Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/BDqVh1kZ0IuMgo31Y6ncWdBcjA4.roa
File: BDqVh1kZ0IuMgo31Y6ncWdBcjA4.roa (raw, json)
Hash identifier: PevUhB3K7lsUV08mvNp50kkYEYLp/yuA7j/4imGlOOQ=
Subject key identifier: 04:3A:95:87:59:19:D0:8B:8C:82:8D:F5:63:A9:DC:59:D0:5C:8C:0E
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 018CC26D2082FE937E76C2832C9C2BDC6F17
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/BDqVh1kZ0IuMgo31Y6ncWdBcjA4.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205215
IP address blocks: 185.218.208.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:20:82:fe:93:7e:76:c2:83:2c:9c:2b:dc:6f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=043a95875919d08b8c828df563a9dc59d05c8c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3a:c7:8c:ad:c7:0d:be:7e:ed:a5:bb:e5:f8:
a2:b5:a0:77:29:9c:d3:f8:2e:b3:8e:1a:6e:13:11:
7f:dc:ce:53:8c:fa:ed:36:f6:bb:05:36:06:5e:00:
2a:50:a4:7f:00:98:9b:c1:57:ea:72:1c:5c:f0:15:
9a:ca:2b:25:fe:64:89:93:0f:d0:72:d8:17:29:bf:
6d:fa:b9:c0:41:af:4d:73:6f:84:fb:74:3d:52:e2:
aa:0c:e5:dc:1c:3b:85:39:20:c2:12:a6:f1:7e:24:
8c:13:1e:6a:3a:34:ee:a9:4c:85:ca:36:53:5e:6f:
a8:1f:e2:07:5f:86:f5:41:2a:19:b9:8e:d4:9f:75:
e3:74:1a:05:a1:d1:9f:75:9d:9e:b5:49:32:29:20:
73:69:dc:a5:ed:90:80:92:16:6b:66:09:42:f6:f8:
69:88:c4:ab:00:c3:37:f5:ef:af:7c:1b:58:95:ae:
7c:4b:cc:77:86:67:61:53:3f:ac:e2:77:fc:bd:09:
2f:e2:12:67:dd:cf:98:3d:14:20:58:f8:e8:a5:db:
65:48:9e:2a:3c:85:f1:02:fd:f9:d1:8d:c8:87:6c:
aa:ab:1f:a2:6f:2a:79:59:0d:6d:5c:36:36:10:3a:
39:fb:89:61:8b:69:f2:c4:ff:3e:b6:f7:c6:e8:7f:
67:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3A:95:87:59:19:D0:8B:8C:82:8D:F5:63:A9:DC:59:D0:5C:8C:0E
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/BDqVh1kZ0IuMgo31Y6ncWdBcjA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.208.0/23
Signature Algorithm: sha256WithRSAEncryption
63:94:80:1a:3d:c2:5a:a5:b9:18:59:d0:29:3a:e7:71:67:c2:
69:9f:5d:9c:98:ab:d9:7d:41:a4:23:ca:d9:c6:4f:5d:09:5a:
7f:fd:68:84:80:09:a4:04:16:a3:c0:35:10:e4:03:84:06:6c:
e3:dd:50:1d:ac:fd:66:80:8e:94:6b:8e:d3:b4:03:de:36:fe:
31:5e:33:b2:50:48:3b:c5:86:f5:bd:f3:07:4f:00:56:c5:33:
e0:e9:7f:80:42:67:26:21:f5:c1:54:49:f4:70:12:d9:0e:fd:
47:d2:20:bd:5d:76:bd:b7:94:18:f6:ed:e5:ab:82:fd:e5:b4:
30:9f:3a:72:7e:06:17:68:27:dc:09:1f:3f:0d:20:8d:8b:24:
c2:cb:b9:a4:55:c8:5d:0a:bc:54:d8:22:eb:6a:ad:ae:03:84:
cf:c2:85:7f:84:0e:e6:2d:c8:1f:28:bb:f2:d0:da:97:e8:31:
48:88:4a:6b:1e:81:3c:4c:93:80:14:53:cd:dd:a1:a5:54:44:
83:b1:e6:c8:ea:9f:c0:5a:0e:fb:e9:b0:c8:24:db:63:b3:4b:
f8:14:96:62:66:a7:1b:3f:12:50:6f:d1:b4:70:5b:e5:b2:66:
ed:74:02:02:f7:5f:83:e3:98:b9:47:a3:a2:70:44:32:87:2d:
bb:da:d1:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbSCC/pN+dsKDLJwr3G8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDNhOTU4NzU5MTlkMDhiOGM4MjhkZjU2M2E5ZGM1OWQwNWM4YzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzrHjK3HDb5+7aW75fiitaB3KZzT
+C6zjhpuExF/3M5TjPrtNva7BTYGXgAqUKR/AJibwVfqchxc8BWayisl/mSJkw/Q
ctgXKb9t+rnAQa9Nc2+E+3Q9UuKqDOXcHDuFOSDCEqbxfiSMEx5qOjTuqUyFyjZT
Xm+oH+IHX4b1QSoZuY7Un3XjdBoFodGfdZ2etUkyKSBzadyl7ZCAkhZrZglC9vhp
iMSrAMM39e+vfBtYla58S8x3hmdhUz+s4nf8vQkv4hJn3c+YPRQgWPjopdtlSJ4q
PIXxAv350Y3Ih2yqqx+ibyp5WQ1tXDY2EDo5+4lhi2nyxP8+tvfG6H9nnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQ6lYdZGdCLjIKN9WOp3FnQXIwOMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvQkRxVmgxa1owSXVNZ28zMVk2bmNXZEJjakE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudrQMA0G
CSqGSIb3DQEBCwUAA4IBAQBjlIAaPcJapbkYWdApOudxZ8Jpn12cmKvZfUGkI8rZ
xk9dCVp//WiEgAmkBBajwDUQ5AOEBmzj3VAdrP1mgI6Ua47TtAPeNv4xXjOyUEg7
xYb1vfMHTwBWxTPg6X+AQmcmIfXBVEn0cBLZDv1H0iC9XXa9t5QY9u3lq4L95bQw
nzpyfgYXaCfcCR8/DSCNiyTCy7mkVchdCrxU2CLraq2uA4TPwoV/hA7mLcgfKLvy
0NqX6DFIiEprHoE8TJOAFFPN3aGlVESDsebI6p/AWg776bDIJNtjs0v4FJZiZqcb
PxJQb9G0cFvlsmbtdAIC91+D45i5R6OicEQyhy272tFE
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:28:32 2025 by rpki-client