Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/P6fkBaTM0v3I9yOqSNE8AT0RCNk.roa
File: P6fkBaTM0v3I9yOqSNE8AT0RCNk.roa (raw, json)
Hash identifier: lm66iToO1U1GzydzTR4Ov0psJadskKKfk3I8N20lvIw=
Subject key identifier: 3F:A7:E4:05:A4:CC:D2:FD:C8:F7:23:AA:48:D1:3C:01:3D:11:08:D9
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC7954749225112A7DD2DB23C1B4A8444
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/P6fkBaTM0v3I9yOqSNE8AT0RCNk.roa
Signing time: Tue 02 Jan 2024 00:31:38 +0000
ROA not before: Tue 02 Jan 2024 00:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35268
IP address blocks: 85.204.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:47:49:22:51:12:a7:dd:2d:b2:3c:1b:4a:84:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa7e405a4ccd2fdc8f723aa48d13c013d1108d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:60:ac:aa:75:6a:9d:23:41:b0:b9:f8:8e:49:
0b:f0:08:65:c8:d4:29:1d:64:f6:08:de:30:65:df:
46:81:ae:cf:ca:56:49:d2:d8:15:e1:64:8a:90:7b:
6f:cd:7b:f7:b0:c7:90:a5:61:44:81:ba:08:6d:95:
1c:e2:35:e8:95:10:57:3e:92:1e:22:8f:f4:a3:e6:
77:33:80:74:0e:6f:81:32:4d:f6:50:a5:90:ab:46:
4f:1d:80:ab:75:cb:98:35:53:c0:0e:39:8f:f3:f3:
be:27:76:6a:84:80:06:4b:38:0e:cf:af:96:bf:9e:
d4:f2:fe:7c:d8:7c:6e:0d:fc:45:2d:b8:22:00:9e:
a3:0e:b1:7f:57:e5:a9:11:89:e0:a8:ae:dc:3a:b2:
17:f6:9c:3f:25:1f:c4:bc:d1:44:23:29:27:e7:11:
28:8a:5e:66:e5:82:c7:ea:ef:08:7e:87:62:4c:c2:
66:8a:fd:98:74:07:c6:7d:8e:8c:86:68:76:34:76:
fa:22:4a:9d:01:aa:54:56:7b:1e:55:cb:9a:ff:d0:
b2:3b:b7:12:8d:41:5b:21:11:29:a3:9c:34:5e:2c:
b6:bb:41:79:84:4c:4c:91:1d:12:f7:58:3b:a2:1b:
39:4e:6a:49:fe:6b:44:90:7c:2d:6c:42:3f:e0:9a:
e0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A7:E4:05:A4:CC:D2:FD:C8:F7:23:AA:48:D1:3C:01:3D:11:08:D9
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/P6fkBaTM0v3I9yOqSNE8AT0RCNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.134.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e6:4b:ab:8d:0b:ec:af:ae:30:22:3d:d2:c2:20:99:0e:7e:
b6:56:37:d3:86:36:75:e8:2d:93:59:70:6d:d1:a2:8d:93:0b:
55:54:dc:cd:17:f1:a2:de:60:f7:b6:bb:f6:71:85:89:9a:e8:
fd:65:20:26:32:6c:52:b6:e2:56:d6:6a:61:9a:68:59:60:bc:
b3:3a:60:42:dd:eb:0d:4f:c1:ed:7d:43:18:47:8a:0c:46:00:
54:64:6e:79:04:43:b0:34:ab:3f:37:ee:69:a0:14:60:dd:fe:
5f:8a:6b:22:d8:9b:42:be:d3:e7:84:c2:bb:7f:d9:66:be:b2:
e0:ec:21:a9:8a:cb:a9:7a:d2:fa:c1:f6:47:45:44:db:a8:f4:
61:df:91:12:03:e4:7e:ba:4b:ef:e7:24:f9:52:b4:7b:92:93:
7e:0b:fe:03:a8:0b:0c:35:cf:12:12:e5:5d:67:a2:33:75:d6:
a2:84:60:a5:77:a0:f4:e9:87:18:06:fc:bf:24:13:1e:3c:02:
44:b9:cd:f5:a1:40:99:17:4e:1e:85:e6:9c:15:c0:ef:d9:49:
2d:31:b5:0d:11:f6:b4:85:64:38:83:b4:35:e6:b1:df:22:65:
16:b5:b4:2a:be:6d:eb:64:72:c8:19:f6:f7:2e:8b:c2:b4:f6:
73:76:46:ca
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlUdJIlESp90tsjwbSoREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE3ZTQwNWE0Y2NkMmZkYzhmNzIzYWE0OGQxM2MwMTNkMTEwOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mCsqnVqnSNBsLn4jkkL8AhlyNQp
HWT2CN4wZd9Gga7PylZJ0tgV4WSKkHtvzXv3sMeQpWFEgboIbZUc4jXolRBXPpIe
Io/0o+Z3M4B0Dm+BMk32UKWQq0ZPHYCrdcuYNVPADjmP8/O+J3ZqhIAGSzgOz6+W
v57U8v582HxuDfxFLbgiAJ6jDrF/V+WpEYngqK7cOrIX9pw/JR/EvNFEIykn5xEo
il5m5YLH6u8IfodiTMJmiv2YdAfGfY6Mhmh2NHb6IkqdAapUVnseVcua/9CyO7cS
jUFbIREpo5w0Xiy2u0F5hExMkR0S91g7ohs5TmpJ/mtEkHwtbEI/4JrgwwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD+n5AWkzNL9yPcjqkjRPAE9EQjZMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1A2ZmtCYVRNMHYzSTl5T3FTTkU4QVQwUkNOay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVzIYw
DQYJKoZIhvcNAQELBQADggEBAAHmS6uNC+yvrjAiPdLCIJkOfrZWN9OGNnXoLZNZ
cG3Roo2TC1VU3M0X8aLeYPe2u/ZxhYma6P1lICYybFK24lbWamGaaFlgvLM6YELd
6w1Pwe19QxhHigxGAFRkbnkEQ7A0qz837mmgFGDd/l+KayLYm0K+0+eEwrt/2Wa+
suDsIamKy6l60vrB9kdFRNuo9GHfkRID5H66S+/nJPlStHuSk34L/gOoCww1zxIS
5V1nojN11qKEYKV3oPTphxgG/L8kEx48AkS5zfWhQJkXTh6F5pwVwO/ZSS0xtQ0R
9rSFZDiDtDXmsd8iZRa1tCq+betkcsgZ9vcui8K09nN2Rso=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:53 2025 by rpki-client