Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/Ks2uIuWRCIn1DlHxLZexGL6eZhs.roa
File: Ks2uIuWRCIn1DlHxLZexGL6eZhs.roa (raw, json)
Hash identifier: +yq6omQq06xV5zJEjwDP7EqE+lNPpgR+xvecRInM694=
Subject key identifier: 2A:CD:AE:22:E5:91:08:89:F5:0E:51:F1:2D:97:B1:18:BE:9E:66:1B
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B818CEAE0F88690BDEC4BBCB50DED7
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/Ks2uIuWRCIn1DlHxLZexGL6eZhs.roa
Signing time: Mon 01 Jan 2024 20:30:02 +0000
ROA not before: Mon 01 Jan 2024 20:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48400
IP address blocks: 85.140.93.0/24 maxlen: 24
85.140.92.0/23 maxlen: 23
85.140.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:18:ce:ae:0f:88:69:0b:de:c4:bb:cb:50:de:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2acdae22e5910889f50e51f12d97b118be9e661b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:b1:07:45:35:cb:05:28:d4:d0:0b:e8:9f:
02:60:96:01:e4:7d:97:e2:40:fd:a6:e8:52:6e:9e:
d2:3b:55:d5:b6:b6:7b:27:b2:8b:76:bf:53:2d:c1:
30:1b:1a:0e:43:7e:f8:35:e4:6c:fb:8b:68:f4:a7:
5e:2e:ff:58:c4:37:c2:c7:e1:72:63:ea:7f:05:77:
47:9c:8e:cc:6d:76:ef:00:0a:8f:a1:7e:12:c1:f1:
55:4d:4d:66:4b:00:1c:0a:13:af:25:c4:f1:0a:97:
5c:0d:c2:e3:14:1d:89:fe:e4:45:3b:7b:0b:bc:c7:
53:08:5a:0e:6a:0f:9e:24:8d:7a:c0:f5:f5:d5:e2:
6d:e8:2d:4c:ce:bd:6a:55:ec:14:7f:87:23:4f:83:
fb:db:2a:c0:a5:a3:09:78:3b:60:ad:5e:ad:76:78:
26:2d:d7:15:89:62:58:e5:6f:77:86:88:4a:63:94:
54:15:91:2b:99:27:05:b0:3b:a9:1a:1d:6c:9f:01:
f1:93:eb:0e:09:26:a9:50:6c:39:5d:61:ba:16:bf:
c5:08:58:c4:c3:1e:81:a5:35:2a:13:50:8a:88:c4:
63:33:dc:b8:53:c1:fb:98:f9:c9:6f:cf:2a:35:3b:
c6:d8:6f:92:e2:60:2c:52:c9:73:b9:6f:60:d8:ae:
7b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CD:AE:22:E5:91:08:89:F5:0E:51:F1:2D:97:B1:18:BE:9E:66:1B
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/Ks2uIuWRCIn1DlHxLZexGL6eZhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.92.0/23
Signature Algorithm: sha256WithRSAEncryption
56:50:22:08:fc:85:50:80:ba:a5:6a:5f:6a:3e:54:10:28:a9:
96:a6:2c:d4:17:cb:6b:b2:02:6c:ea:8a:10:35:87:3f:41:83:
9c:2e:9a:9d:da:13:52:a0:4c:b1:69:b2:53:5c:99:a3:41:93:
f6:13:30:d4:11:ef:14:a5:7e:f5:b4:1d:fd:ea:b6:37:97:e9:
15:33:eb:5a:bb:f0:76:ba:02:3f:8e:46:18:3a:3e:b7:5a:e7:
7f:b0:c5:7a:54:2a:19:b1:f7:ac:bc:e0:da:a3:2e:d8:aa:61:
8c:6b:cd:f4:d3:86:a2:ab:e8:d0:af:26:fe:c4:81:d6:80:36:
8b:8a:4c:c3:a3:d9:38:78:a4:83:82:b4:73:ac:06:2e:0d:8c:
22:09:31:2e:97:91:52:cd:f9:69:a8:f9:70:a6:b3:57:33:9a:
8a:25:8a:77:43:20:6e:bc:5e:c6:1b:30:5b:94:49:9b:7b:3d:
a7:60:ec:b7:8f:a0:d4:65:78:f0:31:4a:cb:77:0e:6a:f2:23:
03:b1:37:66:a5:4f:8a:12:b7:22:b6:42:e6:23:14:7d:51:01:
33:f9:19:9d:9c:c5:dd:33:d4:f1:13:47:d4:e2:b5:32:0b:e6:
8a:f8:65:f4:8f:72:c5:46:7d:60:7a:44:b6:8c:25:2a:be:9e:
50:b4:62:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuBjOrg+IaQvexLvLUN7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNkYWUyMmU1OTEwODg5ZjUwZTUxZjEyZDk3YjExOGJlOWU2NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZixB0U1ywUo1NAL6J8CYJYB5H2X
4kD9puhSbp7SO1XVtrZ7J7KLdr9TLcEwGxoOQ374NeRs+4to9KdeLv9YxDfCx+Fy
Y+p/BXdHnI7MbXbvAAqPoX4SwfFVTU1mSwAcChOvJcTxCpdcDcLjFB2J/uRFO3sL
vMdTCFoOag+eJI16wPX11eJt6C1Mzr1qVewUf4cjT4P72yrApaMJeDtgrV6tdngm
LdcViWJY5W93hohKY5RUFZErmScFsDupGh1snwHxk+sOCSapUGw5XWG6Fr/FCFjE
wx6BpTUqE1CKiMRjM9y4U8H7mPnJb88qNTvG2G+S4mAsUslzuW9g2K57bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrNriLlkQiJ9Q5R8S2XsRi+nmYbMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvS3MydUl1V1JDSW4xRGxIeExaZXhHTDZlWmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVYxcMA0G
CSqGSIb3DQEBCwUAA4IBAQBWUCII/IVQgLqlal9qPlQQKKmWpizUF8trsgJs6ooQ
NYc/QYOcLpqd2hNSoEyxabJTXJmjQZP2EzDUEe8UpX71tB396rY3l+kVM+tau/B2
ugI/jkYYOj63Wud/sMV6VCoZsfesvODaoy7YqmGMa83004aiq+jQryb+xIHWgDaL
ikzDo9k4eKSDgrRzrAYuDYwiCTEul5FSzflpqPlwprNXM5qKJYp3QyBuvF7GGzBb
lEmbez2nYOy3j6DUZXjwMUrLdw5q8iMDsTdmpU+KErcitkLmIxR9UQEz+RmdnMXd
M9TxE0fU4rUyC+aK+GX0j3LFRn1gekS2jCUqvp5QtGIh
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:31:14 2025 by rpki-client