Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/aJW7aC8Vktrl2NBGov7Tt_iwpXw.roa
File: aJW7aC8Vktrl2NBGov7Tt_iwpXw.roa (raw, json)
Hash identifier: XnjkNJakwGNgXjqnlvC1kZOqxYIOUu03Cw2PmSjoX3o=
Subject key identifier: 68:95:BB:68:2F:15:92:DA:E5:D8:D0:46:A2:FE:D3:B7:F8:B0:A5:7C
Certificate issuer: /CN=6f5762cd53a03e32242046a01a8e1ccac946b6dd
Certificate serial: 018CC2DAB6E4BFD320D2B69E52484CF53FB0
Authority key identifier: 6F:57:62:CD:53:A0:3E:32:24:20:46:A0:1A:8E:1C:CA:C9:46:B6:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1dizVOgPjIkIEagGo4cyslGtt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/aJW7aC8Vktrl2NBGov7Tt_iwpXw.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202682
IP address blocks: 185.155.128.0/22 maxlen: 24
2a07:9444::/32 maxlen: 48
2a07:9440::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b6:e4:bf:d3:20:d2:b6:9e:52:48:4c:f5:3f:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5762cd53a03e32242046a01a8e1ccac946b6dd
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6895bb682f1592dae5d8d046a2fed3b7f8b0a57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b4:e5:ee:67:6e:c6:dc:70:6f:b6:c8:78:7f:
97:87:07:2f:c3:15:73:3c:3a:c3:d8:91:00:bc:2d:
de:7e:b3:dc:24:a3:f4:3d:40:65:3b:df:67:96:63:
90:2a:41:6c:01:fa:e8:a8:c4:70:4f:82:03:d4:42:
70:58:09:89:44:df:31:91:16:f6:7b:e0:08:be:13:
0b:b2:d3:26:87:21:fe:22:2c:bb:44:29:0c:01:f6:
45:63:5f:3b:b6:57:ee:13:83:03:ba:1d:53:92:96:
26:d9:90:10:54:71:c9:fb:f5:8e:87:8d:c4:d3:24:
ae:3f:19:af:f8:5a:cd:1e:bf:a8:36:94:d5:a9:21:
e6:0f:f3:51:33:f1:64:1a:38:bd:41:ea:65:b9:78:
76:55:23:42:cf:fd:d0:15:fe:16:86:a5:c6:fe:c2:
87:15:8d:ec:0a:ac:a3:ec:fc:64:81:02:18:4b:ec:
68:9a:86:84:15:f3:18:9f:76:ae:17:16:1c:cc:29:
39:65:6b:9e:e5:9f:a9:68:ff:04:bc:ee:ac:34:a3:
43:22:70:0e:f6:41:ef:5a:46:4c:95:17:e9:09:55:
39:d8:4e:99:c6:2b:75:18:c2:5f:3f:2e:7c:d9:3c:
32:de:8d:99:b9:99:ee:df:6a:a1:9e:c5:d1:1d:71:
0e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:95:BB:68:2F:15:92:DA:E5:D8:D0:46:A2:FE:D3:B7:F8:B0:A5:7C
X509v3 Authority Key Identifier:
keyid:6F:57:62:CD:53:A0:3E:32:24:20:46:A0:1A:8E:1C:CA:C9:46:B6:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1dizVOgPjIkIEagGo4cyslGtt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/aJW7aC8Vktrl2NBGov7Tt_iwpXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6fdc3-9cfc-47fd-bba8-79cbf395d726/1/b1dizVOgPjIkIEagGo4cyslGtt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.128.0/22
IPv6:
2a07:9440::/29
Signature Algorithm: sha256WithRSAEncryption
4f:0e:d0:b5:95:7f:b7:6d:d6:9c:97:cc:0d:6f:e9:c1:d9:b1:
85:1d:3a:2d:04:b5:9c:c2:f7:e2:f8:1f:07:eb:3b:88:65:de:
b5:47:16:ba:ae:c0:fc:49:0f:42:18:76:ff:43:aa:b0:58:e2:
fe:5b:22:1d:c6:78:57:41:be:bc:58:3a:29:a1:b1:bb:e9:7f:
41:20:1f:52:d1:62:49:63:57:5c:76:88:25:6c:99:c9:17:59:
6e:e9:ec:4a:2e:4d:1c:63:19:27:24:30:72:4b:b5:2a:d9:1a:
b5:6e:66:72:07:12:02:99:8c:e7:5f:9b:5b:39:a0:c5:7d:7f:
4f:dd:8e:d4:84:64:56:59:ee:02:6c:46:5b:2a:fb:bb:25:ec:
e2:0e:b6:83:d4:21:e6:68:04:7e:be:f0:8e:06:04:4a:74:38:
b7:98:29:95:5e:93:14:28:43:31:e5:96:84:c7:9f:aa:42:b4:
6c:92:b7:bd:f4:31:1b:7f:2e:06:75:ec:44:4d:34:f1:9b:5b:
da:94:f1:2e:32:7c:a2:dd:7b:78:45:5f:c2:ea:da:25:75:d0:
64:bc:d2:42:5e:7d:59:3e:cd:db:62:43:34:ce:84:62:90:b1:
01:c6:c1:e1:39:9c:2e:7a:ed:85:b0:a1:83:85:3b:96:58:0b:
ac:ac:c4:63
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2rbkv9Mg0raeUkhM9T+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNTc2MmNkNTNhMDNlMzIyNDIwNDZhMDFhOGUxY2NhYzk0
NmI2ZGQwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODk1YmI2ODJmMTU5MmRhZTVkOGQwNDZhMmZlZDNiN2Y4YjBhNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7Tl7mduxtxwb7bIeH+XhwcvwxVz
PDrD2JEAvC3efrPcJKP0PUBlO99nlmOQKkFsAfroqMRwT4ID1EJwWAmJRN8xkRb2
e+AIvhMLstMmhyH+Iiy7RCkMAfZFY187tlfuE4MDuh1TkpYm2ZAQVHHJ+/WOh43E
0ySuPxmv+FrNHr+oNpTVqSHmD/NRM/FkGji9QepluXh2VSNCz/3QFf4WhqXG/sKH
FY3sCqyj7PxkgQIYS+xomoaEFfMYn3auFxYczCk5ZWue5Z+paP8EvO6sNKNDInAO
9kHvWkZMlRfpCVU52E6Zxit1GMJfPy582Twy3o2ZuZnu32qhnsXRHXEOXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGiVu2gvFZLa5djQRqL+07f4sKV8MB8GA1UdIwQY
MBaAFG9XYs1ToD4yJCBGoBqOHMrJRrbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjFkaXpWT2dQaklrSUVhZ0dvNGN5c2xHdHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mNmZkYzMtOWNmYy00N2ZkLWJiYTgt
NzljYmYzOTVkNzI2LzEvYUpXN2FDOFZrdHJsMk5CR292N1R0X2l3cFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mNmZkYzMtOWNmYy00N2ZkLWJiYTgtNzljYmYzOTVkNzI2
LzEvYjFkaXpWT2dQaklrSUVhZ0dvNGN5c2xHdHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZuAMA0E
AgACMAcDBQMqB5RAMA0GCSqGSIb3DQEBCwUAA4IBAQBPDtC1lX+3bdacl8wNb+nB
2bGFHTotBLWcwvfi+B8H6zuIZd61Rxa6rsD8SQ9CGHb/Q6qwWOL+WyIdxnhXQb68
WDopobG76X9BIB9S0WJJY1dcdoglbJnJF1lu6exKLk0cYxknJDByS7Uq2Rq1bmZy
BxICmYznX5tbOaDFfX9P3Y7UhGRWWe4CbEZbKvu7JeziDraD1CHmaAR+vvCOBgRK
dDi3mCmVXpMUKEMx5ZaEx5+qQrRskre99DEbfy4GdexETTTxm1valPEuMnyi3Xt4
RV/C6tolddBkvNJCXn1ZPs3bYkM0zoRikLEBxsHhOZwueu2FsKGDhTuWWAusrMRj
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:37:01 2025 by rpki-client