Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d983cd-3f8e-4d6e-a38c-4d8d62b18e89/1/j38aB9YsZ1oAsxL0gfaw50vGATQ.roa
File: j38aB9YsZ1oAsxL0gfaw50vGATQ.roa (raw, json)
Hash identifier: WPHSV59T6Lu3apfyT3Bb1s5PRcyNY32p1UeU4hw4sk0=
Subject key identifier: 8F:7F:1A:07:D6:2C:67:5A:00:B3:12:F4:81:F6:B0:E7:4B:C6:01:34
Certificate issuer: /CN=6c5311a57ccfcb5135261ff39bd19a115ef3e7cf
Certificate serial: 018CC4930505E492EC49568AEF0665AF5091
Authority key identifier: 6C:53:11:A5:7C:CF:CB:51:35:26:1F:F3:9B:D1:9A:11:5E:F3:E7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bFMRpXzPy1E1Jh_zm9GaEV7z588.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d983cd-3f8e-4d6e-a38c-4d8d62b18e89/1/j38aB9YsZ1oAsxL0gfaw50vGATQ.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205187
IP address blocks: 185.226.248.0/22 maxlen: 24
2a0c:7e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:05:05:e4:92:ec:49:56:8a:ef:06:65:af:50:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5311a57ccfcb5135261ff39bd19a115ef3e7cf
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f7f1a07d62c675a00b312f481f6b0e74bc60134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:32:0d:ee:60:96:9a:cc:f5:d9:1f:52:5e:f1:
9e:4d:15:17:9e:31:12:56:2c:aa:54:0d:39:02:86:
ee:03:31:68:c2:41:a9:57:4e:28:c1:39:a8:aa:0b:
f2:d4:1e:09:7e:6e:89:6c:a0:72:90:e9:94:b4:2c:
2a:82:61:7b:0c:64:74:f1:7c:6d:e3:b0:2e:ac:f7:
2b:c9:32:7b:78:67:3f:8d:35:fe:7d:d5:70:a1:4c:
d3:a2:4e:cb:85:02:22:15:21:29:39:88:6d:5b:aa:
df:fb:02:3e:4f:e2:94:47:9b:70:8e:31:2c:f2:b3:
3f:68:6e:a9:99:fb:37:fe:b3:ba:94:0d:15:0e:02:
38:4b:1c:dc:35:99:ed:93:65:e6:f9:67:c1:60:01:
14:57:41:a0:d7:14:4d:fb:9c:32:b4:c6:4c:7f:2f:
c0:35:0b:df:4e:f1:a1:75:e0:69:ec:aa:8e:0a:15:
7f:9b:26:07:11:5e:f6:c2:22:f2:02:77:eb:eb:a8:
7d:93:5f:1f:87:27:58:0d:10:06:0c:ce:62:76:a7:
3a:40:57:0d:0d:15:a1:70:c0:33:cb:47:0c:45:2d:
2d:d7:b5:5c:07:6a:92:2c:43:0e:ee:c4:f6:5c:5c:
57:f4:37:36:40:ba:e7:7a:a2:16:50:45:15:57:2b:
fc:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7F:1A:07:D6:2C:67:5A:00:B3:12:F4:81:F6:B0:E7:4B:C6:01:34
X509v3 Authority Key Identifier:
keyid:6C:53:11:A5:7C:CF:CB:51:35:26:1F:F3:9B:D1:9A:11:5E:F3:E7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFMRpXzPy1E1Jh_zm9GaEV7z588.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d983cd-3f8e-4d6e-a38c-4d8d62b18e89/1/j38aB9YsZ1oAsxL0gfaw50vGATQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d983cd-3f8e-4d6e-a38c-4d8d62b18e89/1/bFMRpXzPy1E1Jh_zm9GaEV7z588.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.248.0/22
IPv6:
2a0c:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
04:58:e1:3f:96:47:41:b6:27:bb:64:b0:82:ec:ee:68:81:6c:
ca:49:6c:c9:0b:7d:92:73:a3:9a:c4:ad:ae:29:f3:48:c5:ed:
16:73:ef:9c:22:c6:f6:48:6a:1d:94:e1:57:54:3f:3e:0a:47:
e4:e3:8c:da:f4:de:8a:7f:8c:3d:95:63:ea:d8:26:96:d2:89:
c0:52:13:cb:df:c5:3c:79:79:9a:58:ee:48:bc:0a:50:46:65:
62:1e:07:c1:54:6e:6f:00:a0:3e:ef:d7:e0:07:7f:f3:6b:78:
47:60:81:70:89:44:62:d7:13:2a:1c:8d:17:1a:b3:f2:40:a5:
0c:46:6e:bd:1f:4f:49:5d:1b:91:93:ba:44:4d:ff:8d:dd:e5:
90:e2:53:d5:86:0e:05:a5:fe:20:db:f8:6d:3f:cf:f5:0c:71:
39:de:ba:7d:a8:c7:6e:cb:c1:73:08:e3:dc:64:29:3b:e4:f4:
74:40:30:fb:d1:0d:6e:5c:e6:da:07:38:1e:8b:01:13:6a:27:
37:45:1c:d9:c4:78:44:12:04:d6:cc:53:89:7a:a4:50:75:58:
73:5b:c7:b0:cd:5d:cf:4d:4e:97:d9:fa:86:8f:f4:46:b0:fd:
f9:38:b0:1e:a5:d4:ee:fa:00:84:82:2a:4b:a9:e6:47:1e:af:
b0:09:18:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkwUF5JLsSVaK7wZlr1CRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNTMxMWE1N2NjZmNiNTEzNTI2MWZmMzliZDE5YTExNWVm
M2U3Y2YwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdmMWEwN2Q2MmM2NzVhMDBiMzEyZjQ4MWY2YjBlNzRiYzYwMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDIN7mCWmsz12R9SXvGeTRUXnjES
ViyqVA05AobuAzFowkGpV04owTmoqgvy1B4Jfm6JbKBykOmUtCwqgmF7DGR08Xxt
47AurPcryTJ7eGc/jTX+fdVwoUzTok7LhQIiFSEpOYhtW6rf+wI+T+KUR5twjjEs
8rM/aG6pmfs3/rO6lA0VDgI4SxzcNZntk2Xm+WfBYAEUV0Gg1xRN+5wytMZMfy/A
NQvfTvGhdeBp7KqOChV/myYHEV72wiLyAnfr66h9k18fhydYDRAGDM5idqc6QFcN
DRWhcMAzy0cMRS0t17VcB2qSLEMO7sT2XFxX9Dc2QLrneqIWUEUVVyv8JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI9/GgfWLGdaALMS9IH2sOdLxgE0MB8GA1UdIwQY
MBaAFGxTEaV8z8tRNSYf85vRmhFe8+fPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkZNUnBYelB5MUUxSmhfem05R2FFVjd6NTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kOTgzY2QtM2Y4ZS00ZDZlLWEzOGMt
NGQ4ZDYyYjE4ZTg5LzEvajM4YUI5WXNaMW9Bc3hMMGdmYXc1MHZHQVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kOTgzY2QtM2Y4ZS00ZDZlLWEzOGMtNGQ4ZDYyYjE4ZTg5
LzEvYkZNUnBYelB5MUUxSmhfem05R2FFVjd6NTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueL4MA0E
AgACMAcDBQMqDH4AMA0GCSqGSIb3DQEBCwUAA4IBAQAEWOE/lkdBtie7ZLCC7O5o
gWzKSWzJC32Sc6OaxK2uKfNIxe0Wc++cIsb2SGodlOFXVD8+Ckfk44za9N6Kf4w9
lWPq2CaW0onAUhPL38U8eXmaWO5IvApQRmViHgfBVG5vAKA+79fgB3/za3hHYIFw
iURi1xMqHI0XGrPyQKUMRm69H09JXRuRk7pETf+N3eWQ4lPVhg4Fpf4g2/htP8/1
DHE53rp9qMduy8FzCOPcZCk75PR0QDD70Q1uXObaBzgeiwETaic3RRzZxHhEEgTW
zFOJeqRQdVhzW8ewzV3PTU6X2fqGj/RGsP35OLAepdTu+gCEgipLqeZHHq+wCRgW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:26 2025 by rpki-client