Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/sT6eV1CZdz9NfFp8tLrHa6g2cFU.roa
File: sT6eV1CZdz9NfFp8tLrHa6g2cFU.roa (raw, json)
Hash identifier: PIorlifTxcrhdBKsNeZsJHCnez4HosLp3t7Iyn5iIic=
Subject key identifier: B1:3E:9E:57:50:99:77:3F:4D:7C:5A:7C:B4:BA:C7:6B:A8:36:70:55
Certificate issuer: /CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Certificate serial: 018CC801D2CDF783E39CAED0AE205B9E915E
Authority key identifier: AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/sT6eV1CZdz9NfFp8tLrHa6g2cFU.roa
Signing time: Tue 02 Jan 2024 02:30:11 +0000
ROA not before: Tue 02 Jan 2024 02:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209118
IP address blocks: 185.81.116.0/22 maxlen: 24
2a05:8840::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d2:cd:f7:83:e3:9c:ae:d0:ae:20:5b:9e:91:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8355299374297933d281f51eb74ba5c2c91cc1
Validity
Not Before: Jan 2 02:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b13e9e575099773f4d7c5a7cb4bac76ba8367055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:15:1e:56:16:44:34:ce:b6:ab:d9:58:d6:80:
0e:65:52:f1:44:4a:a1:b9:55:6d:37:eb:74:05:4c:
21:6f:70:9a:ca:3f:3e:03:27:95:84:f1:d7:e7:c4:
51:7e:c4:27:64:1d:ee:45:ba:cd:f5:4c:57:d9:12:
c7:eb:b5:69:2d:f2:6c:9b:c1:b8:aa:61:ca:4d:28:
dd:90:84:bf:52:c2:5c:d5:19:e4:27:9b:15:39:a2:
c9:14:52:db:6d:31:ad:39:5d:ff:92:5d:80:4a:c7:
c6:5c:f7:ba:af:d5:67:31:14:e7:9e:94:3b:5f:d2:
43:d8:ec:cf:c2:dd:43:7e:e4:70:05:47:19:b1:90:
6b:67:24:64:17:c9:fb:ae:02:8d:d1:ff:cc:ca:0d:
a9:7f:25:03:5c:e6:bf:db:a2:03:22:21:8a:9c:e2:
45:c2:47:da:83:cd:8a:96:91:4e:75:5b:17:8f:9a:
4b:94:3e:c9:4f:4c:bb:df:8c:7d:3f:fe:88:20:6f:
10:ee:7c:e7:0e:df:48:21:75:03:62:54:eb:10:75:
8a:11:5d:28:07:c1:ad:e8:fc:e9:f6:c5:0d:37:7e:
1a:ae:2d:1b:21:41:47:d8:1e:83:9c:4e:00:cc:29:
43:8f:ec:54:f9:fe:5d:a7:69:15:12:df:0f:02:2e:
9f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3E:9E:57:50:99:77:3F:4D:7C:5A:7C:B4:BA:C7:6B:A8:36:70:55
X509v3 Authority Key Identifier:
keyid:AE:83:55:29:93:74:29:79:33:D2:81:F5:1E:B7:4B:A5:C2:C9:1C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/roNVKZN0KXkz0oH1HrdLpcLJHME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/sT6eV1CZdz9NfFp8tLrHa6g2cFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f2eb8-9800-4621-b674-3b4d02a61ec2/1/roNVKZN0KXkz0oH1HrdLpcLJHME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.116.0/22
IPv6:
2a05:8840::/29
Signature Algorithm: sha256WithRSAEncryption
a3:0f:23:be:e1:9f:12:11:2a:a9:62:60:c7:ac:42:c9:2c:46:
9f:d0:30:88:7b:ed:76:45:44:f1:b8:75:9e:e1:05:fe:73:d4:
d6:56:64:c6:a8:ec:70:f2:85:64:97:76:bd:05:5b:1a:64:cb:
c3:7a:96:d0:6b:7e:8c:71:af:14:b9:fc:61:06:91:ed:28:97:
e8:ab:c9:a9:55:e5:6d:7e:3a:d9:20:76:5b:c6:aa:ab:a4:23:
a4:c2:44:2a:73:76:ea:c5:e4:64:60:fa:96:ef:8b:38:b9:b5:
34:d5:e8:59:84:87:62:53:71:09:98:b7:77:6e:6b:d2:f8:93:
0c:f2:62:be:36:34:0b:2a:c4:74:7d:9c:e5:d6:f4:33:2c:2a:
db:8c:1c:d3:33:f5:b7:2c:f3:16:c9:bf:a6:e8:b2:60:4d:f6:
5e:5c:e5:89:23:a3:8f:c1:25:57:ec:a8:31:70:06:7c:2a:12:
71:09:e1:57:ab:a5:6d:49:68:3d:b8:e7:22:bd:74:2d:95:59:
5d:d6:54:0c:4d:1b:de:43:f0:90:83:48:3b:13:0f:a3:7a:9e:
82:c0:79:2f:a0:6b:87:48:94:f8:a8:1a:e4:49:4b:91:fe:10:
1c:11:e8:22:e7:eb:cd:0e:51:20:ad:ff:47:33:bb:65:d0:13:
97:5e:8d:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAdLN94PjnK7QriBbnpFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlODM1NTI5OTM3NDI5NzkzM2QyODFmNTFlYjc0YmE1YzJj
OTFjYzEwHhcNMjQwMTAyMDIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTNlOWU1NzUwOTk3NzNmNGQ3YzVhN2NiNGJhYzc2YmE4MzY3MDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBUeVhZENM62q9lY1oAOZVLxREqh
uVVtN+t0BUwhb3Cayj8+AyeVhPHX58RRfsQnZB3uRbrN9UxX2RLH67VpLfJsm8G4
qmHKTSjdkIS/UsJc1RnkJ5sVOaLJFFLbbTGtOV3/kl2ASsfGXPe6r9VnMRTnnpQ7
X9JD2OzPwt1DfuRwBUcZsZBrZyRkF8n7rgKN0f/Myg2pfyUDXOa/26IDIiGKnOJF
wkfag82KlpFOdVsXj5pLlD7JT0y734x9P/6IIG8Q7nznDt9IIXUDYlTrEHWKEV0o
B8Gt6Pzp9sUNN34ari0bIUFH2B6DnE4AzClDj+xU+f5dp2kVEt8PAi6fTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLE+nldQmXc/TXxafLS6x2uoNnBVMB8GA1UdIwQY
MBaAFK6DVSmTdCl5M9KB9R63S6XCyRzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQt
M2I0ZDAyYTYxZWMyLzEvc1Q2ZVYxQ1pkejlOZkZwOHRMckhhNmcyY0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjJlYjgtOTgwMC00NjIxLWI2NzQtM2I0ZDAyYTYxZWMy
LzEvcm9OVktaTjBLWGt6MG9IMUhyZExwY0xKSE1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVF0MA0E
AgACMAcDBQMqBYhAMA0GCSqGSIb3DQEBCwUAA4IBAQCjDyO+4Z8SESqpYmDHrELJ
LEaf0DCIe+12RUTxuHWe4QX+c9TWVmTGqOxw8oVkl3a9BVsaZMvDepbQa36Mca8U
ufxhBpHtKJfoq8mpVeVtfjrZIHZbxqqrpCOkwkQqc3bqxeRkYPqW74s4ubU01ehZ
hIdiU3EJmLd3bmvS+JMM8mK+NjQLKsR0fZzl1vQzLCrbjBzTM/W3LPMWyb+m6LJg
TfZeXOWJI6OPwSVX7KgxcAZ8KhJxCeFXq6VtSWg9uOcivXQtlVld1lQMTRveQ/CQ
g0g7Ew+jep6CwHkvoGuHSJT4qBrkSUuR/hAcEegi5+vNDlEgrf9HM7tl0BOXXo1g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:46 2025 by rpki-client