Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/edk68rOVtwuHl7D1b3ZisSCnNxo.roa
File: edk68rOVtwuHl7D1b3ZisSCnNxo.roa (raw, json)
Hash identifier: sCOr/fTUUCjnslm9mMraZVXTG7DDpgDLFdwJeJ6A3Ao=
Subject key identifier: 79:D9:3A:F2:B3:95:B7:0B:87:97:B0:F5:6F:76:62:B1:20:A7:37:1A
Certificate issuer: /CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Certificate serial: 018CCA2AAD5649EAEB0A16B524A753958D5B
Authority key identifier: AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/edk68rOVtwuHl7D1b3ZisSCnNxo.roa
Signing time: Tue 02 Jan 2024 12:34:03 +0000
ROA not before: Tue 02 Jan 2024 12:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205185
IP address blocks: 185.114.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 09:37:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:ad:56:49:ea:eb:0a:16:b5:24:a7:53:95:8d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41
Validity
Not Before: Jan 2 12:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79d93af2b395b70b8797b0f56f7662b120a7371a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0c:f2:c5:e7:72:47:b0:0a:df:dd:d9:07:b6:
d9:2f:89:1f:b1:fc:23:b6:bf:da:88:6d:39:4d:cf:
3f:41:48:38:85:e7:73:04:26:d2:03:60:52:7c:35:
89:6a:e7:04:ee:e8:69:2b:33:02:27:d2:f1:64:d7:
5d:d9:20:83:8c:99:88:38:16:5a:54:bf:08:af:6f:
37:6b:55:f9:75:bf:86:8b:6e:d8:40:c7:f4:e5:ea:
20:94:16:03:c2:57:74:1f:6a:29:f9:46:8b:6f:04:
22:c8:de:d1:a7:8f:7e:e2:6b:1e:65:d0:99:57:07:
41:04:78:3e:07:f7:5c:2f:6d:4c:3d:90:48:4a:1d:
6a:f6:51:36:63:c5:a9:28:d7:69:2d:aa:11:50:25:
f4:1f:df:e4:e6:07:df:d4:61:58:c7:59:13:8e:15:
62:61:2e:09:5a:fa:05:cf:be:d4:0f:9a:a7:e4:bc:
7a:09:21:2c:9c:c8:2a:a0:75:b1:1d:4f:7c:ac:05:
8c:f6:17:0a:45:7c:b6:2c:0e:f5:c5:ec:59:d7:ed:
a1:c5:99:ec:4b:fc:eb:4f:3a:51:07:6a:a8:6c:1c:
0e:fe:8b:09:e4:81:6a:29:7d:d9:9b:31:68:94:09:
99:c1:2a:ee:d9:bb:b2:6d:9f:26:8c:80:a6:ee:b6:
4c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D9:3A:F2:B3:95:B7:0B:87:97:B0:F5:6F:76:62:B1:20:A7:37:1A
X509v3 Authority Key Identifier:
keyid:AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/edk68rOVtwuHl7D1b3ZisSCnNxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.236.0/24
Signature Algorithm: sha256WithRSAEncryption
79:1c:82:b7:c4:e0:3a:2b:4e:f2:cd:c0:3f:37:5b:db:73:66:
d6:91:90:a3:0e:de:5a:a2:c5:31:77:81:48:fb:6d:2f:6e:2e:
9c:41:bc:d4:61:59:e3:48:1b:81:67:11:81:61:3f:db:60:85:
8c:b0:5f:b9:1a:fb:d4:51:30:e7:6e:70:5d:ce:5e:77:08:04:
d0:87:e9:5e:47:e1:49:bd:21:a1:bd:1d:7b:14:53:40:b4:f1:
db:f3:4d:b0:23:f0:86:80:c0:04:42:2d:93:55:3d:a6:24:c8:
23:16:b9:90:0e:a6:39:da:08:f0:38:7f:65:1f:91:af:e7:ca:
44:0b:39:9b:3e:93:61:be:ef:68:43:02:be:85:41:32:ad:85:
c7:f9:2a:c2:ca:19:4f:4a:7c:bc:c8:d1:c8:95:b4:a5:30:39:
19:53:0a:10:46:28:ec:7e:6e:d8:b5:c2:b8:17:bb:96:71:7d:
45:2e:93:b3:5a:e8:85:76:e8:4e:38:c0:4a:77:d2:6e:43:f1:
5c:5d:bc:91:9e:23:d2:1d:0c:0d:a4:af:83:e1:d7:e8:a6:60:
d9:b1:92:9c:ff:dc:2a:98:e6:56:73:16:ab:9e:fe:04:9b:f1:
83:74:01:1f:18:0a:6d:0c:cc:d2:19:ab:63:e5:bd:a8:c7:88:
8b:53:17:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKq1WSerrCha1JKdTlY1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWU4NmE3NmJkZGMxMjAzYTAyOWQzMTQ3NWQzZWJjNTdk
OTBhNDEwHhcNMjQwMTAyMTIzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWQ5M2FmMmIzOTViNzBiODc5N2IwZjU2Zjc2NjJiMTIwYTczNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgzyxedyR7AK393ZB7bZL4kfsfwj
tr/aiG05Tc8/QUg4hedzBCbSA2BSfDWJaucE7uhpKzMCJ9LxZNdd2SCDjJmIOBZa
VL8Ir283a1X5db+Gi27YQMf05eoglBYDwld0H2op+UaLbwQiyN7Rp49+4mseZdCZ
VwdBBHg+B/dcL21MPZBISh1q9lE2Y8WpKNdpLaoRUCX0H9/k5gff1GFYx1kTjhVi
YS4JWvoFz77UD5qn5Lx6CSEsnMgqoHWxHU98rAWM9hcKRXy2LA71xexZ1+2hxZns
S/zrTzpRB2qobBwO/osJ5IFqKX3ZmzFolAmZwSru2buybZ8mjICm7rZMVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHnZOvKzlbcLh5ew9W92YrEgpzcaMB8GA1UdIwQY
MBaAFKqehqdr3cEgOgKdMUddPrxX2QpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQt
MDNiMGVlYzdmZjI5LzEvZWRrNjhyT1Z0d3VIbDdEMWIzWmlzU0NuTnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQtMDNiMGVlYzdmZjI5
LzEvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXLsMA0G
CSqGSIb3DQEBCwUAA4IBAQB5HIK3xOA6K07yzcA/N1vbc2bWkZCjDt5aosUxd4FI
+20vbi6cQbzUYVnjSBuBZxGBYT/bYIWMsF+5GvvUUTDnbnBdzl53CATQh+leR+FJ
vSGhvR17FFNAtPHb802wI/CGgMAEQi2TVT2mJMgjFrmQDqY52gjwOH9lH5Gv58pE
CzmbPpNhvu9oQwK+hUEyrYXH+SrCyhlPSny8yNHIlbSlMDkZUwoQRijsfm7YtcK4
F7uWcX1FLpOzWuiFduhOOMBKd9JuQ/FcXbyRniPSHQwNpK+D4dfopmDZsZKc/9wq
mOZWcxarnv4Em/GDdAEfGAptDMzSGatj5b2ox4iLUxfh
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:25 2025 by rpki-client