Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/S2uzCh8mKDRwWrvbxuHOD3l01tQ.roa
File: S2uzCh8mKDRwWrvbxuHOD3l01tQ.roa (raw, json)
Hash identifier: T9kjgm/fDOdndaGutAOtzET1sfqAi/AlHOAiuYln0Kg=
Subject key identifier: 4B:6B:B3:0A:1F:26:28:34:70:5A:BB:DB:C6:E1:CE:0F:79:74:D6:D4
Certificate issuer: /CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Certificate serial: 018CC56E0CCCCACD928163952D3205132B51
Authority key identifier: E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/S2uzCh8mKDRwWrvbxuHOD3l01tQ.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34941
IP address blocks: 85.118.200.0/21 maxlen: 21
185.112.136.0/22 maxlen: 22
2a06:6180::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 08 Oct 2024 12:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0c:cc:ca:cd:92:81:63:95:2d:32:05:13:2b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e277538dec2efcd2f11cc637197d1d9a6fdae9d9
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b6bb30a1f262834705abbdbc6e1ce0f7974d6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0f:ba:83:8e:3b:65:ff:c5:37:c6:4b:45:6d:
44:13:45:7c:d9:75:3b:96:43:ff:1a:ee:b6:52:6b:
25:a0:a5:c8:83:c5:57:8e:ae:dd:21:59:98:34:4f:
a3:b8:74:e8:6d:b3:73:18:ae:75:03:1e:30:01:81:
2e:37:8d:b8:c2:cd:84:bf:14:aa:c5:05:cf:55:f4:
90:db:0f:e8:05:1a:b6:62:49:eb:f4:f5:22:e7:2b:
23:1a:7d:ce:bb:c4:2b:d4:35:51:c8:c4:cc:07:9a:
e7:85:e5:4c:22:9b:a1:61:fd:e4:cd:21:7e:27:e6:
b6:04:e4:a0:4b:ae:32:bc:61:bb:01:b5:41:d9:25:
e9:29:8c:17:cf:2d:8f:5c:31:c8:5c:f3:14:14:bd:
2f:f4:01:a7:3d:cb:3a:62:a7:69:a7:e8:9b:99:2c:
04:11:ce:fb:1c:82:16:23:a3:86:79:f1:2e:3a:1a:
6a:15:52:b3:eb:e7:74:52:77:62:e9:7b:24:43:2b:
6b:21:05:bc:69:91:e9:97:f9:1b:76:dc:f4:bf:6a:
65:86:30:40:69:0e:35:98:19:4c:1c:04:c5:59:0b:
a2:2f:60:bb:fc:ec:10:72:37:24:15:cf:4b:d5:a2:
c5:c5:5a:74:40:45:63:ca:37:05:41:0b:79:c5:e6:
87:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6B:B3:0A:1F:26:28:34:70:5A:BB:DB:C6:E1:CE:0F:79:74:D6:D4
X509v3 Authority Key Identifier:
keyid:E2:77:53:8D:EC:2E:FC:D2:F1:1C:C6:37:19:7D:1D:9A:6F:DA:E9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ndTjewu_NLxHMY3GX0dmm_a6dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/S2uzCh8mKDRwWrvbxuHOD3l01tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/a31ddb-1fd2-461c-bfeb-82ee2d2b4289/1/4ndTjewu_NLxHMY3GX0dmm_a6dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.200.0/21
185.112.136.0/22
IPv6:
2a06:6180::/29
Signature Algorithm: sha256WithRSAEncryption
21:f4:56:27:16:47:ad:58:41:d6:e7:70:0c:df:d2:7d:9f:82:
a0:00:d9:52:56:60:ae:b2:0e:a9:76:15:97:b0:72:c0:4b:1b:
5b:9e:e2:bf:96:01:9b:66:81:77:df:2b:ba:27:52:9d:85:dd:
6c:49:5d:f8:9d:c3:6c:05:0b:d3:ff:3e:74:cc:9e:15:20:3e:
27:3d:45:b4:39:e0:53:00:9c:49:2e:96:b4:84:e3:34:cb:89:
b6:64:f1:74:0d:89:d2:5d:5a:1b:e9:26:b7:f9:6f:66:54:f3:
62:66:9a:01:2a:ed:f1:b8:7e:14:20:e8:31:a9:ab:b5:c1:6c:
ae:c1:8f:23:31:31:4e:e4:5c:66:a5:97:79:61:7a:a8:4d:b6:
37:b9:72:c4:0c:7b:a3:ef:d9:29:98:f0:c2:c1:c5:18:17:31:
7f:04:a4:73:6f:5f:be:5a:64:ec:a9:35:19:f8:a1:d7:1d:5f:
74:17:72:47:94:01:92:d1:f2:42:0e:cb:ee:3a:75:22:3e:b3:
68:08:42:0b:5c:40:a7:95:08:f9:71:56:23:36:a0:9a:ef:16:
3e:2a:7b:2d:b7:fe:3f:54:fe:1f:65:be:8d:4e:61:40:63:60:
05:98:21:a3:7a:36:04:50:08:35:09:27:45:93:0b:ce:96:28:
d3:ab:e3:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbgzMys2SgWOVLTIFEytRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNzc1MzhkZWMyZWZjZDJmMTFjYzYzNzE5N2QxZDlhNmZk
YWU5ZDkwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZiYjMwYTFmMjYyODM0NzA1YWJiZGJjNmUxY2UwZjc5NzRkNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA+6g447Zf/FN8ZLRW1EE0V82XU7
lkP/Gu62UmsloKXIg8VXjq7dIVmYNE+juHTobbNzGK51Ax4wAYEuN424ws2EvxSq
xQXPVfSQ2w/oBRq2Yknr9PUi5ysjGn3Ou8Qr1DVRyMTMB5rnheVMIpuhYf3kzSF+
J+a2BOSgS64yvGG7AbVB2SXpKYwXzy2PXDHIXPMUFL0v9AGnPcs6Yqdpp+ibmSwE
Ec77HIIWI6OGefEuOhpqFVKz6+d0Undi6XskQytrIQW8aZHpl/kbdtz0v2plhjBA
aQ41mBlMHATFWQuiL2C7/OwQcjckFc9L1aLFxVp0QEVjyjcFQQt5xeaH1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEtrswofJig0cFq728bhzg95dNbUMB8GA1UdIwQY
MBaAFOJ3U43sLvzS8RzGNxl9HZpv2unZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWIt
ODJlZTJkMmI0Mjg5LzEvUzJ1ekNoOG1LRFJ3V3J2Ynh1SE9EM2wwMXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hMzFkZGItMWZkMi00NjFjLWJmZWItODJlZTJkMmI0Mjg5
LzEvNG5kVGpld3VfTkx4SE1ZM0dYMGRtbV9hNmRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVXbIAwQC
uXCIMA0EAgACMAcDBQMqBmGAMA0GCSqGSIb3DQEBCwUAA4IBAQAh9FYnFketWEHW
53AM39J9n4KgANlSVmCusg6pdhWXsHLASxtbnuK/lgGbZoF33yu6J1Kdhd1sSV34
ncNsBQvT/z50zJ4VID4nPUW0OeBTAJxJLpa0hOM0y4m2ZPF0DYnSXVob6Sa3+W9m
VPNiZpoBKu3xuH4UIOgxqau1wWyuwY8jMTFO5FxmpZd5YXqoTbY3uXLEDHuj79kp
mPDCwcUYFzF/BKRzb1++WmTsqTUZ+KHXHV90F3JHlAGS0fJCDsvuOnUiPrNoCEIL
XECnlQj5cVYjNqCa7xY+Knstt/4/VP4fZb6NTmFAY2AFmCGjejYEUAg1CSdFkwvO
lijTq+M0
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:31:30 2025 by rpki-client