Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/8FqRAd_BgJZg9uh5zbx12kArFyQ.roa
File: 8FqRAd_BgJZg9uh5zbx12kArFyQ.roa (raw, json)
Hash identifier: Pot/yQiYCfLoQMpg+e8+VmrrXZdB+C3282hsTzByijc=
Subject key identifier: F0:5A:91:01:DF:C1:80:96:60:F6:E8:79:CD:BC:75:DA:40:2B:17:24
Certificate issuer: /CN=7f85e990354397e36c0ca903a0c620c7709efdcd
Certificate serial: 0194180DB4DC5D2A7CF764983E190A9EED90
Authority key identifier: 7F:85:E9:90:35:43:97:E3:6C:0C:A9:03:A0:C6:20:C7:70:9E:FD:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/8FqRAd_BgJZg9uh5zbx12kArFyQ.roa
Signing time: Mon 30 Dec 2024 14:52:18 +0000
ROA not before: Mon 30 Dec 2024 14:52:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58067
IP address blocks: 185.214.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:18:0d:b4:dc:5d:2a:7c:f7:64:98:3e:19:0a:9e:ed:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f85e990354397e36c0ca903a0c620c7709efdcd
Validity
Not Before: Dec 30 14:52:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f05a9101dfc1809660f6e879cdbc75da402b1724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:54:35:03:be:52:7b:06:11:ab:b9:a2:08:34:
ae:01:d5:8e:a7:51:f4:4d:91:82:90:ff:1a:c0:eb:
e6:59:81:a5:ad:3a:6b:18:53:ac:06:9a:1a:df:f3:
d5:01:3d:a9:e2:de:62:80:0e:65:62:f4:00:5c:ef:
b0:31:03:66:a8:fc:c1:91:73:c0:82:53:79:4c:e3:
a7:97:69:cb:5e:47:50:b7:22:55:a0:ce:a4:44:e7:
61:a6:70:9d:12:90:20:fa:88:5d:a2:64:09:d4:ef:
5a:11:87:4f:24:47:58:3e:b7:b6:ac:00:b6:b0:a8:
3f:ae:65:15:ff:96:6d:df:79:e8:65:36:e1:8a:ba:
b2:98:cb:39:93:96:e7:09:d2:d1:4c:62:66:f8:15:
f5:94:bf:93:2d:5f:ab:37:44:ea:97:ae:1f:99:4b:
03:b9:93:44:33:70:2d:ca:7c:26:bf:e6:2f:5a:ab:
b4:c1:27:b3:86:9e:6b:47:33:b3:53:6c:38:ab:07:
31:5e:9c:23:53:b4:6c:87:42:61:23:86:c9:60:4e:
4f:c0:80:95:61:e0:32:45:17:f0:9d:25:de:06:4e:
ee:ea:28:49:3c:e8:15:d5:1f:65:b0:54:c5:af:e9:
76:98:f1:72:df:ce:1f:51:67:76:6c:9e:09:7c:c0:
40:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5A:91:01:DF:C1:80:96:60:F6:E8:79:CD:BC:75:DA:40:2B:17:24
X509v3 Authority Key Identifier:
keyid:7F:85:E9:90:35:43:97:E3:6C:0C:A9:03:A0:C6:20:C7:70:9E:FD:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/8FqRAd_BgJZg9uh5zbx12kArFyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.76.0/22
Signature Algorithm: sha256WithRSAEncryption
38:e8:9b:b1:2f:56:e7:47:86:87:70:4d:66:c7:46:b3:f8:7a:
ba:45:40:dd:e3:e1:ce:47:f8:b4:39:a4:0f:7d:29:f7:87:1f:
d7:35:00:22:4c:ad:48:b8:b9:f7:a1:18:85:1e:27:5f:55:c3:
4a:34:b5:34:c1:70:42:1d:01:29:d6:a9:9e:c1:4b:46:4c:70:
f1:cd:6a:50:3e:4d:be:a1:93:17:8e:26:58:09:0e:cb:d0:37:
de:ea:d0:32:42:66:e1:94:68:8e:d4:25:49:47:ff:2a:3b:db:
c6:20:a3:43:3b:47:d3:03:2b:9d:4a:c5:d9:ff:5a:78:18:ac:
4b:99:4c:b1:ad:9c:45:04:23:a4:ee:5e:a9:e9:55:91:d3:1f:
6f:40:01:47:17:3c:81:da:8f:b0:22:32:16:e4:18:5c:e5:0d:
c1:65:9a:dc:69:72:64:d9:68:1e:53:d4:8a:1e:1b:24:17:b4:
ea:6a:1f:f2:a3:76:1a:6f:1d:dd:a7:a3:e3:b1:5d:75:29:ed:
91:70:c0:b9:05:47:41:48:b1:bf:ee:65:1e:f1:ed:1c:f7:98:
63:e6:94:a4:cf:07:1e:2d:05:97:fa:f8:87:d4:59:a8:1b:73:
c6:5e:a2:86:eb:e3:51:36:53:6b:31:de:02:17:2a:a7:a9:cf:
7b:94:e7:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQYDbTcXSp892SYPhkKnu2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmODVlOTkwMzU0Mzk3ZTM2YzBjYTkwM2EwYzYyMGM3NzA5
ZWZkY2QwHhcNMjQxMjMwMTQ1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVhOTEwMWRmYzE4MDk2NjBmNmU4NzljZGJjNzVkYTQwMmIxNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lQ1A75SewYRq7miCDSuAdWOp1H0
TZGCkP8awOvmWYGlrTprGFOsBpoa3/PVAT2p4t5igA5lYvQAXO+wMQNmqPzBkXPA
glN5TOOnl2nLXkdQtyJVoM6kROdhpnCdEpAg+ohdomQJ1O9aEYdPJEdYPre2rAC2
sKg/rmUV/5Zt33noZTbhirqymMs5k5bnCdLRTGJm+BX1lL+TLV+rN0Tql64fmUsD
uZNEM3Atynwmv+YvWqu0wSezhp5rRzOzU2w4qwcxXpwjU7Rsh0JhI4bJYE5PwICV
YeAyRRfwnSXeBk7u6ihJPOgV1R9lsFTFr+l2mPFy384fUWd2bJ4JfMBAvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBakQHfwYCWYPboec28ddpAKxckMB8GA1UdIwQY
MBaAFH+F6ZA1Q5fjbAypA6DGIMdwnv3NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjRYcGtEVkRsLU5zREtrRG9NWWd4M0NlX2MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80YWUxNzUtNTVkMC00ODRkLThkMTEt
OGM5ZDU4MjNiYWQ5LzEvOEZxUkFkX0JnSlpnOXVoNXpieDEya0FyRnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80YWUxNzUtNTVkMC00ODRkLThkMTEtOGM5ZDU4MjNiYWQ5
LzEvZjRYcGtEVkRsLU5zREtrRG9NWWd4M0NlX2MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudZMMA0G
CSqGSIb3DQEBCwUAA4IBAQA46JuxL1bnR4aHcE1mx0az+Hq6RUDd4+HOR/i0OaQP
fSn3hx/XNQAiTK1IuLn3oRiFHidfVcNKNLU0wXBCHQEp1qmewUtGTHDxzWpQPk2+
oZMXjiZYCQ7L0Dfe6tAyQmbhlGiO1CVJR/8qO9vGIKNDO0fTAyudSsXZ/1p4GKxL
mUyxrZxFBCOk7l6p6VWR0x9vQAFHFzyB2o+wIjIW5Bhc5Q3BZZrcaXJk2WgeU9SK
HhskF7Tqah/yo3Yabx3dp6PjsV11Ke2RcMC5BUdBSLG/7mUe8e0c95hj5pSkzwce
LQWX+viH1FmoG3PGXqKG6+NRNlNrMd4CFyqnqc97lOcP
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:15:28 2025 by rpki-client