkdnXktYAgr5upcjF/ME
qe8XrhjfBjtrdrSBaExg7royyXTdcY9QZySxPjhteJwA
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:07:36 2025 by rpki-client