Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/SL6POF68Ox1OynjD9-JJ5A-iE10.roa
File: SL6POF68Ox1OynjD9-JJ5A-iE10.roa (raw, json)
Hash identifier: na5Tk13L5uIJFIcaqE8ZEaSFR5dm+WJxhVUqvLfiE+g=
Subject key identifier: 48:BE:8F:38:5E:BC:3B:1D:4E:CA:78:C3:F7:E2:49:E4:0F:A2:13:5D
Certificate issuer: /CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99
Certificate serial: 018CC5DC04CE79AE25B5C79A80664CDC80AF
Authority key identifier: 1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/SL6POF68Ox1OynjD9-JJ5A-iE10.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206894
IP address blocks: 185.172.216.0/22 maxlen: 22
2a0b:2700::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:04:ce:79:ae:25:b5:c7:9a:80:66:4c:dc:80:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48be8f385ebc3b1d4eca78c3f7e249e40fa2135d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ee:9c:38:92:71:97:fb:72:b3:f7:14:bc:6a:
68:1a:6d:1d:06:c4:72:ec:e0:3a:a0:74:dd:e8:a8:
c7:25:8c:11:12:b3:8d:69:80:2c:ae:9a:50:cf:05:
6c:50:18:0a:33:26:1d:4a:10:a8:90:af:85:5f:dc:
1a:be:a5:52:e0:8a:e3:3c:5c:a6:8d:c5:77:2e:8f:
4e:df:31:f0:58:76:b7:8e:26:10:7d:66:3d:f7:96:
46:40:6a:22:07:30:5f:1e:75:88:a1:be:4f:81:77:
b2:3f:c8:6d:be:53:67:0c:37:8c:c9:fd:08:5c:a1:
bd:62:94:a9:eb:e1:de:2a:ef:ab:c9:ca:4b:d4:19:
23:5e:5c:da:fc:c8:66:62:5f:99:b5:f0:90:eb:23:
b2:38:f5:30:2c:b6:a9:4c:c6:9f:f2:9d:f0:f5:f5:
6f:93:94:17:9e:e2:2e:8d:f8:f3:97:65:7b:29:69:
59:90:c1:a0:de:9d:b5:49:ca:3a:6f:e4:09:f8:71:
3c:4c:76:93:f1:08:34:4b:1d:66:57:0e:96:24:bc:
38:9b:80:29:d9:2e:58:d8:3e:a4:d9:10:a5:d4:c0:
ec:cb:36:cb:da:64:71:b7:8b:12:61:4c:69:46:3e:
1a:71:b6:62:da:1b:ca:51:87:6b:28:dc:d1:2d:b4:
b6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BE:8F:38:5E:BC:3B:1D:4E:CA:78:C3:F7:E2:49:E4:0F:A2:13:5D
X509v3 Authority Key Identifier:
keyid:1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/SL6POF68Ox1OynjD9-JJ5A-iE10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.216.0/22
IPv6:
2a0b:2700::/29
Signature Algorithm: sha256WithRSAEncryption
87:dd:fc:be:20:25:c6:f3:1e:b5:55:62:75:4e:58:4e:31:89:
27:eb:d0:34:a8:78:fc:44:a4:8c:bd:82:5a:68:e8:f4:a8:53:
b1:05:44:08:00:16:7a:42:07:bd:76:57:12:0e:cc:7f:22:8e:
52:c8:73:fc:50:4b:8e:61:63:90:01:4f:d6:e5:9e:86:a5:4d:
09:d9:fb:b7:86:5c:d0:db:dd:29:b7:66:44:c3:58:61:d6:88:
fb:79:2f:b4:18:92:91:ec:3b:fa:be:4b:66:17:2b:3a:4b:27:
8a:b4:bb:ab:70:0d:59:6a:74:bc:8f:07:6f:2b:b8:bc:e7:02:
62:81:f5:2c:91:7f:09:3b:7c:c0:bb:4d:3d:4c:f7:0b:24:c8:
79:de:01:d3:ed:69:f7:ee:a6:63:ac:de:7d:78:86:03:44:56:
99:4f:c7:d4:a0:3c:6f:7a:22:e1:4e:42:74:fc:35:48:85:c4:
d0:45:05:a8:d8:b1:05:5a:45:5a:5c:cb:cf:f6:da:c5:82:14:
1c:0d:96:61:c2:ce:92:2e:69:6b:7f:7c:e3:3a:b2:fe:10:b4:
0a:e3:24:e4:4e:ac:f6:cb:58:b9:44:83:aa:4c:f0:1c:94:59:
99:2e:6b:0c:a9:b2:1e:47:f3:ee:5b:3f:8f:84:48:15:c7:12:
d0:12:ae:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3ATOea4ltceagGZM3ICvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZmMyYjM2NTE0MTYzZDM4OWVlOGZlMThmOGUyMzQzZmE0
ZGRjOTkwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGJlOGYzODVlYmMzYjFkNGVjYTc4YzNmN2UyNDllNDBmYTIxMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+6cOJJxl/tys/cUvGpoGm0dBsRy
7OA6oHTd6KjHJYwRErONaYAsrppQzwVsUBgKMyYdShCokK+FX9wavqVS4IrjPFym
jcV3Lo9O3zHwWHa3jiYQfWY995ZGQGoiBzBfHnWIob5PgXeyP8htvlNnDDeMyf0I
XKG9YpSp6+HeKu+rycpL1BkjXlza/MhmYl+ZtfCQ6yOyOPUwLLapTMaf8p3w9fVv
k5QXnuIujfjzl2V7KWlZkMGg3p21Sco6b+QJ+HE8THaT8Qg0Sx1mVw6WJLw4m4Ap
2S5Y2D6k2RCl1MDsyzbL2mRxt4sSYUxpRj4acbZi2hvKUYdrKNzRLbS2ywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEi+jzhevDsdTsp4w/fiSeQPohNdMB8GA1UdIwQY
MBaAFB38KzZRQWPTie6P4Y+OI0P6TdyZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGZ3ck5sRkJZOU9KN29faGo0NGpRX3BOM0prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kOTI5YWItNDg5Ni00M2UyLWE4NzYt
MDFiZWQ4NzgyYzdmLzEvU0w2UE9GNjhPeDFPeW5qRDktSko1QS1pRTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kOTI5YWItNDg5Ni00M2UyLWE4NzYtMDFiZWQ4NzgyYzdm
LzEvSGZ3ck5sRkJZOU9KN29faGo0NGpRX3BOM0prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazYMA0E
AgACMAcDBQMqCycAMA0GCSqGSIb3DQEBCwUAA4IBAQCH3fy+ICXG8x61VWJ1TlhO
MYkn69A0qHj8RKSMvYJaaOj0qFOxBUQIABZ6Qge9dlcSDsx/Io5SyHP8UEuOYWOQ
AU/W5Z6GpU0J2fu3hlzQ290pt2ZEw1hh1oj7eS+0GJKR7Dv6vktmFys6SyeKtLur
cA1ZanS8jwdvK7i85wJigfUskX8JO3zAu009TPcLJMh53gHT7Wn37qZjrN59eIYD
RFaZT8fUoDxveiLhTkJ0/DVIhcTQRQWo2LEFWkVaXMvP9trFghQcDZZhws6SLmlr
f3zjOrL+ELQK4yTkTqz2y1i5RIOqTPAclFmZLmsMqbIeR/PuWz+PhEgVxxLQEq7d
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:05 2025 by rpki-client