Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/iiHavQKXUy6JmviBClir8d1T0QU.roa
File: iiHavQKXUy6JmviBClir8d1T0QU.roa (raw, json)
Hash identifier: lbWkG2Wmme7UktR8dD01ehE8hfeUSbexySVHZ3Oym3I=
Subject key identifier: 8A:21:DA:BD:02:97:53:2E:89:9A:F8:81:0A:58:AB:F1:DD:53:D1:05
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 018CC7941829D02C98A0AAC2DBE05785F39F
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/iiHavQKXUy6JmviBClir8d1T0QU.roa
Signing time: Tue 02 Jan 2024 00:30:20 +0000
ROA not before: Tue 02 Jan 2024 00:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47215
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:18:29:d0:2c:98:a0:aa:c2:db:e0:57:85:f3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 2 00:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a21dabd0297532e899af8810a58abf1dd53d105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:20:94:d4:84:de:6a:de:27:31:8c:df:f7:1d:
e6:04:8d:35:e3:b6:c7:db:db:61:4e:11:73:5a:96:
e9:54:41:12:af:d1:7e:98:72:27:57:1d:3a:dc:47:
22:78:a2:fb:fd:6c:a2:ec:4a:15:8e:b2:84:e0:6a:
21:92:fe:4c:97:fb:f0:8c:01:bf:c0:ed:dc:6f:ac:
8c:66:3f:0e:e3:12:d8:20:db:bc:54:fe:de:87:09:
a1:d1:79:ca:df:41:b6:b3:18:b3:ce:9e:a7:93:b4:
f4:82:07:cd:95:a8:cd:4c:67:a6:40:c4:fb:82:c1:
bb:1d:61:b2:9c:92:9d:11:87:bb:ac:be:4c:f0:08:
7c:89:df:d7:2c:e2:80:70:9f:df:27:0c:9e:0f:07:
99:ea:42:06:82:7d:69:cf:8c:8a:f9:29:a5:15:44:
29:1d:35:50:06:da:81:42:91:e3:1a:27:ac:7d:bc:
f5:2b:df:71:a0:fe:f0:47:55:c4:61:47:6e:1b:42:
15:a3:ce:cb:5a:15:bc:74:23:28:c6:f8:88:bb:b5:
c6:a8:35:4b:f2:75:69:36:cf:88:1c:b5:76:65:70:
01:fb:d8:99:54:9d:cd:b2:9f:ca:6b:7c:16:58:79:
6b:fc:05:7e:54:8f:5c:35:9e:cf:fc:32:34:32:4a:
ae:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:21:DA:BD:02:97:53:2E:89:9A:F8:81:0A:58:AB:F1:DD:53:D1:05
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/iiHavQKXUy6JmviBClir8d1T0QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
07:b0:83:04:e3:2d:3f:0c:20:1f:77:1d:8b:03:65:da:94:af:
8f:45:24:b4:7d:db:87:2b:28:7d:bf:7f:8f:fe:36:cb:25:80:
93:7e:c3:b6:ba:24:13:5a:f9:d0:71:df:0c:16:7c:4e:c9:96:
4a:db:3e:b3:d8:b9:a5:02:e9:f0:03:66:a1:f3:b8:f1:a2:ef:
75:d9:ae:0f:2c:d0:4d:98:5b:7b:73:ec:a2:5a:84:6c:f5:f9:
10:cb:3f:71:ea:ee:ce:48:47:73:bb:07:8b:fc:85:b4:3d:f9:
53:73:3b:37:21:3a:3d:dc:c2:68:77:fc:59:cb:4e:3a:40:0c:
45:55:2c:ad:16:e4:41:95:e7:d3:91:e4:3f:ee:97:f8:cc:60:
29:9d:4e:08:34:8f:87:ea:66:b1:65:3c:46:30:9f:19:ee:b2:
53:55:6f:75:ae:12:32:9d:64:ae:6e:c2:c8:53:4e:f1:b3:fc:
ae:39:85:a5:fd:41:46:35:2a:7b:b9:ff:14:29:79:cd:a7:23:
b3:2a:b5:a6:67:ba:0d:12:80:51:89:21:71:cc:ab:b6:7f:e5:
b3:40:8d:89:0b:82:3e:41:76:cb:a0:c0:c0:dd:b5:1d:a6:24:
d7:3d:1e:5f:4b:cc:5e:ce:10:0b:2c:62:8b:cb:f2:bd:6d:ce:
20:21:66:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlBgp0CyYoKrC2+BXhfOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTIxZGFiZDAyOTc1MzJlODk5YWY4ODEwYTU4YWJmMWRkNTNkMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyCU1ITeat4nMYzf9x3mBI0147bH
29thThFzWpbpVEESr9F+mHInVx063EcieKL7/Wyi7EoVjrKE4Gohkv5Ml/vwjAG/
wO3cb6yMZj8O4xLYINu8VP7ehwmh0XnK30G2sxizzp6nk7T0ggfNlajNTGemQMT7
gsG7HWGynJKdEYe7rL5M8Ah8id/XLOKAcJ/fJwyeDweZ6kIGgn1pz4yK+SmlFUQp
HTVQBtqBQpHjGiesfbz1K99xoP7wR1XEYUduG0IVo87LWhW8dCMoxviIu7XGqDVL
8nVpNs+IHLV2ZXAB+9iZVJ3Nsp/Ka3wWWHlr/AV+VI9cNZ7P/DI0MkquWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIoh2r0Cl1MuiZr4gQpYq/HdU9EFMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvaWlIYXZRS1hVeTZKbXZpQkNsaXI4ZDFUMFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQAHsIME4y0/DCAfdx2LA2Xa
lK+PRSS0fduHKyh9v3+P/jbLJYCTfsO2uiQTWvnQcd8MFnxOyZZK2z6z2LmlAunw
A2ah87jxou912a4PLNBNmFt7c+yiWoRs9fkQyz9x6u7OSEdzuweL/IW0PflTczs3
ITo93MJod/xZy046QAxFVSytFuRBlefTkeQ/7pf4zGApnU4INI+H6maxZTxGMJ8Z
7rJTVW91rhIynWSubsLIU07xs/yuOYWl/UFGNSp7uf8UKXnNpyOzKrWmZ7oNEoBR
iSFxzKu2f+WzQI2JC4I+QXbLoMDA3bUdpiTXPR5fS8xezhALLGKLy/K9bc4gIWYe
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:13 2025 by rpki-client