Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a1923f-26d7-44be-a2be-03cbdb8ff960/1/jO3myQDaRJcweoQRPM8SkcQgSAg.roa
File: jO3myQDaRJcweoQRPM8SkcQgSAg.roa (raw, json)
Hash identifier: bcLvLsrPNE5g3esL4TGau/shv1edRuCc9IpRL22EjXs=
Subject key identifier: 8C:ED:E6:C9:00:DA:44:97:30:7A:84:11:3C:CF:12:91:C4:20:48:08
Certificate issuer: /CN=01f649b9d0546227b1d4626c2081e4d3da850efe
Certificate serial: 018CC50139A62342248525E05C31FEB7AD65
Authority key identifier: 01:F6:49:B9:D0:54:62:27:B1:D4:62:6C:20:81:E4:D3:DA:85:0E:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfZJudBUYiex1GJsIIHk09qFDv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a1923f-26d7-44be-a2be-03cbdb8ff960/1/jO3myQDaRJcweoQRPM8SkcQgSAg.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207143
IP address blocks: 185.35.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:39:a6:23:42:24:85:25:e0:5c:31:fe:b7:ad:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f649b9d0546227b1d4626c2081e4d3da850efe
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cede6c900da4497307a84113ccf1291c4204808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8d:a9:c1:32:f1:59:a4:b8:c1:54:01:be:f9:
de:33:92:5f:69:77:4b:ce:23:96:20:c4:fb:27:b9:
60:ae:1f:dd:d5:76:1c:5d:06:42:08:8f:bb:7e:f7:
24:0a:85:aa:b8:ec:77:14:3e:08:1d:ff:3f:d3:2e:
42:d2:9b:46:3e:c8:18:46:5b:db:91:41:34:74:e9:
57:d3:72:b8:76:b1:5b:7d:b9:2c:f9:c7:35:62:cb:
a1:cd:d8:81:2e:00:2f:44:de:06:81:2f:ba:f8:14:
f0:8c:43:89:b9:8e:b8:98:b7:dc:3e:d8:a8:e4:5c:
35:01:3c:7f:ff:13:e0:a1:df:bc:49:0b:9c:42:98:
d2:9d:ca:92:06:f7:a7:94:1a:85:c2:2c:40:ef:ba:
ca:77:61:f3:12:f7:28:bd:98:d0:b2:32:d4:86:2a:
11:3e:d4:74:0e:c9:b0:6e:b9:1a:96:d0:51:d1:e5:
94:29:df:b2:3a:ea:5d:bf:db:70:b3:17:9f:7c:d7:
6d:fc:af:45:c0:72:11:f4:7a:a9:25:05:bc:5f:a4:
9d:84:2d:09:08:4e:7e:0e:35:03:b3:cc:45:b0:97:
63:d2:7c:e7:0f:c5:b8:73:0d:c6:2c:3f:1a:99:a0:
0e:11:c5:9d:23:8b:f3:1f:30:40:18:4e:50:d6:1c:
26:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:ED:E6:C9:00:DA:44:97:30:7A:84:11:3C:CF:12:91:C4:20:48:08
X509v3 Authority Key Identifier:
keyid:01:F6:49:B9:D0:54:62:27:B1:D4:62:6C:20:81:E4:D3:DA:85:0E:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfZJudBUYiex1GJsIIHk09qFDv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a1923f-26d7-44be-a2be-03cbdb8ff960/1/jO3myQDaRJcweoQRPM8SkcQgSAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a1923f-26d7-44be-a2be-03cbdb8ff960/1/AfZJudBUYiex1GJsIIHk09qFDv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:86:36:36:31:ec:39:03:fa:d8:3a:58:43:71:07:31:4b:ae:
49:9c:1c:ac:c4:78:60:21:f5:c5:51:a7:c4:03:1f:9b:5c:2b:
da:d3:a7:fd:df:1b:e9:23:7d:97:79:3d:9e:5d:83:d6:af:85:
af:4e:0f:32:c4:f0:46:64:bb:7a:af:af:b2:ce:12:3d:c6:5a:
ed:3e:8a:3a:f6:5e:d1:1c:4a:18:69:af:0b:42:3c:ce:8d:04:
eb:c4:91:a8:47:ad:21:07:b0:26:0a:c8:5d:b5:7e:7e:06:68:
09:7e:36:dc:28:ea:30:7e:d9:e5:98:94:41:50:a0:db:97:20:
1b:fb:c4:36:ea:c7:86:a0:e8:65:05:6f:91:c8:a2:03:d1:09:
72:d3:58:10:e2:24:ee:b4:b6:62:5e:10:70:16:25:dd:0b:c2:
d7:34:87:94:0e:a5:80:4e:0d:0d:05:c7:1e:74:b5:a4:49:64:
41:f1:64:dc:fe:8a:d7:89:09:68:97:76:42:ec:19:38:4d:65:
02:10:9e:31:07:ea:60:b2:7e:c3:23:ca:7d:03:53:bb:09:4d:
77:da:71:ab:3f:6f:d0:65:96:2b:81:3e:0e:47:f1:38:ec:7a:
f2:8e:99:80:c3:cb:ca:cc:3d:c2:61:e3:fc:1f:24:51:cb:bd:
45:b9:69:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFATmmI0IkhSXgXDH+t61lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjY0OWI5ZDA1NDYyMjdiMWQ0NjI2YzIwODFlNGQzZGE4
NTBlZmUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2VkZTZjOTAwZGE0NDk3MzA3YTg0MTEzY2NmMTI5MWM0MjA0ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi42pwTLxWaS4wVQBvvneM5JfaXdL
ziOWIMT7J7lgrh/d1XYcXQZCCI+7fvckCoWquOx3FD4IHf8/0y5C0ptGPsgYRlvb
kUE0dOlX03K4drFbfbks+cc1YsuhzdiBLgAvRN4GgS+6+BTwjEOJuY64mLfcPtio
5Fw1ATx//xPgod+8SQucQpjSncqSBvenlBqFwixA77rKd2HzEvcovZjQsjLUhioR
PtR0DsmwbrkaltBR0eWUKd+yOupdv9twsxeffNdt/K9FwHIR9HqpJQW8X6SdhC0J
CE5+DjUDs8xFsJdj0nznD8W4cw3GLD8amaAOEcWdI4vzHzBAGE5Q1hwmvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIzt5skA2kSXMHqEETzPEpHEIEgIMB8GA1UdIwQY
MBaAFAH2SbnQVGInsdRibCCB5NPahQ7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZaSnVkQlVZaWV4MUdKc0lJSGswOXFGRHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMTkyM2YtMjZkNy00NGJlLWEyYmUt
MDNjYmRiOGZmOTYwLzEvak8zbXlRRGFSSmN3ZW9RUlBNOFNrY1FnU0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hMTkyM2YtMjZkNy00NGJlLWEyYmUtMDNjYmRiOGZmOTYw
LzEvQWZaSnVkQlVZaWV4MUdKc0lJSGswOXFGRHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSMcMA0G
CSqGSIb3DQEBCwUAA4IBAQAuhjY2Mew5A/rYOlhDcQcxS65JnBysxHhgIfXFUafE
Ax+bXCva06f93xvpI32XeT2eXYPWr4WvTg8yxPBGZLt6r6+yzhI9xlrtPoo69l7R
HEoYaa8LQjzOjQTrxJGoR60hB7AmCshdtX5+BmgJfjbcKOowftnlmJRBUKDblyAb
+8Q26seGoOhlBW+RyKID0Qly01gQ4iTutLZiXhBwFiXdC8LXNIeUDqWATg0NBcce
dLWkSWRB8WTc/orXiQlol3ZC7Bk4TWUCEJ4xB+pgsn7DI8p9A1O7CU132nGrP2/Q
ZZYrgT4OR/E47HryjpmAw8vKzD3CYeP8HyRRy71FuWke
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:05 2025 by rpki-client