Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/P8u9k96qJtWU6V1uFj16YM_TwTc.roa
File: P8u9k96qJtWU6V1uFj16YM_TwTc.roa (raw, json)
Hash identifier: cBilTzQG+gIeaAPbxM7ongne2J+OHEgshoMCxn0phE4=
Subject key identifier: 3F:CB:BD:93:DE:AA:26:D5:94:E9:5D:6E:16:3D:7A:60:CF:D3:C1:37
Certificate issuer: /CN=6b66c53b13566d01c4a893adf130bbb4fa1653aa
Certificate serial: 018F9C62B0FCDECD77253403E182D177B79F
Authority key identifier: 6B:66:C5:3B:13:56:6D:01:C4:A8:93:AD:F1:30:BB:B4:FA:16:53:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2bFOxNWbQHEqJOt8TC7tPoWU6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/P8u9k96qJtWU6V1uFj16YM_TwTc.roa
Signing time: Tue 21 May 2024 18:21:04 +0000
ROA not before: Tue 21 May 2024 18:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204817
IP address blocks: 185.219.8.0/22 maxlen: 24
2a0b:dd40::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:62:b0:fc:de:cd:77:25:34:03:e1:82:d1:77:b7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b66c53b13566d01c4a893adf130bbb4fa1653aa
Validity
Not Before: May 21 18:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fcbbd93deaa26d594e95d6e163d7a60cfd3c137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:93:e8:a5:be:6d:6e:a5:3c:79:bc:33:1a:e3:
7c:ab:c9:d0:93:b1:01:5d:c1:20:86:53:ae:c2:2f:
82:b5:a3:fe:2f:58:2d:de:a8:aa:12:de:fd:15:c9:
a3:f8:b0:08:73:22:91:8f:cb:79:25:91:cf:bf:2c:
e3:c0:10:a6:c6:71:4a:50:79:f3:40:8e:47:f3:36:
de:b8:03:e7:75:66:f4:52:da:f2:a2:2c:8a:30:02:
9d:9c:d0:91:e5:cc:dd:25:ae:12:d0:3e:2a:de:7e:
0c:44:72:86:5c:09:04:3c:e5:72:79:75:0c:18:c1:
30:fa:53:f6:c3:ea:f4:99:49:ea:26:2d:4e:6a:4b:
50:df:99:4a:bd:cf:86:ff:66:ab:35:fa:2d:8d:26:
b1:09:ba:d2:f8:9c:9b:92:0f:20:6d:26:7c:ba:0f:
16:23:a1:7a:b9:93:2e:d6:bf:43:5c:d1:3d:a2:80:
5b:d3:bd:8a:e0:31:6f:9c:00:38:1a:92:2b:8a:0e:
c7:50:0f:96:b3:ca:4a:ec:4c:69:bc:0a:00:2a:9f:
1b:ee:46:9c:32:fb:b0:1b:32:48:56:1a:b0:7b:ae:
d4:75:9f:c3:b4:8f:b2:2f:6a:68:fd:62:48:a8:b0:
38:86:38:d0:be:8b:e2:a6:40:b9:53:87:81:17:63:
81:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:CB:BD:93:DE:AA:26:D5:94:E9:5D:6E:16:3D:7A:60:CF:D3:C1:37
X509v3 Authority Key Identifier:
keyid:6B:66:C5:3B:13:56:6D:01:C4:A8:93:AD:F1:30:BB:B4:FA:16:53:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2bFOxNWbQHEqJOt8TC7tPoWU6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/P8u9k96qJtWU6V1uFj16YM_TwTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/6e5ff1-39f9-466b-827f-7bc268a0b517/1/a2bFOxNWbQHEqJOt8TC7tPoWU6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.8.0/22
IPv6:
2a0b:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:54:a7:1e:64:a6:a1:ba:2e:50:5b:5c:74:c2:3f:d5:b0:ef:
f5:5d:11:30:f7:31:d4:5f:10:88:83:b9:6f:45:a7:b3:72:b7:
b5:13:e1:54:56:b0:26:cf:63:f3:c2:fd:c9:57:fe:0f:f4:a2:
b1:2d:56:45:31:95:19:e2:fd:81:e2:88:4d:39:df:5c:73:df:
23:8b:a6:dc:66:0c:4f:01:47:16:59:21:d2:19:02:22:37:1e:
1b:78:fb:96:9d:66:90:0c:9a:46:e6:78:f3:8b:dd:e0:52:30:
17:68:fd:ed:95:05:4a:33:f2:8e:f0:ef:3a:67:42:f6:ae:81:
f7:89:59:26:29:62:a3:77:85:ca:46:5f:3a:68:93:ba:e2:f2:
96:2a:4e:a4:dc:f4:7a:59:03:c0:2b:37:eb:e3:bc:e8:bc:75:
37:ad:a6:e5:95:37:40:94:ff:c5:b8:e1:e4:d7:fd:15:e8:f1:
00:28:21:bd:69:59:49:99:7d:02:63:7a:40:db:43:28:5f:fc:
40:7a:2b:be:be:10:7c:cb:0f:7a:50:90:92:10:68:b5:15:20:
6f:c5:db:43:ec:ef:8f:6f:41:41:81:3c:e8:be:51:56:99:b1:
4a:71:13:ad:9f:f6:73:70:a6:91:6c:19:b9:95:28:8b:24:08:
56:e7:c6:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+cYrD83s13JTQD4YLRd7efMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNjZjNTNiMTM1NjZkMDFjNGE4OTNhZGYxMzBiYmI0ZmEx
NjUzYWEwHhcNMjQwNTIxMTgyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmNiYmQ5M2RlYWEyNmQ1OTRlOTVkNmUxNjNkN2E2MGNmZDNjMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZPopb5tbqU8ebwzGuN8q8nQk7EB
XcEghlOuwi+CtaP+L1gt3qiqEt79Fcmj+LAIcyKRj8t5JZHPvyzjwBCmxnFKUHnz
QI5H8zbeuAPndWb0UtryoiyKMAKdnNCR5czdJa4S0D4q3n4MRHKGXAkEPOVyeXUM
GMEw+lP2w+r0mUnqJi1OaktQ35lKvc+G/2arNfotjSaxCbrS+Jybkg8gbSZ8ug8W
I6F6uZMu1r9DXNE9ooBb072K4DFvnAA4GpIrig7HUA+Ws8pK7ExpvAoAKp8b7kac
MvuwGzJIVhqwe67UdZ/DtI+yL2po/WJIqLA4hjjQvovipkC5U4eBF2OBIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD/LvZPeqibVlOldbhY9emDP08E3MB8GA1UdIwQY
MBaAFGtmxTsTVm0BxKiTrfEwu7T6FlOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJiRk94TldiUUhFcUpPdDhUQzd0UG9XVTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC82ZTVmZjEtMzlmOS00NjZiLTgyN2Yt
N2JjMjY4YTBiNTE3LzEvUDh1OWs5NnFKdFdVNlYxdUZqMTZZTV9Ud1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC82ZTVmZjEtMzlmOS00NjZiLTgyN2YtN2JjMjY4YTBiNTE3
LzEvYTJiRk94TldiUUhFcUpPdDhUQzd0UG9XVTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudsIMA0E
AgACMAcDBQMqC91AMA0GCSqGSIb3DQEBCwUAA4IBAQB9VKceZKahui5QW1x0wj/V
sO/1XREw9zHUXxCIg7lvRaezcre1E+FUVrAmz2Pzwv3JV/4P9KKxLVZFMZUZ4v2B
4ohNOd9cc98ji6bcZgxPAUcWWSHSGQIiNx4bePuWnWaQDJpG5njzi93gUjAXaP3t
lQVKM/KO8O86Z0L2roH3iVkmKWKjd4XKRl86aJO64vKWKk6k3PR6WQPAKzfr47zo
vHU3rabllTdAlP/FuOHk1/0V6PEAKCG9aVlJmX0CY3pA20MoX/xAeiu+vhB8yw96
UJCSEGi1FSBvxdtD7O+Pb0FBgTzovlFWmbFKcROtn/ZzcKaRbBm5lSiLJAhW58ZA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:46 2025 by rpki-client