Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/8co9EGa0W3XRAsP75GPAFyhM4do.roa
File: 8co9EGa0W3XRAsP75GPAFyhM4do.roa (raw, json)
Hash identifier: /GG+FUufb+fTRUWDmhBDLpvvOzXhr5wKXalv6PdAiRs=
Subject key identifier: F1:CA:3D:10:66:B4:5B:75:D1:02:C3:FB:E4:63:C0:17:28:4C:E1:DA
Certificate issuer: /CN=a4d32269302e1cbccbaac0e0e5af8a864498a135
Certificate serial: 018CC4251413EA53A08F2F16F7E7A9588291
Authority key identifier: A4:D3:22:69:30:2E:1C:BC:CB:AA:C0:E0:E5:AF:8A:86:44:98:A1:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pNMiaTAuHLzLqsDg5a-KhkSYoTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/8co9EGa0W3XRAsP75GPAFyhM4do.roa
Signing time: Mon 01 Jan 2024 08:30:13 +0000
ROA not before: Mon 01 Jan 2024 08:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34741
IP address blocks: 185.174.242.0/24 maxlen: 24
185.174.241.0/24 maxlen: 24
185.174.240.0/24 maxlen: 24
2a07:f100:1000::/36 maxlen: 36
2a07:f100::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:14:13:ea:53:a0:8f:2f:16:f7:e7:a9:58:82:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4d32269302e1cbccbaac0e0e5af8a864498a135
Validity
Not Before: Jan 1 08:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ca3d1066b45b75d102c3fbe463c017284ce1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:49:99:36:55:bf:50:1f:b9:a9:22:49:fa:05:
4d:66:bc:6d:03:ab:bf:b5:a0:87:eb:16:de:af:98:
a1:a4:7c:64:74:a1:e6:db:f9:c2:ea:96:0a:8a:38:
25:69:e7:37:8e:15:28:2e:85:90:09:85:72:4b:9b:
8e:1d:a7:17:47:d3:23:f9:d0:04:5d:68:bc:45:b3:
93:3a:49:e8:00:07:a2:e8:8b:16:13:29:0a:af:21:
be:56:59:b6:f2:52:80:1d:49:53:64:1c:29:5c:b6:
16:0d:34:4a:cd:ad:88:03:e9:de:dd:3d:98:cb:c8:
60:a9:30:4a:3b:ab:f5:b0:48:69:54:80:c7:38:e5:
06:8b:09:ee:98:00:6e:76:36:cd:bb:50:84:70:30:
80:5f:7b:f9:9f:72:a7:77:1e:ae:e3:e0:b5:52:f5:
d8:9a:49:ca:71:1a:06:6c:64:57:39:4f:de:9c:f0:
b7:be:4d:bd:2e:67:87:2f:9b:21:ee:a8:e6:e8:49:
66:06:88:04:a1:4f:47:3a:e9:c0:3e:c4:fa:b9:d4:
67:c8:83:5c:db:1d:9f:ae:21:86:ae:fd:0f:64:eb:
0a:4b:22:7a:10:af:bd:1d:d6:20:6c:78:73:e4:e6:
9a:73:fc:f5:82:2c:da:a9:df:42:a5:6a:8d:ca:ee:
51:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:CA:3D:10:66:B4:5B:75:D1:02:C3:FB:E4:63:C0:17:28:4C:E1:DA
X509v3 Authority Key Identifier:
keyid:A4:D3:22:69:30:2E:1C:BC:CB:AA:C0:E0:E5:AF:8A:86:44:98:A1:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNMiaTAuHLzLqsDg5a-KhkSYoTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/8co9EGa0W3XRAsP75GPAFyhM4do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9616ee-381d-4afe-890c-6ee514b29115/1/pNMiaTAuHLzLqsDg5a-KhkSYoTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.240.0-185.174.242.255
IPv6:
2a07:f100::/35
Signature Algorithm: sha256WithRSAEncryption
1d:a5:9a:3e:c2:1b:68:b2:60:c9:c4:8a:de:36:50:7d:fe:31:
3b:45:a0:55:78:da:b9:fb:fd:4f:ae:6d:84:6d:22:59:17:94:
ba:26:3f:af:d2:a3:f2:10:fa:6c:7e:5f:81:aa:78:a2:d7:69:
1e:e8:da:61:7a:3e:76:0a:93:a9:f9:c7:a0:26:8b:d6:a7:d4:
37:ac:2a:6d:ca:11:51:cf:bd:dd:f8:05:f9:15:86:ae:f3:82:
fa:3e:0c:c4:8c:fd:c7:06:fd:a3:ef:2a:53:6c:dc:2a:6e:d2:
92:62:e8:99:c7:a9:67:a8:cb:33:08:ec:16:7e:f6:89:a4:11:
4e:4e:55:57:c6:ad:90:2e:1c:bd:62:3e:47:06:54:db:3d:24:
c1:38:54:10:21:db:15:f7:46:a8:9a:75:50:1e:e0:d3:c6:0f:
ff:10:90:7b:4d:e4:d8:98:43:c0:57:50:77:6d:1f:76:0a:4a:
7d:d1:87:78:8e:a8:23:ad:e7:9f:22:8c:3a:d0:fc:28:ac:34:
df:be:74:cb:9f:84:36:3e:c3:10:9b:04:1f:34:76:f0:76:1d:
74:db:8b:26:43:ac:a9:cc:9c:90:15:bb:b1:67:8c:78:a7:02:
d6:23:40:2a:c8:22:f4:61:6b:0e:15:7c:17:bc:f1:e6:6d:78:
74:1a:5a:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJRQT6lOgjy8W9+epWIKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDMyMjY5MzAyZTFjYmNjYmFhYzBlMGU1YWY4YTg2NDQ5
OGExMzUwHhcNMjQwMTAxMDgzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWNhM2QxMDY2YjQ1Yjc1ZDEwMmMzZmJlNDYzYzAxNzI4NGNlMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkmZNlW/UB+5qSJJ+gVNZrxtA6u/
taCH6xber5ihpHxkdKHm2/nC6pYKijglaec3jhUoLoWQCYVyS5uOHacXR9Mj+dAE
XWi8RbOTOknoAAei6IsWEykKryG+Vlm28lKAHUlTZBwpXLYWDTRKza2IA+ne3T2Y
y8hgqTBKO6v1sEhpVIDHOOUGiwnumABudjbNu1CEcDCAX3v5n3Kndx6u4+C1UvXY
mknKcRoGbGRXOU/enPC3vk29LmeHL5sh7qjm6ElmBogEoU9HOunAPsT6udRnyINc
2x2friGGrv0PZOsKSyJ6EK+9HdYgbHhz5Oaac/z1gizaqd9CpWqNyu5RlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPHKPRBmtFt10QLD++RjwBcoTOHaMB8GA1UdIwQY
MBaAFKTTImkwLhy8y6rA4OWvioZEmKE1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5NaWFUQXVITHpMcXNEZzVhLUtoa1NZb1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85NjE2ZWUtMzgxZC00YWZlLTg5MGMt
NmVlNTE0YjI5MTE1LzEvOGNvOUVHYTBXM1hSQXNQNzVHUEFGeWhNNGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85NjE2ZWUtMzgxZC00YWZlLTg5MGMtNmVlNTE0YjI5MTE1
LzEvcE5NaWFUQXVITHpMcXNEZzVhLUtoa1NZb1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAS5rvAD
BAC5rvIwDgQCAAIwCAMGBSoH8QAAMA0GCSqGSIb3DQEBCwUAA4IBAQAdpZo+whto
smDJxIreNlB9/jE7RaBVeNq5+/1Prm2EbSJZF5S6Jj+v0qPyEPpsfl+Bqnii12ke
6Nphej52CpOp+cegJovWp9Q3rCptyhFRz73d+AX5FYau84L6PgzEjP3HBv2j7ypT
bNwqbtKSYuiZx6lnqMszCOwWfvaJpBFOTlVXxq2QLhy9Yj5HBlTbPSTBOFQQIdsV
90aomnVQHuDTxg//EJB7TeTYmEPAV1B3bR92Ckp90Yd4jqgjreefIow60PworDTf
vnTLn4Q2PsMQmwQfNHbwdh1024smQ6ypzJyQFbuxZ4x4pwLWI0AqyCL0YWsOFXwX
vPHmbXh0GlpQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:52 2025 by rpki-client