Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/2BHgheC4_JRyoEJPS0zHqnvLaOc.roa
File: 2BHgheC4_JRyoEJPS0zHqnvLaOc.roa (raw, json)
Hash identifier: ATWqBqXUb3JDPU0pfQYAA/NZIQjKLfqq8jY+QVVVb9s=
Subject key identifier: D8:11:E0:85:E0:B8:FC:94:72:A0:42:4F:4B:4C:C7:AA:7B:CB:68:E7
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCF8C97D143B6BA427BAFB82B3C8F
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/2BHgheC4_JRyoEJPS0zHqnvLaOc.roa
Signing time: Tue 02 Jan 2024 10:32:57 +0000
ROA not before: Tue 02 Jan 2024 10:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44247
IP address blocks: 84.1.247.0/24 maxlen: 24
84.1.45.0/24 maxlen: 24
84.1.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cf:8c:97:d1:43:b6:ba:42:7b:af:b8:2b:3c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d811e085e0b8fc9472a0424f4b4cc7aa7bcb68e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:53:52:80:42:6f:8b:28:37:1d:91:41:b4:f4:
32:59:9d:f4:08:df:51:19:ca:d9:3b:ae:db:66:6f:
0d:06:1b:a8:3e:95:c3:e5:cb:2e:36:44:2a:33:de:
7e:ad:e1:23:99:fe:8e:3f:a4:73:8b:a7:be:43:65:
2a:6e:d6:7a:7e:d1:f6:35:ec:18:84:7a:cc:8d:17:
53:ca:93:04:10:13:39:95:a7:59:03:ea:01:64:98:
a7:26:78:15:54:22:05:fc:fb:6e:e1:0c:fe:bd:d0:
a9:2b:50:25:8a:1d:25:07:f0:83:1d:bd:3a:37:a5:
37:d7:64:56:ff:e9:38:9f:87:a4:c2:db:72:d2:ef:
21:45:2d:1b:9e:e3:8a:b1:a5:b4:27:0e:51:13:5f:
2b:d4:48:db:cd:b6:8d:39:5c:24:0d:1b:89:2f:e2:
a4:83:41:33:57:22:60:b9:04:b9:fd:99:95:49:df:
46:14:7c:4d:94:98:4e:2e:9f:e5:3f:d2:53:b4:2d:
e2:a6:7e:31:40:1c:03:2f:19:3a:26:ba:62:f8:4d:
7d:2a:df:79:0a:5f:3e:7a:d3:13:03:75:8c:c8:88:
2a:de:fa:bb:53:2e:78:b8:92:18:f8:ad:4d:90:79:
d6:39:40:d7:22:de:cb:d2:7d:3a:a8:19:05:be:82:
c7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:11:E0:85:E0:B8:FC:94:72:A0:42:4F:4B:4C:C7:AA:7B:CB:68:E7
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/2BHgheC4_JRyoEJPS0zHqnvLaOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.45.0-84.1.47.255
84.1.247.0/24
Signature Algorithm: sha256WithRSAEncryption
33:7b:73:d3:d2:60:50:18:a6:32:1b:c2:4b:6b:2a:89:b8:47:
d7:8b:37:04:4e:32:68:e4:0c:4d:a9:ea:6a:65:a4:02:a6:58:
1a:05:ce:b0:de:fc:e9:0f:8e:22:a5:c7:b8:7a:93:89:9d:8f:
cc:65:dc:d1:81:88:6c:4c:a0:36:23:55:d3:64:57:bb:97:e4:
8c:2e:fc:e3:72:d6:c9:ad:0d:51:13:46:e2:36:35:85:49:07:
84:c7:a4:4d:f1:b7:0f:f8:76:89:fc:23:a1:35:df:cb:02:54:
f7:77:97:8c:0f:e3:71:ab:f4:25:e1:21:1d:44:40:38:a6:a1:
3d:c9:35:c1:87:31:7c:07:25:f5:83:31:d3:2c:0c:f1:84:ef:
6c:90:03:da:5e:69:55:ee:3e:93:7f:c6:bf:98:37:be:e6:99:
bc:0d:15:f2:8f:1b:09:76:cb:75:1a:81:01:83:da:a2:de:b9:
3d:21:84:1b:d8:95:af:0e:63:b8:e7:d9:b5:e5:25:0c:27:f2:
eb:1a:40:bb:c8:dd:8a:20:db:13:0f:79:c5:d3:b9:d2:09:d9:
3c:40:e2:0e:a9:b8:0f:1d:54:8a:82:f6:05:0e:76:71:41:42:
2f:4f:4a:ae:b7:40:97:63:78:65:62:69:d6:95:2f:e1:d3:0b:
9f:11:f6:d7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJu8+Ml9FDtrpCe6+4KzyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODExZTA4NWUwYjhmYzk0NzJhMDQyNGY0YjRjYzdhYTdiY2I2OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFNSgEJviyg3HZFBtPQyWZ30CN9R
GcrZO67bZm8NBhuoPpXD5csuNkQqM95+reEjmf6OP6Rzi6e+Q2UqbtZ6ftH2NewY
hHrMjRdTypMEEBM5ladZA+oBZJinJngVVCIF/Ptu4Qz+vdCpK1Alih0lB/CDHb06
N6U312RW/+k4n4ekwtty0u8hRS0bnuOKsaW0Jw5RE18r1EjbzbaNOVwkDRuJL+Kk
g0EzVyJguQS5/ZmVSd9GFHxNlJhOLp/lP9JTtC3ipn4xQBwDLxk6Jrpi+E19Kt95
Cl8+etMTA3WMyIgq3vq7Uy54uJIY+K1NkHnWOUDXIt7L0n06qBkFvoLHMwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNgR4IXguPyUcqBCT0tMx6p7y2jnMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvMkJIZ2hlQzRfSlJ5b0VKUFMwekhxbnZMYU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABUAS0D
BARUASADBABUAfcwDQYJKoZIhvcNAQELBQADggEBADN7c9PSYFAYpjIbwktrKom4
R9eLNwROMmjkDE2p6mplpAKmWBoFzrDe/OkPjiKlx7h6k4mdj8xl3NGBiGxMoDYj
VdNkV7uX5Iwu/ONy1smtDVETRuI2NYVJB4THpE3xtw/4don8I6E138sCVPd3l4wP
43Gr9CXhIR1EQDimoT3JNcGHMXwHJfWDMdMsDPGE72yQA9peaVXuPpN/xr+YN77m
mbwNFfKPGwl2y3UagQGD2qLeuT0hhBvYla8OY7jn2bXlJQwn8usaQLvI3Yog2xMP
ecXTudIJ2TxA4g6puA8dVIqC9gUOdnFBQi9PSq63QJdjeGViadaVL+HTC58R9tc=
-----END CERTIFICATE-----
Generated at Tue Apr 15 04:44:46 2025 by rpki-client