Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/II6AFoVaZ6TUatJWVYnWzQ5fswU.roa
File: II6AFoVaZ6TUatJWVYnWzQ5fswU.roa (raw, json)
Hash identifier: z+rmO7s7KSUIxoRQRohe3IGpo/xxtE80Zdfclso92wo=
Subject key identifier: 20:8E:80:16:85:5A:67:A4:D4:6A:D2:56:55:89:D6:CD:0E:5F:B3:05
Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654
Certificate serial: 01936384D54F14F5C311BA349E842028F321
Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/II6AFoVaZ6TUatJWVYnWzQ5fswU.roa
Signing time: Mon 25 Nov 2024 13:31:09 +0000
ROA not before: Mon 25 Nov 2024 13:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8368
IP address blocks: 85.158.208.0/21 maxlen: 24
94.158.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Nov 2024 13:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:84:d5:4f:14:f5:c3:11:ba:34:9e:84:20:28:f3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654
Validity
Not Before: Nov 25 13:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=208e8016855a67a4d46ad2565589d6cd0e5fb305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:a2:4f:41:ef:77:38:73:07:e9:bb:ff:c3:
c6:04:bf:89:7e:aa:1d:dc:ea:0f:d5:4c:ea:22:3b:
b8:08:f4:bb:66:42:83:c3:62:01:60:55:04:35:d7:
6e:5e:fb:1f:78:be:6c:6f:dc:6a:bf:50:2a:cf:ea:
ec:46:62:3c:e9:b5:41:ff:79:7a:fe:05:26:a9:ec:
04:30:f8:4e:5a:e9:13:2a:8b:fa:de:fd:81:8e:12:
94:28:42:ce:0c:13:9f:5c:ba:72:b9:10:fb:80:7c:
81:68:f5:06:4c:a4:6a:8f:4d:c1:b7:e9:b6:47:1f:
b5:eb:44:05:c6:f7:25:7b:25:48:bf:29:09:40:47:
b7:3c:46:94:14:27:5d:54:68:67:76:92:08:9f:0b:
1d:2f:2d:98:85:be:c7:57:26:8d:ba:ff:ba:b5:0d:
0f:ab:eb:05:a1:e1:61:9b:b0:97:16:9a:68:0f:e9:
14:57:a9:71:35:38:81:e9:ca:88:26:ef:b4:e5:ae:
b8:28:63:23:e9:93:f6:42:28:ed:f0:c5:7c:cc:ee:
d5:21:2b:8f:91:6a:29:d0:68:05:54:bc:60:77:05:
6f:66:42:01:3b:35:e4:cf:e2:3c:c0:c7:39:87:ec:
7a:9b:f6:bb:ed:dd:90:bb:3d:e1:e2:63:d1:eb:ce:
2c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8E:80:16:85:5A:67:A4:D4:6A:D2:56:55:89:D6:CD:0E:5F:B3:05
X509v3 Authority Key Identifier:
keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/II6AFoVaZ6TUatJWVYnWzQ5fswU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.208.0/21
94.158.248.0/24
Signature Algorithm: sha256WithRSAEncryption
25:9d:a6:33:f1:5b:38:52:27:ac:39:72:58:09:15:ea:61:28:
bb:da:88:46:10:27:0e:86:a3:cb:4e:a0:6a:59:09:7d:4c:55:
7e:66:ac:52:1a:b8:c9:37:8a:ec:af:2a:16:46:5b:3c:80:07:
cf:3e:ef:94:c5:90:2d:30:59:00:5e:7c:1d:9a:f4:df:99:42:
63:cb:cb:79:2e:a1:62:1b:b4:d5:b1:58:8f:ec:96:0b:5c:c5:
f4:8a:96:c6:57:7d:96:d7:e7:b7:b3:63:77:93:da:f8:ce:0c:
81:26:22:bf:a8:81:5c:8d:4c:2f:29:b6:9f:38:68:64:e9:82:
7e:bf:82:b0:af:b0:65:bd:5b:1f:8c:ec:be:9f:b0:34:2a:64:
1e:fa:ff:ce:66:1d:57:33:6d:23:ad:e3:ed:ed:4b:2d:69:3a:
86:f7:1d:0f:c1:4f:29:88:9e:6c:78:50:d9:aa:29:3a:3a:6d:
ec:d3:b4:de:fb:7f:86:0e:6c:23:18:d8:0a:50:67:e2:0f:6b:
fc:f8:fb:9d:cc:06:63:c1:42:4f:28:66:23:7e:eb:94:05:00:
a0:de:f5:88:d4:f1:25:49:fd:69:d6:66:3a:af:69:09:4c:66:
63:46:43:ce:72:75:02:ff:4f:02:07:bb:3f:84:32:c2:f6:2c:
bb:80:20:35
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNjhNVPFPXDEbo0noQgKPMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz
MDQ2NTQwHhcNMjQxMTI1MTMzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhlODAxNjg1NWE2N2E0ZDQ2YWQyNTY1NTg5ZDZjZDBlNWZiMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDWiT0HvdzhzB+m7/8PGBL+Jfqod
3OoP1UzqIju4CPS7ZkKDw2IBYFUENdduXvsfeL5sb9xqv1Aqz+rsRmI86bVB/3l6
/gUmqewEMPhOWukTKov63v2BjhKUKELODBOfXLpyuRD7gHyBaPUGTKRqj03Bt+m2
Rx+160QFxvcleyVIvykJQEe3PEaUFCddVGhndpIInwsdLy2Yhb7HVyaNuv+6tQ0P
q+sFoeFhm7CXFppoD+kUV6lxNTiB6cqIJu+05a64KGMj6ZP2Qijt8MV8zO7VISuP
kWop0GgFVLxgdwVvZkIBOzXkz+I8wMc5h+x6m/a77d2Quz3h4mPR684sTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCCOgBaFWmek1GrSVlWJ1s0OX7MFMB8GA1UdIwQY
MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct
MGZiNDgyM2Y1Yjg3LzEvSUk2QUZvVmFaNlRVYXRKV1ZZbld6UTVmc3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3
LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ7QAwQA
Xp74MA0GCSqGSIb3DQEBCwUAA4IBAQAlnaYz8Vs4UiesOXJYCRXqYSi72ohGECcO
hqPLTqBqWQl9TFV+ZqxSGrjJN4rsryoWRls8gAfPPu+UxZAtMFkAXnwdmvTfmUJj
y8t5LqFiG7TVsViP7JYLXMX0ipbGV32W1+e3s2N3k9r4zgyBJiK/qIFcjUwvKbaf
OGhk6YJ+v4Kwr7BlvVsfjOy+n7A0KmQe+v/OZh1XM20jrePt7UstaTqG9x0PwU8p
iJ5seFDZqik6Om3s07Te+3+GDmwjGNgKUGfiD2v8+PudzAZjwUJPKGYjfuuUBQCg
3vWI1PElSf1p1mY6r2kJTGZjRkPOcnUC/08CB7s/hDLC9iy7gCA1
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:53:06 2025 by rpki-client