Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/f9mFNCX8oTTYyjlGpKNg0vg15bE.roa
File: f9mFNCX8oTTYyjlGpKNg0vg15bE.roa (raw, json)
Hash identifier: gWRMmAjM5UrsbDydc+sB5DVAW+2FU8xnozRru7AFUBM=
Subject key identifier: 7F:D9:85:34:25:FC:A1:34:D8:CA:39:46:A4:A3:60:D2:F8:35:E5:B1
Certificate issuer: /CN=8f0adba2604934738c7c9692a0b3ab7b30a82bb2
Certificate serial: 018CF961B034DB6EDAA94EFB79B4F65EA8EB
Authority key identifier: 8F:0A:DB:A2:60:49:34:73:8C:7C:96:92:A0:B3:AB:7B:30:A8:2B:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jwrbomBJNHOMfJaSoLOrezCoK7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/f9mFNCX8oTTYyjlGpKNg0vg15bE.roa
Signing time: Thu 11 Jan 2024 16:36:18 +0000
ROA not before: Thu 11 Jan 2024 16:36:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201179
IP address blocks: 185.18.220.0/24 maxlen: 24
176.110.124.0/24 maxlen: 24
176.110.125.0/24 maxlen: 24
176.110.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:61:b0:34:db:6e:da:a9:4e:fb:79:b4:f6:5e:a8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f0adba2604934738c7c9692a0b3ab7b30a82bb2
Validity
Not Before: Jan 11 16:36:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fd9853425fca134d8ca3946a4a360d2f835e5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:03:32:df:1e:87:1e:dd:85:a5:6f:14:9d:b9:
75:13:9c:d5:48:4e:30:52:44:ef:5e:03:23:b4:bd:
e9:55:c0:f1:b8:a1:4d:9d:83:bf:bf:ee:78:3b:ab:
71:a0:78:ea:42:6e:50:1c:d1:a3:8f:02:21:af:16:
df:37:ed:4a:c1:cb:b6:67:4a:21:36:84:ac:bb:8d:
90:ae:c2:31:fb:9b:82:b8:bb:67:53:79:f6:0e:24:
9b:f6:41:37:d6:4b:89:d5:08:2b:90:35:de:7f:da:
67:3c:07:ca:bc:7f:99:a8:b3:8e:3f:89:ac:29:be:
2b:73:14:db:9f:f0:12:45:58:2d:e5:63:ee:df:89:
b7:b4:4d:ce:72:13:4e:25:97:a2:dd:c8:f6:ad:49:
87:97:36:dc:ee:73:3b:ff:b4:9a:74:61:4a:c0:87:
a1:e6:68:50:bc:c6:e2:ce:44:c4:a3:d6:40:3f:0e:
69:b8:ce:d1:ec:38:fb:94:2c:68:64:9e:fb:bd:49:
1d:ef:24:12:66:8f:11:7c:ec:51:78:e1:51:1e:01:
68:71:3c:13:74:45:7c:88:91:a9:76:2c:2e:4c:2a:
d2:e3:f0:e2:2b:32:2e:5d:40:cd:6c:e2:c9:00:89:
bf:3c:f7:36:98:fb:36:fe:95:86:f2:49:8d:23:ca:
39:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D9:85:34:25:FC:A1:34:D8:CA:39:46:A4:A3:60:D2:F8:35:E5:B1
X509v3 Authority Key Identifier:
keyid:8F:0A:DB:A2:60:49:34:73:8C:7C:96:92:A0:B3:AB:7B:30:A8:2B:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jwrbomBJNHOMfJaSoLOrezCoK7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/f9mFNCX8oTTYyjlGpKNg0vg15bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/7a85c9-c58a-4f8e-83b1-7bafde4c4b24/1/jwrbomBJNHOMfJaSoLOrezCoK7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.124.0-176.110.126.255
185.18.220.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:2b:79:02:57:c4:ec:9a:57:e7:e7:58:49:11:cb:ab:3b:75:
49:d0:b0:43:4a:21:1d:04:f3:34:03:99:11:33:45:74:66:b5:
14:03:f9:f0:79:73:07:34:b3:17:d6:f4:4e:ec:17:8a:1f:17:
2e:8a:49:b0:70:0a:59:60:74:1c:a5:de:76:ac:d8:b3:db:b5:
29:8b:9e:1c:9b:5d:54:be:f7:17:0e:30:36:0d:dd:57:1b:8d:
40:c2:54:a8:33:49:c6:ec:61:5f:1b:7c:c5:f6:24:ce:47:6b:
f0:1b:94:5b:cf:bb:3c:5f:c1:38:5b:c4:c2:cc:92:14:be:6d:
61:20:1c:2f:54:f6:8c:3f:0d:00:ee:84:7c:31:f2:77:5b:5b:
30:6e:ef:49:8c:b4:ec:4b:31:0b:df:31:82:b0:2e:dd:bc:8c:
e7:5d:8f:48:41:41:90:9d:6c:0c:e5:93:4d:c6:e3:3f:4c:cc:
fe:96:db:79:3b:de:62:e6:d8:6c:f6:5b:4d:9d:8e:a1:5d:48:
5d:f6:44:a2:27:a7:f6:aa:42:c7:4f:68:cb:06:98:78:ab:e0:
65:fd:9f:3f:a6:97:1f:93:f4:5e:5d:a9:87:8f:f6:8e:e1:b4:
5c:99:b6:9d:b5:e5:6c:2e:d1:8f:b6:30:54:3a:71:9b:27:c6:
c1:8b:4c:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYz5YbA0227aqU77ebT2XqjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMGFkYmEyNjA0OTM0NzM4YzdjOTY5MmEwYjNhYjdiMzBh
ODJiYjIwHhcNMjQwMTExMTYzNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQ5ODUzNDI1ZmNhMTM0ZDhjYTM5NDZhNGEzNjBkMmY4MzVlNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AMy3x6HHt2FpW8Unbl1E5zVSE4w
UkTvXgMjtL3pVcDxuKFNnYO/v+54O6txoHjqQm5QHNGjjwIhrxbfN+1Kwcu2Z0oh
NoSsu42QrsIx+5uCuLtnU3n2DiSb9kE31kuJ1QgrkDXef9pnPAfKvH+ZqLOOP4ms
Kb4rcxTbn/ASRVgt5WPu34m3tE3OchNOJZei3cj2rUmHlzbc7nM7/7SadGFKwIeh
5mhQvMbizkTEo9ZAPw5puM7R7Dj7lCxoZJ77vUkd7yQSZo8RfOxReOFRHgFocTwT
dEV8iJGpdiwuTCrS4/DiKzIuXUDNbOLJAIm/PPc2mPs2/pWG8kmNI8o5zQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH/ZhTQl/KE02Mo5RqSjYNL4NeWxMB8GA1UdIwQY
MBaAFI8K26JgSTRzjHyWkqCzq3swqCuyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvandyYm9tQkpOSE9NZkphU29MT3JlekNvSzdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC83YTg1YzktYzU4YS00ZjhlLTgzYjEt
N2JhZmRlNGM0YjI0LzEvZjltRk5DWDhvVFRZeWpsR3BLTmcwdmcxNWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC83YTg1YzktYzU4YS00ZjhlLTgzYjEtN2JhZmRlNGM0YjI0
LzEvandyYm9tQkpOSE9NZkphU29MT3JlekNvSzdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKwbnwD
BACwbn4DBAC5EtwwDQYJKoZIhvcNAQELBQADggEBAJ0reQJXxOyaV+fnWEkRy6s7
dUnQsENKIR0E8zQDmREzRXRmtRQD+fB5cwc0sxfW9E7sF4ofFy6KSbBwCllgdByl
3nas2LPbtSmLnhybXVS+9xcOMDYN3VcbjUDCVKgzScbsYV8bfMX2JM5Ha/AblFvP
uzxfwThbxMLMkhS+bWEgHC9U9ow/DQDuhHwx8ndbWzBu70mMtOxLMQvfMYKwLt28
jOddj0hBQZCdbAzlk03G4z9MzP6W23k73mLm2Gz2W02djqFdSF32RKInp/aqQsdP
aMsGmHir4GX9nz+mlx+T9F5dqYeP9o7htFyZtp215Wwu0Y+2MFQ6cZsnxsGLTLM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:20:36 2025 by rpki-client