Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/8kj15abSm3r3ncrh1LHXSFEvZWY.roa
File: 8kj15abSm3r3ncrh1LHXSFEvZWY.roa (raw, json)
Hash identifier: ymc5mQ6gWVR5oAS3V994gVl5H6rwhaJH5/bYLgIcNcU=
Subject key identifier: F2:48:F5:E5:A6:D2:9B:7A:F7:9D:CA:E1:D4:B1:D7:48:51:2F:65:66
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 019427479AB8F1ED1BBA0308B7A688AEA1CC
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/8kj15abSm3r3ncrh1LHXSFEvZWY.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44244
IP address blocks: 85.185.36.0/22 maxlen: 22
85.185.36.0/24 maxlen: 24
85.185.37.0/24 maxlen: 24
85.185.38.0/24 maxlen: 24
85.185.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Feb 2025 11:41:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:9a:b8:f1:ed:1b:ba:03:08:b7:a6:88:ae:a1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f248f5e5a6d29b7af79dcae1d4b1d748512f6566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:55:09:15:04:70:97:5c:98:09:0a:3a:ec:fc:
8f:17:f6:07:65:15:7e:b6:81:78:df:5f:a5:b1:ff:
89:06:6b:18:c4:32:05:ac:f2:ce:d5:1a:0f:d8:0a:
b5:75:f5:e5:47:28:2d:d0:43:88:de:02:3f:7f:92:
52:d3:f5:96:67:b2:13:d0:d7:9c:b5:98:6b:28:2e:
6e:35:90:0c:89:90:e2:68:1a:4e:6a:87:1d:43:8d:
24:04:e7:f3:66:74:be:6c:88:fc:b2:49:92:a5:35:
81:9b:b2:cb:61:63:24:66:a2:4c:36:4b:76:b0:ea:
79:39:31:9a:54:a2:b9:16:79:e5:5b:c0:6a:8c:d8:
de:1f:61:63:ee:25:c9:87:ef:c0:d3:84:4d:85:93:
83:11:28:8c:07:56:5d:18:70:29:22:d0:63:5a:e9:
11:9f:8f:46:9d:b9:57:ac:40:50:01:98:95:54:26:
ea:93:73:5a:33:6d:d5:98:96:67:02:26:97:f2:2e:
01:5a:f2:ff:be:9f:d5:2c:fc:14:73:1c:39:c3:e7:
21:e9:de:03:2c:f2:96:71:2b:6b:a7:25:33:7b:1d:
df:a3:6c:39:22:39:be:52:32:55:18:3a:13:5f:b6:
91:5a:fa:47:42:4f:0c:4c:7f:05:46:be:25:65:01:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:48:F5:E5:A6:D2:9B:7A:F7:9D:CA:E1:D4:B1:D7:48:51:2F:65:66
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/8kj15abSm3r3ncrh1LHXSFEvZWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.185.36.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:10:9f:44:2e:0a:c8:4b:6f:bc:af:28:83:1a:f2:bf:0b:55:
34:f8:a6:7d:61:d0:35:db:f7:f7:0f:91:7b:1f:c0:41:99:5c:
a0:71:58:01:8a:bb:36:dc:db:8c:a3:18:eb:81:11:b8:1b:fd:
2d:a0:0f:2a:be:68:a3:8a:1d:4e:40:d4:d2:66:75:26:f8:6a:
9a:99:6c:86:3f:30:9f:e2:ec:fc:3a:93:92:13:db:c7:9c:25:
a1:43:06:b5:d2:06:d1:b1:9b:c7:06:67:c5:08:e1:b1:3c:bc:
0f:be:a8:0f:55:6c:5e:47:85:64:9f:bb:da:a5:91:10:cf:51:
57:21:d5:18:21:71:0a:94:fc:e6:9d:e4:81:55:77:94:ea:5b:
e6:5c:26:df:9c:aa:c9:32:90:e2:53:c6:58:52:a7:d8:d5:e9:
32:d6:76:fc:68:86:3f:15:f2:5f:03:60:58:f8:f0:60:c7:d6:
87:76:09:8f:d6:a4:8f:af:a9:19:b1:67:5e:c9:27:f2:b0:4e:
5f:49:af:8b:a9:ac:7c:12:d0:68:2a:28:da:3d:ce:7b:f7:ab:
d7:ca:e5:e4:7f:b0:a9:c8:ec:02:22:6c:7a:16:ea:7a:21:cb:
e9:ad:89:a9:25:9d:57:56:54:80:1d:2c:dc:62:e3:4f:6b:4a:
10:8a:87:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5q48e0bugMIt6aIrqHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ4ZjVlNWE2ZDI5YjdhZjc5ZGNhZTFkNGIxZDc0ODUxMmY2NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lUJFQRwl1yYCQo67PyPF/YHZRV+
toF431+lsf+JBmsYxDIFrPLO1RoP2Aq1dfXlRygt0EOI3gI/f5JS0/WWZ7IT0Nec
tZhrKC5uNZAMiZDiaBpOaocdQ40kBOfzZnS+bIj8skmSpTWBm7LLYWMkZqJMNkt2
sOp5OTGaVKK5FnnlW8BqjNjeH2Fj7iXJh+/A04RNhZODESiMB1ZdGHApItBjWukR
n49GnblXrEBQAZiVVCbqk3NaM23VmJZnAiaX8i4BWvL/vp/VLPwUcxw5w+ch6d4D
LPKWcStrpyUzex3fo2w5Ijm+UjJVGDoTX7aRWvpHQk8MTH8FRr4lZQEQZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJI9eWm0pt6953K4dSx10hRL2VmMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvOGtqMTVhYlNtM3IzbmNyaDFMSFhTRkV2WldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVbkkMA0G
CSqGSIb3DQEBCwUAA4IBAQAvEJ9ELgrIS2+8ryiDGvK/C1U0+KZ9YdA12/f3D5F7
H8BBmVygcVgBirs23NuMoxjrgRG4G/0toA8qvmijih1OQNTSZnUm+GqamWyGPzCf
4uz8OpOSE9vHnCWhQwa10gbRsZvHBmfFCOGxPLwPvqgPVWxeR4Vkn7vapZEQz1FX
IdUYIXEKlPzmneSBVXeU6lvmXCbfnKrJMpDiU8ZYUqfY1eky1nb8aIY/FfJfA2BY
+PBgx9aHdgmP1qSPr6kZsWdeySfysE5fSa+Lqax8EtBoKijaPc5796vXyuXkf7Cp
yOwCImx6Fup6IcvprYmpJZ1XVlSAHSzcYuNPa0oQiodb
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:47:47 2025 by rpki-client