Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/8i9CeDcGo411BOZBlC29U3AwSD4.roa
File: 8i9CeDcGo411BOZBlC29U3AwSD4.roa (raw, json)
Hash identifier: bQBzZJPFDWGEo7dvU5KiBK4WXUs+eQ9QX7gkgtnTADg=
Subject key identifier: F2:2F:42:78:37:06:A3:8D:75:04:E6:41:94:2D:BD:53:70:30:48:3E
Certificate issuer: /CN=9f2bc3c5564d434381cb78ba47ad58be4d3deaa8
Certificate serial: 0192E7F0A935F4E31510F367E062831944E0
Authority key identifier: 9F:2B:C3:C5:56:4D:43:43:81:CB:78:BA:47:AD:58:BE:4D:3D:EA:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nyvDxVZNQ0OBy3i6R61Yvk096qg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/8i9CeDcGo411BOZBlC29U3AwSD4.roa
Signing time: Fri 01 Nov 2024 13:36:01 +0000
ROA not before: Fri 01 Nov 2024 13:36:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199231
IP address blocks: 185.4.228.0/22 maxlen: 22
2a02:c5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e7:f0:a9:35:f4:e3:15:10:f3:67:e0:62:83:19:44:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f2bc3c5564d434381cb78ba47ad58be4d3deaa8
Validity
Not Before: Nov 1 13:36:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f22f42783706a38d7504e641942dbd537030483e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a8:cc:da:d5:fb:53:e7:96:77:cb:b2:17:22:
cb:bd:fa:30:b5:da:2a:02:c1:09:01:7b:c2:f0:48:
44:85:54:6e:9d:ec:b7:0d:24:c5:48:3a:d4:2c:f4:
4d:c0:42:92:b2:80:69:6c:e4:83:9e:e9:7a:1f:17:
57:5d:a2:1d:bb:cd:98:43:97:f0:54:d3:4b:27:e2:
ba:de:b9:af:54:53:28:a5:f1:3c:b5:14:25:78:33:
16:70:4d:20:d1:7c:d9:95:83:c0:a8:09:3b:c0:c9:
b0:2a:86:c3:3f:e6:b6:a6:93:81:a6:52:34:9c:0e:
0d:a7:14:4a:b6:c8:f5:7c:29:ba:01:82:25:0c:2b:
c1:dd:48:d4:de:58:d1:f3:52:95:23:ee:ba:65:cf:
7f:f3:2b:1b:d1:6f:18:a5:e1:e2:96:5d:6e:93:af:
49:8b:d8:d4:43:1b:89:4a:dd:ca:ac:84:38:44:ad:
6f:12:f9:3c:7f:5e:4c:79:4a:98:13:e2:72:0b:85:
14:00:48:9f:70:63:9f:5c:25:ca:da:59:10:e0:6e:
07:09:07:20:d2:98:4e:8f:62:ed:d1:03:be:ad:01:
11:e8:c0:68:02:d7:44:b8:c3:1b:54:14:94:da:5c:
32:7c:04:99:45:84:01:00:00:f1:1c:b5:12:f0:61:
81:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2F:42:78:37:06:A3:8D:75:04:E6:41:94:2D:BD:53:70:30:48:3E
X509v3 Authority Key Identifier:
keyid:9F:2B:C3:C5:56:4D:43:43:81:CB:78:BA:47:AD:58:BE:4D:3D:EA:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nyvDxVZNQ0OBy3i6R61Yvk096qg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/8i9CeDcGo411BOZBlC29U3AwSD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/36bb6d-fc73-4449-a527-55426381953c/1/nyvDxVZNQ0OBy3i6R61Yvk096qg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.228.0/22
IPv6:
2a02:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:7e:cd:c9:e2:25:d9:9f:71:23:b9:ca:bf:b7:54:44:60:a9:
c8:dd:80:aa:2d:ff:cc:2c:bd:95:6b:03:3b:33:89:db:00:7c:
79:6e:b8:22:6b:fb:bb:99:52:c2:f1:80:1b:5e:6d:27:9e:f7:
87:31:67:55:4f:77:7b:b6:7c:ed:c9:97:e9:0f:7c:7e:67:00:
b9:30:c2:8f:d5:60:e5:94:82:6d:44:98:f1:9e:bf:49:b1:0f:
94:e2:8c:3c:fd:a8:78:34:7d:ec:91:6d:86:30:49:52:b7:49:
4d:73:28:a0:c9:f4:0d:59:be:42:96:ea:04:b3:f9:b8:af:97:
dc:e3:4c:05:ab:fb:9d:ca:2c:5a:11:c9:8c:78:c5:bc:7b:45:
dc:3e:60:8b:9b:d9:47:93:3e:5d:98:a4:88:d6:62:c0:7e:d2:
03:28:59:8d:db:a3:ac:05:75:07:9b:3a:09:c2:76:9e:07:55:
ea:4d:e5:79:a5:6c:0e:f9:46:ca:04:90:7d:0a:05:fa:24:64:
5d:1e:4c:84:31:3b:b4:d3:da:e9:f9:ef:1d:93:d1:4d:57:02:
44:cb:a1:fb:c8:77:87:0a:f5:75:5d:9b:6e:8b:b5:9e:18:52:
28:25:dd:06:db:fa:e4:65:9b:34:b0:65:1a:f5:71:03:71:27:
9c:65:da:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLn8Kk19OMVEPNn4GKDGUTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmJjM2M1NTY0ZDQzNDM4MWNiNzhiYTQ3YWQ1OGJlNGQz
ZGVhYTgwHhcNMjQxMTAxMTMzNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJmNDI3ODM3MDZhMzhkNzUwNGU2NDE5NDJkYmQ1MzcwMzA0ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzajM2tX7U+eWd8uyFyLLvfowtdoq
AsEJAXvC8EhEhVRuney3DSTFSDrULPRNwEKSsoBpbOSDnul6HxdXXaIdu82YQ5fw
VNNLJ+K63rmvVFMopfE8tRQleDMWcE0g0XzZlYPAqAk7wMmwKobDP+a2ppOBplI0
nA4NpxRKtsj1fCm6AYIlDCvB3UjU3ljR81KVI+66Zc9/8ysb0W8YpeHill1uk69J
i9jUQxuJSt3KrIQ4RK1vEvk8f15MeUqYE+JyC4UUAEifcGOfXCXK2lkQ4G4HCQcg
0phOj2Lt0QO+rQER6MBoAtdEuMMbVBSU2lwyfASZRYQBAADxHLUS8GGBxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPIvQng3BqONdQTmQZQtvVNwMEg+MB8GA1UdIwQY
MBaAFJ8rw8VWTUNDgct4uketWL5NPeqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnl2RHhWWk5RME9CeTNpNlI2MVl2azA5NnFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8zNmJiNmQtZmM3My00NDQ5LWE1Mjct
NTU0MjYzODE5NTNjLzEvOGk5Q2VEY0dvNDExQk9aQmxDMjlVM0F3U0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8zNmJiNmQtZmM3My00NDQ5LWE1MjctNTU0MjYzODE5NTNj
LzEvbnl2RHhWWk5RME9CeTNpNlI2MVl2azA5NnFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQTkMA0E
AgACMAcDBQMqAsXAMA0GCSqGSIb3DQEBCwUAA4IBAQA/fs3J4iXZn3Ejucq/t1RE
YKnI3YCqLf/MLL2VawM7M4nbAHx5brgia/u7mVLC8YAbXm0nnveHMWdVT3d7tnzt
yZfpD3x+ZwC5MMKP1WDllIJtRJjxnr9JsQ+U4ow8/ah4NH3skW2GMElSt0lNcyig
yfQNWb5CluoEs/m4r5fc40wFq/udyixaEcmMeMW8e0XcPmCLm9lHkz5dmKSI1mLA
ftIDKFmN26OsBXUHmzoJwnaeB1XqTeV5pWwO+UbKBJB9CgX6JGRdHkyEMTu009rp
+e8dk9FNVwJEy6H7yHeHCvV1XZtui7WeGFIoJd0G2/rkZZs0sGUa9XEDcSecZdrL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:11 2025 by rpki-client