Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/ADQP9eb0sJNTO5TKDJg5Hf3lwO4.roa
File: ADQP9eb0sJNTO5TKDJg5Hf3lwO4.roa (raw, json)
Hash identifier: s8eo+e5rTcDypvfHU7bpTDYeNlZnc2+W87V01eOJvDA=
Subject key identifier: 00:34:0F:F5:E6:F4:B0:93:53:3B:94:CA:0C:98:39:1D:FD:E5:C0:EE
Certificate issuer: /CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Certificate serial: 018CC9B88C7CBF859D376A09E6FFF16A02DB
Authority key identifier: 28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/ADQP9eb0sJNTO5TKDJg5Hf3lwO4.roa
Signing time: Tue 02 Jan 2024 10:29:24 +0000
ROA not before: Tue 02 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 188.241.145.0/24 maxlen: 24
2a00:a900:7afe::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:b8:8c:7c:bf:85:9d:37:6a:09:e6:ff:f1:6a:02:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28851c6fc6eb3816e116c8a4a851d0d178c90f31
Validity
Not Before: Jan 2 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00340ff5e6f4b093533b94ca0c98391dfde5c0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:86:e1:74:1a:1f:45:47:52:95:7b:fc:b7:ae:
ba:bb:f6:c9:76:fd:7f:05:fc:49:d5:bc:ff:90:8d:
fb:a3:b2:ff:9b:05:db:6d:57:57:84:52:b6:3f:d9:
61:0e:25:02:1c:52:ed:c0:44:fb:4d:3b:93:d3:b9:
ca:af:b2:c5:4d:f8:c7:f1:b8:eb:2a:23:0e:1a:61:
d3:94:2f:0e:fe:6c:cf:61:a1:b6:b5:75:06:f7:7e:
34:3c:9d:a3:48:04:b5:8e:7a:9b:59:df:5b:38:eb:
f3:41:ae:4b:98:32:5c:3c:00:a1:e4:8b:0e:00:03:
28:3b:73:e5:08:4f:f4:bb:86:86:8f:7c:40:e5:3f:
cd:fa:2d:95:7f:59:26:de:39:41:0d:81:84:99:8a:
a1:7d:cf:9f:e5:cf:2b:1a:6d:84:f2:c7:86:96:31:
50:77:cc:49:4b:67:92:57:8e:80:ed:0a:4a:93:37:
9c:d2:e4:75:f5:cd:fe:a0:77:c1:60:5d:18:88:ff:
50:cc:9b:e1:c8:bc:bd:c1:54:06:09:d4:a1:85:5f:
aa:46:0b:b9:1d:96:59:73:03:af:34:2c:d5:83:d8:
0c:b1:01:41:2d:f2:cf:73:ee:83:97:9c:7c:38:07:
31:c1:77:d0:31:57:11:4a:49:dc:42:ba:f8:15:0d:
b3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:34:0F:F5:E6:F4:B0:93:53:3B:94:CA:0C:98:39:1D:FD:E5:C0:EE
X509v3 Authority Key Identifier:
keyid:28:85:1C:6F:C6:EB:38:16:E1:16:C8:A4:A8:51:D0:D1:78:C9:0F:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIUcb8brOBbhFsikqFHQ0XjJDzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/ADQP9eb0sJNTO5TKDJg5Hf3lwO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b9e6df-da8f-4491-8fe4-5245b135221b/1/KIUcb8brOBbhFsikqFHQ0XjJDzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.145.0/24
IPv6:
2a00:a900:7afe::/48
Signature Algorithm: sha256WithRSAEncryption
86:22:38:7a:c0:06:c2:78:33:aa:67:d9:84:8c:18:ce:90:ef:
5a:45:25:6d:04:f7:8c:5c:40:d5:12:43:dd:77:4f:0b:80:8f:
19:b3:00:41:88:c6:55:92:3b:f8:95:04:90:44:80:a2:3f:9e:
18:e1:4e:f9:c1:73:5b:69:65:89:63:d4:ea:97:e0:ed:00:f9:
61:3a:4d:93:ea:9a:96:b8:dd:34:14:a0:17:36:49:e6:30:da:
e9:13:c7:a0:6d:c7:5a:07:4f:c4:16:93:98:7f:ed:fc:d1:79:
54:c3:ee:8f:8b:3c:63:2f:a9:78:92:ed:33:f7:4e:db:16:ab:
39:71:62:e9:02:20:d1:6e:d9:ac:e4:38:88:30:30:99:e9:38:
75:e4:c1:74:41:9b:60:cc:a0:a2:c7:93:85:50:32:84:2c:3a:
96:93:ee:82:61:81:82:89:c5:c3:45:b9:7f:37:7e:35:31:78:
20:3f:29:b7:fe:e3:f7:46:32:92:a9:75:b5:c2:b7:5d:28:11:
b9:e8:a0:fe:76:81:52:ee:7f:8c:49:59:ab:d5:b5:b5:ea:ed:
51:e0:46:3d:8f:1c:ef:25:8c:4a:c4:9c:be:09:63:d8:29:f9:
78:ce:a4:c2:83:2c:1c:18:61:13:7c:ae:f1:5c:26:b6:24:9c:
e4:e1:8d:d5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJuIx8v4WdN2oJ5v/xagLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODUxYzZmYzZlYjM4MTZlMTE2YzhhNGE4NTFkMGQxNzhj
OTBmMzEwHhcNMjQwMTAyMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDM0MGZmNWU2ZjRiMDkzNTMzYjk0Y2EwYzk4MzkxZGZkZTVjMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4bhdBofRUdSlXv8t666u/bJdv1/
BfxJ1bz/kI37o7L/mwXbbVdXhFK2P9lhDiUCHFLtwET7TTuT07nKr7LFTfjH8bjr
KiMOGmHTlC8O/mzPYaG2tXUG9340PJ2jSAS1jnqbWd9bOOvzQa5LmDJcPACh5IsO
AAMoO3PlCE/0u4aGj3xA5T/N+i2Vf1km3jlBDYGEmYqhfc+f5c8rGm2E8seGljFQ
d8xJS2eSV46A7QpKkzec0uR19c3+oHfBYF0YiP9QzJvhyLy9wVQGCdShhV+qRgu5
HZZZcwOvNCzVg9gMsQFBLfLPc+6Dl5x8OAcxwXfQMVcRSkncQrr4FQ2zMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAA0D/Xm9LCTUzuUygyYOR395cDuMB8GA1UdIwQY
MBaAFCiFHG/G6zgW4RbIpKhR0NF4yQ8xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQt
NTI0NWIxMzUyMjFiLzEvQURRUDllYjBzSk5UTzVUS0RKZzVIZjNsd080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iOWU2ZGYtZGE4Zi00NDkxLThmZTQtNTI0NWIxMzUyMjFi
LzEvS0lVY2I4YnJPQmJoRnNpa3FGSFEwWGpKRHpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAvPGRMA8E
AgACMAkDBwAqAKkAev4wDQYJKoZIhvcNAQELBQADggEBAIYiOHrABsJ4M6pn2YSM
GM6Q71pFJW0E94xcQNUSQ913TwuAjxmzAEGIxlWSO/iVBJBEgKI/nhjhTvnBc1tp
ZYlj1OqX4O0A+WE6TZPqmpa43TQUoBc2SeYw2ukTx6Btx1oHT8QWk5h/7fzReVTD
7o+LPGMvqXiS7TP3TtsWqzlxYukCINFu2azkOIgwMJnpOHXkwXRBm2DMoKLHk4VQ
MoQsOpaT7oJhgYKJxcNFuX83fjUxeCA/Kbf+4/dGMpKpdbXCt10oEbnooP52gVLu
f4xJWavVtbXq7VHgRj2PHO8ljErEnL4JY9gp+XjOpMKDLBwYYRN8rvFcJrYknOTh
jdU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:53:43 2025 by rpki-client