Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9e0c8c-e666-4e72-ae21-7a04bcbd0e46/1/v4pFfU2SgrcfLSspAnAgEebuRpQ.roa
File: v4pFfU2SgrcfLSspAnAgEebuRpQ.roa (raw, json)
Hash identifier: gWsogBj+RLxr9TsSzi25ZDbYdna/XFpFmvG4pXsYTDo=
Subject key identifier: BF:8A:45:7D:4D:92:82:B7:1F:2D:2B:29:02:70:20:11:E6:EE:46:94
Certificate issuer: /CN=52d2ed8c49f501bf32991c6423c2acefaf024969
Certificate serial: 01938DC2214C1993BD4CEEB537ED13128D57
Authority key identifier: 52:D2:ED:8C:49:F5:01:BF:32:99:1C:64:23:C2:AC:EF:AF:02:49:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtLtjEn1Ab8ymRxkI8Ks768CSWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9e0c8c-e666-4e72-ae21-7a04bcbd0e46/1/v4pFfU2SgrcfLSspAnAgEebuRpQ.roa
Signing time: Tue 03 Dec 2024 18:22:10 +0000
ROA not before: Tue 03 Dec 2024 18:22:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212598
IP address blocks: 185.102.87.0/24 maxlen: 24
2a12:8540::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:c2:21:4c:19:93:bd:4c:ee:b5:37:ed:13:12:8d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52d2ed8c49f501bf32991c6423c2acefaf024969
Validity
Not Before: Dec 3 18:22:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf8a457d4d9282b71f2d2b2902702011e6ee4694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:bb:60:6f:70:34:f7:7c:51:36:57:5c:ef:
71:e5:09:66:18:02:38:41:3b:f0:41:64:49:27:56:
f0:86:fc:a3:89:31:4b:d0:0a:18:43:1f:bc:f4:52:
f3:90:97:75:d1:cc:17:71:c8:52:d4:40:49:84:9e:
21:31:0d:b0:a3:9a:cc:40:97:b3:c3:a1:ef:0c:d0:
db:56:e6:8d:73:c3:a1:59:ab:d3:51:2c:59:82:4f:
1b:96:37:2b:90:9b:ce:bd:ff:3a:3c:79:98:5e:82:
8a:d0:0f:9d:2c:d9:c3:5d:cd:7f:3b:88:58:2a:77:
63:a8:da:2f:f1:df:36:df:a4:85:2f:93:f3:84:69:
e8:13:6c:36:7d:35:11:f4:c9:65:3c:0b:2b:52:8e:
0f:4a:2e:bd:90:b5:eb:b1:7e:a9:04:81:df:42:9c:
b0:ad:dd:d5:1f:ae:69:a4:0e:f8:ad:76:d4:52:85:
7e:5c:a2:ff:88:62:a5:0d:ff:a0:c3:55:9f:ce:dd:
ac:a7:55:03:66:92:05:a6:f5:d2:99:a0:9f:69:97:
4c:3b:4b:65:14:94:29:85:00:ef:7a:c4:1c:a8:3f:
ef:1a:fa:d0:76:63:2f:47:d5:c5:b2:4c:04:bc:48:
d0:03:5b:ac:f2:ec:f4:59:4e:14:65:e8:d2:b7:12:
0e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:8A:45:7D:4D:92:82:B7:1F:2D:2B:29:02:70:20:11:E6:EE:46:94
X509v3 Authority Key Identifier:
keyid:52:D2:ED:8C:49:F5:01:BF:32:99:1C:64:23:C2:AC:EF:AF:02:49:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtLtjEn1Ab8ymRxkI8Ks768CSWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9e0c8c-e666-4e72-ae21-7a04bcbd0e46/1/v4pFfU2SgrcfLSspAnAgEebuRpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9e0c8c-e666-4e72-ae21-7a04bcbd0e46/1/UtLtjEn1Ab8ymRxkI8Ks768CSWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.87.0/24
IPv6:
2a12:8540::/29
Signature Algorithm: sha256WithRSAEncryption
4f:71:0a:95:14:63:87:48:52:9e:43:09:30:5d:fe:07:26:13:
39:5e:31:ba:f2:d7:65:52:ba:d5:ba:a2:c0:c4:cb:2c:71:08:
0d:1a:a0:5b:1c:17:e1:16:57:1e:06:c1:75:02:fd:19:10:15:
a4:74:d3:60:e6:c7:e0:c4:22:25:a3:1f:15:2e:63:cc:21:a6:
8e:b7:d6:04:1c:43:34:1a:8b:05:d0:0c:67:a5:37:50:c7:23:
b9:ed:c7:13:29:36:3a:b0:ac:08:da:a1:a4:ea:5d:af:4a:63:
28:2d:8b:47:14:2b:7c:33:65:1f:20:8f:4d:b2:7f:08:c4:ef:
96:74:de:25:8c:c8:7c:91:c1:f0:06:73:70:ca:d7:c2:5d:c2:
74:a9:47:dc:80:7a:25:07:6b:83:06:3e:1f:e2:fa:a0:f0:62:
73:5c:52:8e:20:ff:1a:47:dd:20:61:e4:25:02:f2:70:3d:8f:
25:b6:b7:5d:2e:34:32:e5:4b:a9:b8:d9:3c:dc:09:93:04:dd:
d7:8c:d6:ab:17:66:d2:a4:eb:b1:75:55:a1:9e:6a:b9:8d:bc:
8d:4c:57:68:33:4b:17:94:9a:ae:fe:4e:19:b5:1f:29:04:6f:
2b:25:73:df:55:84:b6:0f:14:09:df:65:e0:59:ed:5c:a4:2c:
ea:4b:56:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZONwiFMGZO9TO61N+0TEo1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZDJlZDhjNDlmNTAxYmYzMjk5MWM2NDIzYzJhY2VmYWYw
MjQ5NjkwHhcNMjQxMjAzMTgyMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjhhNDU3ZDRkOTI4MmI3MWYyZDJiMjkwMjcwMjAxMWU2ZWU0Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOC7YG9wNPd8UTZXXO9x5QlmGAI4
QTvwQWRJJ1bwhvyjiTFL0AoYQx+89FLzkJd10cwXcchS1EBJhJ4hMQ2wo5rMQJez
w6HvDNDbVuaNc8OhWavTUSxZgk8bljcrkJvOvf86PHmYXoKK0A+dLNnDXc1/O4hY
KndjqNov8d8236SFL5PzhGnoE2w2fTUR9MllPAsrUo4PSi69kLXrsX6pBIHfQpyw
rd3VH65ppA74rXbUUoV+XKL/iGKlDf+gw1Wfzt2sp1UDZpIFpvXSmaCfaZdMO0tl
FJQphQDvesQcqD/vGvrQdmMvR9XFskwEvEjQA1us8uz0WU4UZejStxIO7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL+KRX1NkoK3Hy0rKQJwIBHm7kaUMB8GA1UdIwQY
MBaAFFLS7YxJ9QG/MpkcZCPCrO+vAklpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXRMdGpFbjFBYjh5bVJ4a0k4S3M3NjhDU1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85ZTBjOGMtZTY2Ni00ZTcyLWFlMjEt
N2EwNGJjYmQwZTQ2LzEvdjRwRmZVMlNncmNmTFNzcEFuQWdFZWJ1UnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85ZTBjOGMtZTY2Ni00ZTcyLWFlMjEtN2EwNGJjYmQwZTQ2
LzEvVXRMdGpFbjFBYjh5bVJ4a0k4S3M3NjhDU1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWZXMA0E
AgACMAcDBQMqEoVAMA0GCSqGSIb3DQEBCwUAA4IBAQBPcQqVFGOHSFKeQwkwXf4H
JhM5XjG68tdlUrrVuqLAxMsscQgNGqBbHBfhFlceBsF1Av0ZEBWkdNNg5sfgxCIl
ox8VLmPMIaaOt9YEHEM0GosF0AxnpTdQxyO57ccTKTY6sKwI2qGk6l2vSmMoLYtH
FCt8M2UfII9Nsn8IxO+WdN4ljMh8kcHwBnNwytfCXcJ0qUfcgHolB2uDBj4f4vqg
8GJzXFKOIP8aR90gYeQlAvJwPY8ltrddLjQy5UupuNk83AmTBN3XjNarF2bSpOux
dVWhnmq5jbyNTFdoM0sXlJqu/k4ZtR8pBG8rJXPfVYS2DxQJ32XgWe1cpCzqS1bh
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:38:35 2025 by rpki-client