Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/lkDiswHtDy6riULBlMYM6wKytBY.roa
File: lkDiswHtDy6riULBlMYM6wKytBY.roa (raw, json)
Hash identifier: Hh7yJ81DVwDHbhPY0VRbvbIKy2duw7o1N/MieIq2mvg=
Subject key identifier: 96:40:E2:B3:01:ED:0F:2E:AB:89:42:C1:94:C6:0C:EB:02:B2:B4:16
Certificate issuer: /CN=b8cc59d994ac860e5b25e09575d99f94370e91cb
Certificate serial: 018CC3B68BE4978829C3C7136CDAF34B1B35
Authority key identifier: B8:CC:59:D9:94:AC:86:0E:5B:25:E0:95:75:D9:9F:94:37:0E:91:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMxZ2ZSshg5bJeCVddmflDcOkcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/lkDiswHtDy6riULBlMYM6wKytBY.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205358
IP address blocks: 185.131.205.0/24 maxlen: 24
2a12:da40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 28 Nov 2024 16:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8b:e4:97:88:29:c3:c7:13:6c:da:f3:4b:1b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8cc59d994ac860e5b25e09575d99f94370e91cb
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9640e2b301ed0f2eab8942c194c60ceb02b2b416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:2d:87:6e:82:cb:fc:69:44:38:56:3e:15:
6f:c8:c0:09:73:d3:b0:02:15:58:87:ce:e4:60:ee:
d9:7e:ab:7e:9d:79:a2:aa:48:5b:10:45:39:32:61:
26:45:2b:ff:72:66:e8:4c:c3:2b:19:74:ea:9b:34:
b7:5e:42:52:0c:11:a1:a7:c3:61:1c:35:84:c3:4c:
04:cf:63:af:7f:f9:0b:ff:ab:37:9b:69:da:7a:6b:
54:7f:86:c6:19:d2:29:b9:37:c2:e5:6e:1a:cc:b6:
0e:04:66:52:62:c5:f7:cd:b7:47:28:b6:a1:ac:ed:
24:d4:73:ae:93:9d:17:1e:3f:7b:69:34:11:29:4f:
4c:1b:70:d2:57:96:1b:6e:4c:40:c0:2e:75:5d:11:
30:17:73:f2:94:65:18:8a:ae:d1:dc:c0:8a:a4:84:
21:28:67:38:09:e0:64:8f:58:e0:c5:95:f8:a9:12:
17:40:b3:e9:6d:5d:12:8f:05:85:fa:96:04:54:70:
b3:4c:89:a2:de:72:63:7c:70:b5:83:2d:2c:45:1c:
b2:80:18:98:31:42:41:bc:98:19:76:29:36:1d:a6:
b1:16:fe:ce:3a:31:62:e6:b3:05:9e:53:08:7d:02:
c7:39:3f:f0:0f:80:f2:71:d8:de:37:e5:af:e3:ad:
a7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:40:E2:B3:01:ED:0F:2E:AB:89:42:C1:94:C6:0C:EB:02:B2:B4:16
X509v3 Authority Key Identifier:
keyid:B8:CC:59:D9:94:AC:86:0E:5B:25:E0:95:75:D9:9F:94:37:0E:91:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMxZ2ZSshg5bJeCVddmflDcOkcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/lkDiswHtDy6riULBlMYM6wKytBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/69c880-23ef-49c0-adbf-3d113d39f77b/1/uMxZ2ZSshg5bJeCVddmflDcOkcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.205.0/24
IPv6:
2a12:da40::/29
Signature Algorithm: sha256WithRSAEncryption
2e:6a:62:62:ba:38:c7:52:83:4d:d5:2d:84:19:0a:ff:58:20:
51:d1:31:58:32:62:a4:c9:0a:c2:00:9c:59:1c:d8:eb:56:6e:
12:2d:a6:3f:23:e1:26:b4:e0:4d:13:0a:26:e1:9a:d8:51:6a:
e5:69:20:11:c2:c1:b8:49:d4:7d:cb:c2:63:26:4d:a2:47:b7:
b9:6b:03:62:8d:28:9a:fd:bc:48:73:0b:c3:fc:83:54:71:0b:
a5:14:10:11:be:06:c1:75:9b:90:93:3f:2e:af:dc:cd:82:8d:
9d:94:3a:ff:9b:c8:67:89:48:0c:4b:0e:a5:ca:92:86:41:98:
18:c6:c2:9e:99:26:94:b6:96:4a:9f:e0:03:88:b7:e8:51:7e:
05:df:1b:61:63:40:ca:05:bf:53:39:86:26:6e:35:d2:71:a5:
14:2d:c1:04:b8:fa:02:63:0f:b2:66:0e:3d:e2:ed:f4:51:0a:
ad:8b:4b:97:64:0b:d1:2f:83:55:58:ad:8d:b5:7c:45:21:25:
a4:d3:be:38:dd:c4:c7:a5:ed:f0:9d:fd:34:64:f8:99:2e:d7:
9e:f2:64:7e:48:fb:1f:d2:d6:c3:92:85:af:4e:91:ac:c3:6f:
4d:0f:7a:3a:08:38:d1:44:d3:43:58:4d:81:a9:72:d9:f3:0a:
4d:7b:72:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtovkl4gpw8cTbNrzSxs1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4Y2M1OWQ5OTRhYzg2MGU1YjI1ZTA5NTc1ZDk5Zjk0Mzcw
ZTkxY2IwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjQwZTJiMzAxZWQwZjJlYWI4OTQyYzE5NGM2MGNlYjAyYjJiNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOUth26Cy/xpRDhWPhVvyMAJc9Ow
AhVYh87kYO7Zfqt+nXmiqkhbEEU5MmEmRSv/cmboTMMrGXTqmzS3XkJSDBGhp8Nh
HDWEw0wEz2Ovf/kL/6s3m2naemtUf4bGGdIpuTfC5W4azLYOBGZSYsX3zbdHKLah
rO0k1HOuk50XHj97aTQRKU9MG3DSV5YbbkxAwC51XREwF3PylGUYiq7R3MCKpIQh
KGc4CeBkj1jgxZX4qRIXQLPpbV0SjwWF+pYEVHCzTImi3nJjfHC1gy0sRRyygBiY
MUJBvJgZdik2HaaxFv7OOjFi5rMFnlMIfQLHOT/wD4DycdjeN+Wv462nzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJZA4rMB7Q8uq4lCwZTGDOsCsrQWMB8GA1UdIwQY
MBaAFLjMWdmUrIYOWyXglXXZn5Q3DpHLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU14WjJaU3NoZzViSmVDVmRkbWZsRGNPa2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82OWM4ODAtMjNlZi00OWMwLWFkYmYt
M2QxMTNkMzlmNzdiLzEvbGtEaXN3SHREeTZyaVVMQmxNWU02d0t5dEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82OWM4ODAtMjNlZi00OWMwLWFkYmYtM2QxMTNkMzlmNzdi
LzEvdU14WjJaU3NoZzViSmVDVmRkbWZsRGNPa2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYPNMA0E
AgACMAcDBQMqEtpAMA0GCSqGSIb3DQEBCwUAA4IBAQAuamJiujjHUoNN1S2EGQr/
WCBR0TFYMmKkyQrCAJxZHNjrVm4SLaY/I+EmtOBNEwom4ZrYUWrlaSARwsG4SdR9
y8JjJk2iR7e5awNijSia/bxIcwvD/INUcQulFBARvgbBdZuQkz8ur9zNgo2dlDr/
m8hniUgMSw6lypKGQZgYxsKemSaUtpZKn+ADiLfoUX4F3xthY0DKBb9TOYYmbjXS
caUULcEEuPoCYw+yZg494u30UQqti0uXZAvRL4NVWK2NtXxFISWk07443cTHpe3w
nf00ZPiZLtee8mR+SPsf0tbDkoWvTpGsw29ND3o6CDjRRNNDWE2BqXLZ8wpNe3KL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:53 2025 by rpki-client