Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/h6bwUmHe2fGn1c5Nr_0Az2teVv0.roa
File: h6bwUmHe2fGn1c5Nr_0Az2teVv0.roa (raw, json)
Hash identifier: yYoUG2tvPRhDBZFeTym5a6HJ593OW1/oixPBJqSug+I=
Subject key identifier: 87:A6:F0:52:61:DE:D9:F1:A7:D5:CE:4D:AF:FD:00:CF:6B:5E:56:FD
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 018CC94D4D7904B78888E9CAB011A5BB2C68
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/h6bwUmHe2fGn1c5Nr_0Az2teVv0.roa
Signing time: Tue 02 Jan 2024 08:32:15 +0000
ROA not before: Tue 02 Jan 2024 08:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57536
IP address blocks: 212.7.212.0/24 maxlen: 24
185.107.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:4d:79:04:b7:88:88:e9:ca:b0:11:a5:bb:2c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Jan 2 08:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87a6f05261ded9f1a7d5ce4daffd00cf6b5e56fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8c:db:6a:93:80:27:5e:47:32:c6:f1:97:45:
0d:9a:27:1c:2f:36:77:f2:14:aa:4a:af:a7:fd:4b:
e4:25:97:ec:fa:31:d7:51:47:8f:d2:5f:bd:25:de:
20:1a:03:c7:84:5e:44:08:70:4b:b3:76:40:b4:b5:
70:2e:66:6e:7b:c3:e6:e2:59:39:1c:8c:cd:f0:e8:
d7:b4:74:db:58:18:ca:36:f1:0d:f3:f2:c4:5b:14:
5a:ed:00:09:3a:43:b4:d0:19:1b:14:d5:37:e0:73:
ea:85:ae:c7:5d:cd:40:6b:b0:a8:7a:e1:c0:9b:aa:
9f:74:dd:03:1a:f8:0b:22:16:35:de:8a:7e:b0:b3:
19:2f:19:e3:18:ec:c3:ae:95:81:86:5e:ef:66:21:
1b:5c:96:f8:3f:66:81:77:24:25:4d:ef:ad:2a:0c:
de:9a:ea:9e:84:87:64:66:d9:de:40:00:3f:81:df:
1b:9c:a0:2f:36:29:ef:9c:b5:8e:4b:3e:70:62:22:
99:62:9c:a1:63:7f:78:bc:a5:af:f5:46:3d:48:f4:
1a:75:de:9c:76:40:39:96:40:5e:19:7a:5f:81:fd:
4c:d1:3c:cc:4c:8e:58:e3:f8:32:64:90:b9:f4:ba:
22:60:f8:80:04:ed:ee:07:52:24:42:d0:dc:aa:b6:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A6:F0:52:61:DE:D9:F1:A7:D5:CE:4D:AF:FD:00:CF:6B:5E:56:FD
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/h6bwUmHe2fGn1c5Nr_0Az2teVv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.65.0/24
212.7.212.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:d9:4f:57:62:21:21:4f:d9:30:0f:bf:0b:da:81:1c:de:d2:
4d:5f:13:11:b7:d5:73:f5:93:64:c2:1f:d2:ff:6a:2f:bf:16:
18:63:96:74:fb:05:04:0b:8e:7d:ef:bb:48:c2:f4:ed:84:21:
48:9d:e5:bb:de:22:be:f2:b8:92:03:05:bf:d1:cc:3c:b9:46:
f0:1b:e4:d7:e3:27:72:d5:c4:72:6f:c1:7d:b5:bf:f2:db:9e:
fa:13:83:fa:9c:50:52:cc:f5:81:8f:28:7e:ba:1e:b6:a4:91:
68:21:4a:6a:06:61:25:00:d8:a8:73:bd:a7:f7:d9:8a:0d:50:
a4:5b:b8:f7:70:0c:31:ec:a8:7d:aa:24:60:4a:f9:09:79:ad:
50:ea:da:c1:86:63:76:22:fd:c0:ee:3e:be:3b:d1:b8:20:67:
ec:8c:06:15:32:b7:cb:1e:60:e7:23:7e:c1:f1:6f:b1:47:4b:
20:a0:f7:5c:c2:a0:53:d9:1b:bd:3f:1b:c6:d6:ae:a8:b7:6a:
d7:0a:8f:b2:9a:7e:1a:a1:eb:13:88:a0:3f:1a:60:ba:23:a2:
dc:33:44:df:db:11:48:b0:0b:50:97:0e:1b:97:08:ec:30:12:
42:e2:bb:77:40:ac:97:e1:d1:3a:2c:1e:8f:bd:3d:87:e3:18:
b7:32:66:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTU15BLeIiOnKsBGluyxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjQwMTAyMDgzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E2ZjA1MjYxZGVkOWYxYTdkNWNlNGRhZmZkMDBjZjZiNWU1NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIzbapOAJ15HMsbxl0UNmiccLzZ3
8hSqSq+n/UvkJZfs+jHXUUeP0l+9Jd4gGgPHhF5ECHBLs3ZAtLVwLmZue8Pm4lk5
HIzN8OjXtHTbWBjKNvEN8/LEWxRa7QAJOkO00BkbFNU34HPqha7HXc1Aa7CoeuHA
m6qfdN0DGvgLIhY13op+sLMZLxnjGOzDrpWBhl7vZiEbXJb4P2aBdyQlTe+tKgze
muqehIdkZtneQAA/gd8bnKAvNinvnLWOSz5wYiKZYpyhY394vKWv9UY9SPQadd6c
dkA5lkBeGXpfgf1M0TzMTI5Y4/gyZJC59LoiYPiABO3uB1IkQtDcqrYdKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIem8FJh3tnxp9XOTa/9AM9rXlb9MB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvaDZid1VtSGUyZkduMWM1TnJfMEF6MnRlVnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWtBAwQA
1AfUMA0GCSqGSIb3DQEBCwUAA4IBAQBM2U9XYiEhT9kwD78L2oEc3tJNXxMRt9Vz
9ZNkwh/S/2ovvxYYY5Z0+wUEC45977tIwvTthCFIneW73iK+8riSAwW/0cw8uUbw
G+TX4ydy1cRyb8F9tb/y2576E4P6nFBSzPWBjyh+uh62pJFoIUpqBmElANioc72n
99mKDVCkW7j3cAwx7Kh9qiRgSvkJea1Q6trBhmN2Iv3A7j6+O9G4IGfsjAYVMrfL
HmDnI37B8W+xR0sgoPdcwqBT2Ru9PxvG1q6ot2rXCo+ymn4aoesTiKA/GmC6I6Lc
M0Tf2xFIsAtQlw4blwjsMBJC4rt3QKyX4dE6LB6PvT2H4xi3MmY8
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:28:51 2025 by rpki-client