Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/4Ic61K8y7UecHAiI-Qjy-PJ5QKY.roa
File: 4Ic61K8y7UecHAiI-Qjy-PJ5QKY.roa (raw, json)
Hash identifier: XWRgNwYAs2/PiDG58bnnxExdAZVQHPLn8X+BQp457eY=
Subject key identifier: E0:87:3A:D4:AF:32:ED:47:9C:1C:08:88:F9:08:F2:F8:F2:79:40:A6
Certificate issuer: /CN=6a17de1887fcfa9244b931d96da82678c0147663
Certificate serial: 01936D8EB8A70363B4C9BA78807063D045FB
Authority key identifier: 6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/4Ic61K8y7UecHAiI-Qjy-PJ5QKY.roa
Signing time: Wed 27 Nov 2024 12:18:10 +0000
ROA not before: Wed 27 Nov 2024 12:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44489
IP address blocks: 85.119.88.0/21 maxlen: 21
89.239.0.0/19 maxlen: 24
2a02:4000::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:8e:b8:a7:03:63:b4:c9:ba:78:80:70:63:d0:45:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a17de1887fcfa9244b931d96da82678c0147663
Validity
Not Before: Nov 27 12:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0873ad4af32ed479c1c0888f908f2f8f27940a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cc:64:6a:78:e3:6a:2e:a0:df:a9:19:66:f4:
c3:71:7a:c8:fc:d2:92:82:3d:8b:d6:61:8f:b7:16:
44:df:91:6a:24:11:c7:68:3e:e9:fc:ab:b2:68:8f:
cb:ae:b8:12:5d:c0:93:09:64:6d:87:70:82:7c:4e:
b9:43:cb:7c:e5:55:c1:3a:48:54:d4:5f:ed:16:49:
e7:8c:a6:62:13:14:58:79:df:3c:49:72:6d:07:92:
d6:6b:1c:a4:2a:5e:58:20:b8:24:22:e8:d3:24:ae:
f0:2c:4a:9d:0c:d0:83:b8:65:9b:c4:7c:86:e8:47:
04:63:57:8e:d1:5b:03:c2:7b:74:e9:f8:1c:d8:14:
4d:a8:56:ae:76:bc:bb:f0:83:d6:22:23:a0:43:90:
10:8b:78:a8:6f:38:ba:4a:19:7b:6b:30:01:1a:3c:
3a:a9:71:d2:b1:6a:88:0f:56:f3:3f:27:cc:05:d0:
d8:95:fd:39:1d:6b:f0:e1:03:5a:0b:75:c8:cc:a1:
4e:57:ff:52:13:94:33:0b:9e:f3:15:5b:a6:8f:d2:
54:12:4b:f3:46:2e:85:73:ae:b4:56:07:c7:06:59:
68:3a:aa:0b:58:32:38:96:9f:66:29:0c:88:5c:86:
66:84:e7:7d:ab:bf:13:7b:40:40:71:c9:71:46:e3:
87:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:87:3A:D4:AF:32:ED:47:9C:1C:08:88:F9:08:F2:F8:F2:79:40:A6
X509v3 Authority Key Identifier:
keyid:6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/4Ic61K8y7UecHAiI-Qjy-PJ5QKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.119.88.0/21
89.239.0.0/19
IPv6:
2a02:4000::/32
Signature Algorithm: sha256WithRSAEncryption
8a:00:12:64:3d:eb:b7:f0:ef:3a:18:ef:a0:81:2b:73:a4:8b:
cb:9a:65:94:18:63:f8:36:c3:c6:8b:be:c6:0d:d4:c1:85:4d:
5a:56:fd:7b:58:fa:70:4f:15:5c:43:f7:7a:26:8c:86:42:cc:
4e:80:ad:6b:46:06:cf:0c:c4:72:1a:d4:b6:4a:f7:c2:6d:21:
00:7b:25:8a:e2:9c:2f:4a:2e:82:07:3d:f4:1e:dd:ba:70:74:
ec:33:d1:2e:5b:2b:0a:df:b0:06:dc:e7:71:6d:27:e1:e1:e1:
2e:5c:c5:a8:dd:d3:4c:06:09:cf:ab:4c:40:0e:34:d6:21:bb:
f9:1d:f4:2e:e7:db:dc:02:63:3c:17:43:37:29:35:17:50:28:
76:66:75:18:a4:9e:3c:76:88:9a:f4:b4:08:70:74:24:1d:d4:
bf:8d:5a:97:cf:c1:c7:04:7b:29:1f:4c:c5:cd:a5:66:7e:74:
25:c9:74:0f:95:30:e5:af:eb:25:be:ea:b3:10:50:e4:f3:71:
a6:39:65:43:8d:b7:4e:ba:83:94:ba:cb:32:2f:6f:f7:0c:23:
78:14:13:f5:14:d6:72:a2:07:5e:ed:31:fb:0d:51:ce:e4:d4:
a1:38:13:81:e3:de:a1:83:8e:5e:6d:cd:0d:be:15:da:f3:1f:
92:24:8a:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZNtjrinA2O0ybp4gHBj0EX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTdkZTE4ODdmY2ZhOTI0NGI5MzFkOTZkYTgyNjc4YzAx
NDc2NjMwHhcNMjQxMTI3MTIxODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDg3M2FkNGFmMzJlZDQ3OWMxYzA4ODhmOTA4ZjJmOGYyNzk0MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsxkanjjai6g36kZZvTDcXrI/NKS
gj2L1mGPtxZE35FqJBHHaD7p/KuyaI/LrrgSXcCTCWRth3CCfE65Q8t85VXBOkhU
1F/tFknnjKZiExRYed88SXJtB5LWaxykKl5YILgkIujTJK7wLEqdDNCDuGWbxHyG
6EcEY1eO0VsDwnt06fgc2BRNqFaudry78IPWIiOgQ5AQi3iobzi6Shl7azABGjw6
qXHSsWqID1bzPyfMBdDYlf05HWvw4QNaC3XIzKFOV/9SE5QzC57zFVumj9JUEkvz
Ri6Fc660VgfHBlloOqoLWDI4lp9mKQyIXIZmhOd9q78Te0BAcclxRuOHswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOCHOtSvMu1HnBwIiPkI8vjyeUCmMB8GA1UdIwQY
MBaAFGoX3hiH/PqSRLkx2W2oJnjAFHZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzIt
MDc5OWE1MmE2Mzg3LzEvNEljNjFLOHk3VWVjSEFpSS1RanktUEo1UUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzItMDc5OWE1MmE2Mzg3
LzEvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXdYAwQF
We8AMA0EAgACMAcDBQAqAkAAMA0GCSqGSIb3DQEBCwUAA4IBAQCKABJkPeu38O86
GO+ggStzpIvLmmWUGGP4NsPGi77GDdTBhU1aVv17WPpwTxVcQ/d6JoyGQsxOgK1r
RgbPDMRyGtS2SvfCbSEAeyWK4pwvSi6CBz30Ht26cHTsM9EuWysK37AG3OdxbSfh
4eEuXMWo3dNMBgnPq0xADjTWIbv5HfQu59vcAmM8F0M3KTUXUCh2ZnUYpJ48doia
9LQIcHQkHdS/jVqXz8HHBHspH0zFzaVmfnQlyXQPlTDlr+slvuqzEFDk83GmOWVD
jbdOuoOUussyL2/3DCN4FBP1FNZyogde7TH7DVHO5NShOBOB496hg45ebc0NvhXa
8x+SJIpo
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:20 2025 by rpki-client