Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/b1L5lvEZHFmd5YNQMk_WBrU-LAk.roa
File: b1L5lvEZHFmd5YNQMk_WBrU-LAk.roa (raw, json)
Hash identifier: t7/NQbI8wHYC8pqphIckCpd0bvfE/7vsa8AQQjqq5hw=
Subject key identifier: 6F:52:F9:96:F1:19:1C:59:9D:E5:83:50:32:4F:D6:06:B5:3E:2C:09
Certificate issuer: /CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Certificate serial: 018F9570BCE45EDBEB25A6D004402DCA227C
Authority key identifier: 2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/b1L5lvEZHFmd5YNQMk_WBrU-LAk.roa
Signing time: Mon 20 May 2024 09:59:04 +0000
ROA not before: Mon 20 May 2024 09:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202113
IP address blocks: 185.52.244.0/22 maxlen: 22
185.52.244.0/24 maxlen: 24
185.52.247.0/24 maxlen: 24
2a04:c9c0::/29 maxlen: 29
2a04:c9c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:70:bc:e4:5e:db:eb:25:a6:d0:04:40:2d:ca:22:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Validity
Not Before: May 20 09:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f52f996f1191c599de58350324fd606b53e2c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a4:be:e7:0a:ad:1e:5c:f9:fa:59:1d:7f:39:
af:6a:1b:b5:88:79:00:8d:7d:ba:00:a0:be:db:0a:
93:ca:2d:bb:5a:a0:6d:ad:be:2e:4f:90:6b:16:d6:
56:52:8f:fc:2b:d2:a2:fc:88:eb:44:5b:0a:67:75:
e7:8d:54:be:bb:42:dd:5f:f6:4f:99:40:af:01:12:
fa:93:d0:b7:36:88:08:c4:75:6f:09:be:e3:86:24:
54:6c:58:74:5e:72:59:66:58:30:0e:ec:c9:23:bf:
25:dc:f1:5d:95:dd:8a:34:11:9a:4d:10:3a:c7:04:
d2:03:c5:37:4f:b9:5f:3f:52:c2:ab:e4:f7:90:91:
23:13:e6:11:5c:a5:46:9c:9e:21:71:4a:57:70:3d:
da:60:e0:80:d1:0c:65:34:f5:ba:27:dc:bd:cc:b4:
ba:e2:79:d7:9d:82:c5:20:61:0a:bf:e9:b1:46:fd:
4b:43:67:5c:2c:00:38:a6:f4:3b:51:66:f0:79:f9:
e8:a0:17:e3:9b:cd:6d:ea:48:02:87:64:d1:16:b7:
0d:84:b5:f9:af:52:e1:9f:8b:90:e9:dc:23:c3:8d:
8d:9f:75:32:e2:9c:a6:63:2b:31:3a:1d:35:9f:ce:
f0:1a:fd:80:e4:b1:f1:ef:91:32:f8:74:98:71:6f:
8d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:52:F9:96:F1:19:1C:59:9D:E5:83:50:32:4F:D6:06:B5:3E:2C:09
X509v3 Authority Key Identifier:
keyid:2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/b1L5lvEZHFmd5YNQMk_WBrU-LAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/K6cIjjnnrYgXt9EOoqW4oJikegs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.244.0/22
IPv6:
2a04:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:51:5b:48:9d:c8:a4:7f:a0:f9:f0:81:51:1b:b0:18:ff:67:
75:3c:d4:ed:b6:ab:9e:1b:6d:4e:d0:af:15:74:8d:13:6b:cb:
03:c7:f8:50:87:b1:e9:98:b7:48:e0:9f:aa:ed:c8:8a:1f:ed:
e9:a3:f8:de:93:69:8a:1c:c3:40:a1:50:37:e3:19:61:fc:86:
6e:ca:57:91:98:98:3e:46:fb:d4:76:d5:85:21:53:be:62:5d:
e5:97:0d:47:c4:de:2b:18:7e:cb:0e:3f:39:ea:f5:bc:dd:3f:
a5:35:99:09:36:8c:b0:b1:b9:ee:41:65:5d:88:e0:b6:f3:4b:
07:b8:0c:6f:05:ee:1c:9b:3f:8d:ba:45:94:28:5f:a3:f5:5f:
53:3f:98:4a:08:48:8b:c6:cb:c4:64:33:1a:91:5a:ba:b3:f6:
39:f6:a9:ee:e0:8d:3f:c3:20:3e:e0:89:2b:3b:84:91:ba:81:
87:2a:33:a8:b5:6c:29:65:ec:ed:a5:2b:f7:d8:a5:e9:66:c9:
a8:9a:51:41:42:cc:50:10:c5:62:91:74:e6:b9:e7:f9:c2:c4:
75:3e:76:4e:01:1a:6c:6f:55:72:14:cb:fe:0b:3c:16:48:c6:
4a:15:8c:9c:13:03:d7:c5:aa:74:23:5c:29:7e:fd:97:50:b9:
14:64:38:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+VcLzkXtvrJabQBEAtyiJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTcwODhlMzllN2FkODgxN2I3ZDEwZWEyYTViOGEwOThh
NDdhMGIwHhcNMjQwNTIwMDk1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjUyZjk5NmYxMTkxYzU5OWRlNTgzNTAzMjRmZDYwNmI1M2UyYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qS+5wqtHlz5+lkdfzmvahu1iHkA
jX26AKC+2wqTyi27WqBtrb4uT5BrFtZWUo/8K9Ki/IjrRFsKZ3XnjVS+u0LdX/ZP
mUCvARL6k9C3NogIxHVvCb7jhiRUbFh0XnJZZlgwDuzJI78l3PFdld2KNBGaTRA6
xwTSA8U3T7lfP1LCq+T3kJEjE+YRXKVGnJ4hcUpXcD3aYOCA0QxlNPW6J9y9zLS6
4nnXnYLFIGEKv+mxRv1LQ2dcLAA4pvQ7UWbwefnooBfjm81t6kgCh2TRFrcNhLX5
r1Lhn4uQ6dwjw42Nn3Uy4pymYysxOh01n87wGv2A5LHx75Ey+HSYcW+NmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG9S+ZbxGRxZneWDUDJP1ga1PiwJMB8GA1UdIwQY
MBaAFCunCI45562IF7fRDqKluKCYpHoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYt
NGE2N2U0ZDA1NmFiLzEvYjFMNWx2RVpIRm1kNVlOUU1rX1dCclUtTEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYtNGE2N2U0ZDA1NmFi
LzEvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTT0MA0E
AgACMAcDBQMqBMnAMA0GCSqGSIb3DQEBCwUAA4IBAQBuUVtIncikf6D58IFRG7AY
/2d1PNTttqueG21O0K8VdI0Ta8sDx/hQh7HpmLdI4J+q7ciKH+3po/jek2mKHMNA
oVA34xlh/IZuyleRmJg+RvvUdtWFIVO+Yl3llw1HxN4rGH7LDj856vW83T+lNZkJ
NoywsbnuQWVdiOC280sHuAxvBe4cmz+NukWUKF+j9V9TP5hKCEiLxsvEZDMakVq6
s/Y59qnu4I0/wyA+4IkrO4SRuoGHKjOotWwpZeztpSv32KXpZsmomlFBQsxQEMVi
kXTmuef5wsR1PnZOARpsb1VyFMv+CzwWSMZKFYycEwPXxap0I1wpfv2XULkUZDgT
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:13 2025 by rpki-client