Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/udp28O78g-X8pw3LZF6hOvRWwqs.roa
File: udp28O78g-X8pw3LZF6hOvRWwqs.roa (raw, json)
Hash identifier: y//CwfKxAEQuBL6pgbf37U37LaisyBeWs/hisVNni+c=
Subject key identifier: B9:DA:76:F0:EE:FC:83:E5:FC:A7:0D:CB:64:5E:A1:3A:F4:56:C2:AB
Certificate issuer: /CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Certificate serial: 018CC4251E3DA489201EAF3DD627E2EBCA24
Authority key identifier: CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/udp28O78g-X8pw3LZF6hOvRWwqs.roa
Signing time: Mon 01 Jan 2024 08:30:15 +0000
ROA not before: Mon 01 Jan 2024 08:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202789
IP address blocks: 185.154.112.0/22 maxlen: 24
2a07:8c80::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1e:3d:a4:89:20:1e:af:3d:d6:27:e2:eb:ca:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Validity
Not Before: Jan 1 08:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9da76f0eefc83e5fca70dcb645ea13af456c2ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:2f:28:06:c3:88:69:4a:b2:79:18:d7:f2:
d7:ea:73:05:31:00:bb:0f:d3:1c:70:50:aa:05:1e:
c2:a4:af:7b:4d:b4:6f:a5:1c:80:fe:f4:c3:2d:e7:
e4:c6:92:06:35:8e:8c:71:bb:78:52:10:b4:3c:66:
a7:4a:af:d9:c7:03:d7:bf:be:35:30:6e:78:e2:ce:
32:d3:95:02:54:89:ad:2d:ea:f5:a7:d9:21:a7:0f:
34:73:7e:dc:8f:30:21:40:d9:a5:bb:10:dc:cd:b5:
12:79:59:b0:07:90:29:0b:07:02:22:57:f7:45:46:
99:77:ac:66:78:a4:af:aa:13:f2:ac:0f:61:b8:34:
6a:4a:33:ec:a1:b1:0b:bc:57:61:3a:f7:94:d5:5c:
11:a5:ed:9d:9d:89:49:92:e2:28:97:f1:95:1d:1b:
f9:37:b3:6f:51:4e:04:00:5a:21:10:bb:26:6b:86:
19:27:68:52:75:cf:af:8d:5c:8a:63:cd:01:4b:96:
aa:19:5c:2d:2a:43:c4:5a:5d:50:79:e1:00:31:4e:
9a:65:11:a6:1a:4d:ad:f6:21:dd:3a:0b:17:30:d5:
9b:d1:f8:42:ea:75:98:ed:c3:a1:e8:67:97:be:07:
75:c2:a9:8f:29:86:91:3a:91:b3:dd:7f:24:31:db:
b5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:DA:76:F0:EE:FC:83:E5:FC:A7:0D:CB:64:5E:A1:3A:F4:56:C2:AB
X509v3 Authority Key Identifier:
keyid:CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/udp28O78g-X8pw3LZF6hOvRWwqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.112.0/22
IPv6:
2a07:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
46:e1:ea:b1:4e:f9:13:72:ba:fb:e8:83:01:93:d0:3b:d4:e0:
f8:02:f9:57:b0:4f:f4:cc:60:3a:4b:a7:bf:a0:53:ef:fd:ce:
bd:31:6b:b9:be:e5:1e:b4:5c:fb:d2:a2:78:e1:10:90:44:f8:
d2:fc:aa:27:38:02:f1:8e:da:44:3b:11:02:f3:97:c6:24:4b:
21:da:f3:a9:4f:8a:85:9a:42:1a:61:97:ca:eb:4d:59:93:87:
98:d1:2c:b1:3d:94:71:5f:bf:a7:4b:20:44:05:5e:9e:52:f2:
c5:b7:f6:3e:58:cb:1f:55:4e:b0:2c:8e:96:b8:c4:d9:cc:f5:
0b:b7:7a:9b:f4:b8:51:ea:1b:d3:bb:94:72:a6:31:25:7d:c0:
63:e3:9b:de:79:ce:1e:aa:99:6c:26:10:f2:b2:7a:54:02:2b:
fb:ec:67:e0:39:8a:80:4b:63:b1:82:28:8a:c6:98:71:95:cb:
04:a1:e8:67:6b:d0:91:a9:a1:97:5f:20:b1:4a:3f:d5:1b:f9:
4e:eb:ca:a0:6b:cf:dc:3e:04:77:f0:a3:88:15:ef:3f:a8:27:
7d:4a:4d:6b:2f:d0:67:6b:15:f2:54:c4:c2:3e:f6:f3:8e:65:
32:fd:26:c7:17:48:14:6e:f2:a5:6b:8d:20:1e:95:7e:c7:45:
41:ef:43:31
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJR49pIkgHq891ifi68okMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGIzZDkwNGIzNDQ0MDU0NmI2MjQxZDc4OTRkOTMzMDBi
Y2JkMjgwHhcNMjQwMTAxMDgzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWRhNzZmMGVlZmM4M2U1ZmNhNzBkY2I2NDVlYTEzYWY0NTZjMmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj4vKAbDiGlKsnkY1/LX6nMFMQC7
D9MccFCqBR7CpK97TbRvpRyA/vTDLefkxpIGNY6Mcbt4UhC0PGanSq/ZxwPXv741
MG544s4y05UCVImtLer1p9khpw80c37cjzAhQNmluxDczbUSeVmwB5ApCwcCIlf3
RUaZd6xmeKSvqhPyrA9huDRqSjPsobELvFdhOveU1VwRpe2dnYlJkuIol/GVHRv5
N7NvUU4EAFohELsma4YZJ2hSdc+vjVyKY80BS5aqGVwtKkPEWl1QeeEAMU6aZRGm
Gk2t9iHdOgsXMNWb0fhC6nWY7cOh6GeXvgd1wqmPKYaROpGz3X8kMdu1twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLnadvDu/IPl/KcNy2ReoTr0VsKrMB8GA1UdIwQY
MBaAFM/bPZBLNEQFRrYkHXiU2TMAvL0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUt
NmU3NTYxNTM1YmJkLzEvdWRwMjhPNzhnLVg4cHczTFpGNmhPdlJXd3FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJk
LzEvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZpwMA0E
AgACMAcDBQMqB4yAMA0GCSqGSIb3DQEBCwUAA4IBAQBG4eqxTvkTcrr76IMBk9A7
1OD4AvlXsE/0zGA6S6e/oFPv/c69MWu5vuUetFz70qJ44RCQRPjS/KonOALxjtpE
OxEC85fGJEsh2vOpT4qFmkIaYZfK601Zk4eY0SyxPZRxX7+nSyBEBV6eUvLFt/Y+
WMsfVU6wLI6WuMTZzPULt3qb9LhR6hvTu5RypjElfcBj45veec4eqplsJhDysnpU
Aiv77GfgOYqAS2OxgiiKxphxlcsEoehna9CRqaGXXyCxSj/VG/lO68qga8/cPgR3
8KOIFe8/qCd9Sk1rL9BnaxXyVMTCPvbzjmUy/SbHF0gUbvKla40gHpV+x0VB70Mx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:06 2025 by rpki-client