Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/i6AITnvrM12TYJ1kRcCI0T4uJYc.roa
File: i6AITnvrM12TYJ1kRcCI0T4uJYc.roa (raw, json)
Hash identifier: o3F7kAY4HXw6OdoLe76/pRtjDAsj2qzAFBw2POdV65w=
Subject key identifier: 8B:A0:08:4E:7B:EB:33:5D:93:60:9D:64:45:C0:88:D1:3E:2E:25:87
Certificate issuer: /CN=96e6f77cbda101987d9dfc84be90b6fba66adc9f
Certificate serial: 018CC86FCCD4DF2C409D34004C64E7A4A0EA
Authority key identifier: 96:E6:F7:7C:BD:A1:01:98:7D:9D:FC:84:BE:90:B6:FB:A6:6A:DC:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/i6AITnvrM12TYJ1kRcCI0T4uJYc.roa
Signing time: Tue 02 Jan 2024 04:30:19 +0000
ROA not before: Tue 02 Jan 2024 04:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212263
IP address blocks: 185.222.21.0/24 maxlen: 24
2a10:f300::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 04 Dec 2024 17:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:cc:d4:df:2c:40:9d:34:00:4c:64:e7:a4:a0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96e6f77cbda101987d9dfc84be90b6fba66adc9f
Validity
Not Before: Jan 2 04:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ba0084e7beb335d93609d6445c088d13e2e2587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:4a:64:30:94:62:06:4b:dd:0d:fe:59:73:10:
62:3a:26:97:38:b0:5f:56:8a:3b:26:0a:43:0b:7b:
d3:52:ff:96:7f:5a:f2:77:f0:c9:3c:0a:83:37:0a:
62:d9:8d:ef:16:f6:b3:8c:bf:63:fa:02:b0:78:48:
83:36:42:6d:9e:2d:d4:35:bb:10:46:41:73:47:cb:
b2:b1:4d:31:ff:b5:5f:05:1a:8a:ba:85:69:ae:cd:
a1:e7:d7:53:54:fe:aa:50:05:03:da:f3:40:8d:98:
5f:cf:90:67:99:65:7c:e8:a7:c5:90:d7:27:d3:c3:
df:dd:88:2d:fb:ca:be:29:21:57:27:7a:c0:fd:88:
1f:76:e6:95:51:78:62:ac:0d:00:5c:7e:8d:23:47:
bb:93:1c:02:85:ca:49:a1:e3:82:7d:4e:19:00:eb:
82:44:92:42:5b:4e:6c:e3:24:88:5b:a2:c2:e0:9d:
c6:ef:ed:3d:76:a2:3a:b2:68:fe:c3:4c:f8:ca:27:
4c:21:f3:ad:7b:79:00:ac:fc:79:30:54:f7:77:de:
3f:61:aa:1a:1a:02:13:55:48:af:3c:d5:78:e5:f2:
49:14:14:2b:aa:57:7b:35:6f:61:5c:b1:5c:c6:df:
ae:43:22:8e:9c:2f:0b:41:6f:8c:b6:b1:1b:84:24:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A0:08:4E:7B:EB:33:5D:93:60:9D:64:45:C0:88:D1:3E:2E:25:87
X509v3 Authority Key Identifier:
keyid:96:E6:F7:7C:BD:A1:01:98:7D:9D:FC:84:BE:90:B6:FB:A6:6A:DC:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lub3fL2hAZh9nfyEvpC2-6Zq3J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/i6AITnvrM12TYJ1kRcCI0T4uJYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/1cbc1e-4d46-4b5b-b249-3208de39c09d/1/lub3fL2hAZh9nfyEvpC2-6Zq3J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.21.0/24
IPv6:
2a10:f300::/29
Signature Algorithm: sha256WithRSAEncryption
44:6b:92:c0:2c:86:d5:3c:c9:ed:93:ca:bb:8b:83:8a:80:79:
7d:64:58:39:e4:0b:ab:bf:cb:ff:ba:53:91:b6:63:a9:f6:cb:
38:b0:9e:2e:b7:38:05:1c:24:d0:74:1b:a6:09:1f:fd:6b:1f:
f6:ab:12:7c:b8:9e:2f:90:09:fa:46:0d:df:c6:0b:3f:7a:1a:
b6:5b:0f:ff:63:11:e8:54:78:54:50:a6:e8:6a:0d:e0:31:46:
23:1f:91:94:c1:c9:b4:d4:75:89:c6:f6:e1:59:43:27:0d:e2:
c6:2e:6e:f6:a5:a9:c0:93:c0:e7:a5:f7:bd:09:76:09:67:10:
3f:cc:37:ce:be:97:85:db:a6:64:c5:78:77:fd:d0:5a:6a:60:
a2:fb:05:ce:38:f5:d0:f0:65:fa:a5:18:da:d9:01:24:a9:f5:
b6:09:a6:28:98:d8:8f:c6:5d:31:7d:93:4e:32:97:ea:e4:ac:
4d:2a:07:10:e3:3f:0d:2c:46:d4:aa:96:3f:57:c4:6e:d1:bd:
38:fa:de:8d:cd:11:f4:05:46:d5:39:82:42:94:1a:cb:a4:bf:
e6:91:e8:58:bf:9e:ca:a2:4f:ed:a2:7c:b7:59:c8:03:4a:8a:
07:d3:9d:21:4f:a3:98:8c:d2:53:fa:a9:52:16:a5:50:2e:61:
51:c5:23:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb8zU3yxAnTQATGTnpKDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZTZmNzdjYmRhMTAxOTg3ZDlkZmM4NGJlOTBiNmZiYTY2
YWRjOWYwHhcNMjQwMTAyMDQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmEwMDg0ZTdiZWIzMzVkOTM2MDlkNjQ0NWMwODhkMTNlMmUyNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UpkMJRiBkvdDf5ZcxBiOiaXOLBf
Voo7JgpDC3vTUv+Wf1ryd/DJPAqDNwpi2Y3vFvazjL9j+gKweEiDNkJtni3UNbsQ
RkFzR8uysU0x/7VfBRqKuoVprs2h59dTVP6qUAUD2vNAjZhfz5BnmWV86KfFkNcn
08Pf3Ygt+8q+KSFXJ3rA/YgfduaVUXhirA0AXH6NI0e7kxwChcpJoeOCfU4ZAOuC
RJJCW05s4ySIW6LC4J3G7+09dqI6smj+w0z4yidMIfOte3kArPx5MFT3d94/Yaoa
GgITVUivPNV45fJJFBQrqld7NW9hXLFcxt+uQyKOnC8LQW+MtrEbhCSkFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIugCE576zNdk2CdZEXAiNE+LiWHMB8GA1UdIwQY
MBaAFJbm93y9oQGYfZ38hL6QtvumatyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHViM2ZMMmhBWmg5bmZ5RXZwQzItNlpxM0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8xY2JjMWUtNGQ0Ni00YjViLWIyNDkt
MzIwOGRlMzljMDlkLzEvaTZBSVRudnJNMTJUWUoxa1JjQ0kwVDR1SlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8xY2JjMWUtNGQ0Ni00YjViLWIyNDktMzIwOGRlMzljMDlk
LzEvbHViM2ZMMmhBWmg5bmZ5RXZwQzItNlpxM0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAud4VMA0E
AgACMAcDBQMqEPMAMA0GCSqGSIb3DQEBCwUAA4IBAQBEa5LALIbVPMntk8q7i4OK
gHl9ZFg55Aurv8v/ulORtmOp9ss4sJ4utzgFHCTQdBumCR/9ax/2qxJ8uJ4vkAn6
Rg3fxgs/ehq2Ww//YxHoVHhUUKboag3gMUYjH5GUwcm01HWJxvbhWUMnDeLGLm72
panAk8Dnpfe9CXYJZxA/zDfOvpeF26ZkxXh3/dBaamCi+wXOOPXQ8GX6pRja2QEk
qfW2CaYomNiPxl0xfZNOMpfq5KxNKgcQ4z8NLEbUqpY/V8Ru0b04+t6NzRH0BUbV
OYJClBrLpL/mkehYv57Kok/tony3WcgDSooH050hT6OYjNJT+qlSFqVQLmFRxSOt
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:32:19 2025 by rpki-client