Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/uG6F5VkUk2a8wE8dCtqypYLxCk4.roa
File: uG6F5VkUk2a8wE8dCtqypYLxCk4.roa (raw, json)
Hash identifier: C5DjvwA/epnlUl4teHftMm16b/xiC1kWavhdPJkEfk8=
Subject key identifier: B8:6E:85:E5:59:14:93:66:BC:C0:4F:1D:0A:DA:B2:A5:82:F1:0A:4E
Certificate issuer: /CN=3bad9cd5034f81558f83d238eca406332bd7ba85
Certificate serial: 018CC94E11992E0982FE59C5CE9BB0715E2F
Authority key identifier: 3B:AD:9C:D5:03:4F:81:55:8F:83:D2:38:EC:A4:06:33:2B:D7:BA:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O62c1QNPgVWPg9I47KQGMyvXuoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/uG6F5VkUk2a8wE8dCtqypYLxCk4.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 185.253.12.0/22 maxlen: 24
2a0c:3040::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:11:99:2e:09:82:fe:59:c5:ce:9b:b0:71:5e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bad9cd5034f81558f83d238eca406332bd7ba85
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b86e85e559149366bcc04f1d0adab2a582f10a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:df:6c:1f:2b:9e:53:32:27:a0:b2:69:e8:ee:
46:4f:a6:80:74:eb:7e:73:23:83:8c:46:cf:95:a4:
c4:9c:53:d0:c3:b8:4d:ca:e0:aa:15:ae:16:1e:3d:
31:b6:8b:75:11:8b:73:79:f8:1f:35:1c:e5:21:2a:
ea:d2:93:88:21:15:99:91:b3:f7:f9:14:c2:67:29:
1c:4e:7e:0c:d0:00:61:ac:8a:b4:9d:e2:6e:bb:ec:
04:dd:4f:b1:71:93:c2:f7:04:d2:de:d9:b4:5d:d3:
e0:d7:45:87:1f:ae:68:c9:97:d1:96:a8:85:f8:d9:
73:ce:96:5c:11:e9:b3:63:41:ec:3c:9c:39:62:bd:
e8:e6:e3:30:d6:92:73:74:dc:c1:69:44:c5:20:03:
31:fc:37:63:c0:46:cb:a6:2c:c2:4f:f2:22:c0:f0:
b8:21:e1:69:12:88:80:82:b3:43:27:e0:31:98:f2:
ca:8a:11:fe:b7:06:67:5d:c9:bc:60:75:c4:0a:f2:
20:ea:47:6d:a9:7a:8b:a4:e9:a3:8b:ca:99:31:d7:
60:98:ef:c1:28:b0:fc:f7:e2:c0:00:0d:60:d8:9b:
55:a0:c5:cb:0b:c2:6e:52:cb:39:55:05:97:71:11:
21:1c:8a:f7:80:36:a2:0d:b8:45:a9:85:93:62:0a:
2e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:6E:85:E5:59:14:93:66:BC:C0:4F:1D:0A:DA:B2:A5:82:F1:0A:4E
X509v3 Authority Key Identifier:
keyid:3B:AD:9C:D5:03:4F:81:55:8F:83:D2:38:EC:A4:06:33:2B:D7:BA:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O62c1QNPgVWPg9I47KQGMyvXuoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/uG6F5VkUk2a8wE8dCtqypYLxCk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/416bc7-ce87-42b6-8c68-4ba5f206f65a/1/O62c1QNPgVWPg9I47KQGMyvXuoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.12.0/22
IPv6:
2a0c:3040::/29
Signature Algorithm: sha256WithRSAEncryption
22:cd:2c:6b:92:4c:1a:31:11:bb:c1:89:48:56:69:cc:8d:3c:
e2:24:8d:64:28:a2:79:f7:fb:93:eb:f0:06:65:90:02:83:54:
a6:c6:53:ed:5c:ca:5a:4d:78:b7:c5:d2:41:0d:50:5d:6e:94:
b9:d2:9e:77:fb:38:2b:f5:ee:1d:da:50:dd:eb:84:7d:db:7d:
d6:7d:88:39:e8:a1:2f:18:d0:39:c8:db:8b:56:48:16:7f:e8:
4d:38:b7:a4:9a:51:de:73:59:72:f3:8e:85:1c:9f:50:b2:71:
72:a1:09:0c:1b:ad:4b:2d:92:a9:51:a7:60:2e:3c:9f:3e:a6:
31:96:ae:a7:db:66:7c:1f:45:50:b5:fc:b6:53:31:17:b0:b2:
e6:59:62:c2:be:ff:da:79:23:e2:c1:1a:b4:88:0c:a0:0b:30:
fa:ac:36:8c:73:95:91:ec:53:f9:e1:5b:10:93:10:bc:5c:ec:
bc:5d:a0:41:d9:15:88:85:20:77:18:90:07:63:81:1e:24:28:
7f:24:70:35:37:da:d4:17:75:99:af:19:a5:2d:23:52:13:f6:
48:28:ad:4e:f2:03:03:20:02:cd:f7:59:8a:0b:b3:4b:3b:1b:
53:a1:02:d3:ae:9e:a1:9b:b7:9a:a4:10:5a:f1:07:d6:83:75:
1d:b4:25:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJThGZLgmC/lnFzpuwcV4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWQ5Y2Q1MDM0ZjgxNTU4ZjgzZDIzOGVjYTQwNjMzMmJk
N2JhODUwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODZlODVlNTU5MTQ5MzY2YmNjMDRmMWQwYWRhYjJhNTgyZjEwYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN9sHyueUzInoLJp6O5GT6aAdOt+
cyODjEbPlaTEnFPQw7hNyuCqFa4WHj0xtot1EYtzefgfNRzlISrq0pOIIRWZkbP3
+RTCZykcTn4M0ABhrIq0neJuu+wE3U+xcZPC9wTS3tm0XdPg10WHH65oyZfRlqiF
+NlzzpZcEemzY0HsPJw5Yr3o5uMw1pJzdNzBaUTFIAMx/DdjwEbLpizCT/IiwPC4
IeFpEoiAgrNDJ+AxmPLKihH+twZnXcm8YHXECvIg6kdtqXqLpOmji8qZMddgmO/B
KLD89+LAAA1g2JtVoMXLC8JuUss5VQWXcREhHIr3gDaiDbhFqYWTYgounQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLhuheVZFJNmvMBPHQrasqWC8QpOMB8GA1UdIwQY
MBaAFDutnNUDT4FVj4PSOOykBjMr17qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYyYzFRTlBnVldQZzlJNDdLUUdNeXZYdW9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80MTZiYzctY2U4Ny00MmI2LThjNjgt
NGJhNWYyMDZmNjVhLzEvdUc2RjVWa1VrMmE4d0U4ZEN0cXlwWUx4Q2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80MTZiYzctY2U4Ny00MmI2LThjNjgtNGJhNWYyMDZmNjVh
LzEvTzYyYzFRTlBnVldQZzlJNDdLUUdNeXZYdW9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf0MMA0E
AgACMAcDBQMqDDBAMA0GCSqGSIb3DQEBCwUAA4IBAQAizSxrkkwaMRG7wYlIVmnM
jTziJI1kKKJ59/uT6/AGZZACg1SmxlPtXMpaTXi3xdJBDVBdbpS50p53+zgr9e4d
2lDd64R9233WfYg56KEvGNA5yNuLVkgWf+hNOLekmlHec1ly846FHJ9QsnFyoQkM
G61LLZKpUadgLjyfPqYxlq6n22Z8H0VQtfy2UzEXsLLmWWLCvv/aeSPiwRq0iAyg
CzD6rDaMc5WR7FP54VsQkxC8XOy8XaBB2RWIhSB3GJAHY4EeJCh/JHA1N9rUF3WZ
rxmlLSNSE/ZIKK1O8gMDIALN91mKC7NLOxtToQLTrp6hm7eapBBa8QfWg3UdtCU5
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:31 2025 by rpki-client